From 873cbcee27263af5ba3fcd0be4e79ab68fc720d8 Mon Sep 17 00:00:00 2001
From: William Vu <William_Vu@rapid7.com>
Date: Wed, 25 Apr 2018 18:08:38 -0500
Subject: [PATCH] Fix #9876, minor updates to Drupalgeddon 2

1. Tested versions are already listed in the module doc, and we've
tested more than just 7.57 and 8.4.5 now. Removing a source of potential
inconsistency in the future.
2. No problem with ivars anymore. No idea what happened, but maybe I was
just too tired to code. Removing cleanup method.
---
 modules/exploits/unix/webapp/drupal_drupalgeddon2.rb | 12 ------------
 1 file changed, 12 deletions(-)

diff --git a/modules/exploits/unix/webapp/drupal_drupalgeddon2.rb b/modules/exploits/unix/webapp/drupal_drupalgeddon2.rb
index f7e2c09cc9..59bce898c4 100644
--- a/modules/exploits/unix/webapp/drupal_drupalgeddon2.rb
+++ b/modules/exploits/unix/webapp/drupal_drupalgeddon2.rb
@@ -19,8 +19,6 @@ class MetasploitModule < Msf::Exploit::Remote
         This module exploits a Drupal property injection in the Forms API.
 
         Drupal 6.x, < 7.58, 8.2.x, < 8.3.9, < 8.4.6, and < 8.5.1 are vulnerable.
-
-        Tested on 7.57 and 8.4.5.
       },
       'Author'         => [
         'Jasper Mattsson', # Vulnerability discovery
@@ -201,16 +199,6 @@ class MetasploitModule < Msf::Exploit::Remote
     end
   end
 
-  # XXX: Ivars are being preserved
-  def cleanup
-    begin
-      remove_instance_variable(:@version)
-    rescue NameError
-    end
-
-    super
-  end
-
   def dropper_assert
     php_file = Pathname.new(
       "#{datastore['WritableDir']}/#{random_crap}.php"