From aacd14ae45eca711208b8868a6221be91af94bc7 Mon Sep 17 00:00:00 2001
From: m-1-k-3 <github@s3cur1ty.de>
Date: Sat, 23 Mar 2013 21:31:08 +0100
Subject: [PATCH] version removed, encode params removed

---
 modules/auxiliary/admin/http/linksys_traversal.rb | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/modules/auxiliary/admin/http/linksys_traversal.rb b/modules/auxiliary/admin/http/linksys_traversal.rb
index 8b896303dd..bffc69d817 100644
--- a/modules/auxiliary/admin/http/linksys_traversal.rb
+++ b/modules/auxiliary/admin/http/linksys_traversal.rb
@@ -15,7 +15,6 @@ class Metasploit3 < Msf::Auxiliary
 	def initialize
 		super(
 			'Name'        => 'Linksys Directory Traversal Vulnerability',
-			'Version'     => '$$',
 			'Description' => %q{
 				This module exploits a directory traversal vulnerablity which is present in different
 				Linksys home routers like the E1500.
@@ -64,7 +63,7 @@ class Metasploit3 < Msf::Auxiliary
 			'method'  => 'POST',
 			'uri'     => uri,
 			'authorization' => basic_auth(user,pass),
-			'encode_params' => false,
+			#'encode_params' => false,
 			'vars_post' => {
 				"submit_type" => "wsc_method2",
 				"change_action" => "gozila_cgi",
@@ -73,6 +72,7 @@ class Metasploit3 < Msf::Auxiliary
 		})
 		#puts res.body.length
 		#puts res
+		#without res.body.length we get lots of false positives
 		if (res and res.code == 200 and res.body.length > 10)
 			print_good("#{rhost}:#{rport} - Request may have succeeded on file #{file}")
 			report_web_vuln({