diff --git a/modules/exploits/multi/http/netwin_surgeftp_exec.rb b/modules/exploits/multi/http/netwin_surgeftp_exec.rb
index 1113a2f973..daafbdb326 100644
--- a/modules/exploits/multi/http/netwin_surgeftp_exec.rb
+++ b/modules/exploits/multi/http/netwin_surgeftp_exec.rb
@@ -49,7 +49,16 @@ class Metasploit3 < Msf::Exploit::Remote
 				OptString.new('PASSWORD', [ true, 'The password for the specified username', 'password' ]),
 				OptString.new('FOLDER',   [ true, 'The folder to write to for Windows target', 'C:\\Windows\\Temp\\'])
 			], self.class)
+	end
 
+	def check
+		res = send_request_raw({'uri'=>'/cgi/surgeftpmgr.cgi'})
+		print_line(Rex::Text.to_hex_dump(res.body))
+		if res and res.body =~ /surgeftp\x20\x0d\x0a\x20\x20Manager CGI/
+			return Exploit::CheckCode::Detected
+		else
+			return Exploit::CheckCode::Safe
+		end
 	end
 
 	def execute_command(cmd, opts)