From d43380330e509c6cbbc1f7bacc5fd48593ad3e0e Mon Sep 17 00:00:00 2001
From: Brandon Perry <bperry.volatile@gmail.com>
Date: Wed, 31 Aug 2016 17:18:28 -0400
Subject: [PATCH] Update zabbix_toggleids_sqli.rb

---
 .../auxiliary/gather/zabbix_toggleids_sqli.rb | 43 ++++++++++++++++---
 1 file changed, 37 insertions(+), 6 deletions(-)

diff --git a/modules/auxiliary/gather/zabbix_toggleids_sqli.rb b/modules/auxiliary/gather/zabbix_toggleids_sqli.rb
index 465a07bba1..68c62589a9 100644
--- a/modules/auxiliary/gather/zabbix_toggleids_sqli.rb
+++ b/modules/auxiliary/gather/zabbix_toggleids_sqli.rb
@@ -60,7 +60,11 @@ class MetasploitModule < Msf::Auxiliary
     end
 
     match = /#{left_marker}(.*)#{right_marker}/.match(res.body)
-
+    
+    unless match
+      fail_with(Failure::Unknown, 'Server did not respond in an expected way')
+    end
+    
     if match[1] == flag
       return Msf::Exploit::CheckCode::Vulnerable
     end
@@ -87,6 +91,10 @@ class MetasploitModule < Msf::Auxiliary
 
     match = /#{left_marker}(.*)#{right_marker}/.match(res.body)
 
+    unless match
+      fail_with(Failure::Unknown, 'Server did not respond in an expected way')
+    end
+    
     count = match[1].to_i
 
     dbs = []
@@ -104,7 +112,11 @@ class MetasploitModule < Msf::Auxiliary
       end
 
       match = /#{left_marker}(.*)#{right_marker}/.match(res.body)
-
+      
+      unless match
+        fail_with(Failure::Unknown, 'Server did not respond in an expected way')
+      end
+    
       dbs << match[1]
     end
 
@@ -129,6 +141,10 @@ class MetasploitModule < Msf::Auxiliary
 
       match = /#{left_marker}(.*)#{right_marker}/.match(res.body)
 
+      unless match
+        fail_with(Failure::Unknown, 'Server did not respond in an expected way')
+      end
+
       count = match[1].to_i
 
       0.upto(count-1) do |cur|
@@ -146,6 +162,11 @@ class MetasploitModule < Msf::Auxiliary
           end
 
           match = /#{left_marker}(.*)#{right_marker}/.match(res.body)
+          
+          unless match
+            fail_with(Failure::Unknown, 'Server did not respond in an expected way')
+          end
+          
           user[col] = match[1]
         end
         users << user
@@ -169,8 +190,13 @@ class MetasploitModule < Msf::Auxiliary
 
    cookies = res.get_cookies
 
-   res.body =~ /name="sid" value="(.*?)">/
-   sid = $1
+   match = /name="sid" value="(.*?)">/.match(res.body)
+   
+   unless match
+     fail_with(Failure::Unknown, 'Server did not respond in an expected way')
+   end
+   
+   sid = match[1]
 
    if datastore['REQUIREAUTH']
 
@@ -208,8 +234,13 @@ class MetasploitModule < Msf::Auxiliary
        end
 
        cookies = res.get_cookies
-       res.body =~ /name="sid" value="(.*?)">/
-       sid = $1
+       match = /name="sid" value="(.*?)">/.match(res.body)
+   
+       unless match
+         fail_with(Failure::Unknown, 'Server did not respond in an expected way')
+       end
+   
+       sid = match[1]
      elsif
        fail_with(Failure::Unknown, 'Server did not respond in an expected way')
      end