From 0f8efec0019ca560d669449e8beaa764e9a528c0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Cl=C3=A9ment=20Notin?= <clement@notin.org>
Date: Tue, 5 Jul 2016 11:42:03 +0200
Subject: [PATCH] Fix modules broken by @wchen-r7 's
 4275a65407389f2d04d4cf72e788d826eef5760c commit. These modules call check()
 in the exploit() function and expected to get a CheckCode::Vulnerable, now
 that check() returns Appears instead of Vulnerable they always refuse to run.
 I've flipped the logic, based on examples in other modules, now they refuse
 to run only if check() positively returns Safe.

---
 modules/exploits/windows/local/bthpan.rb                    | 2 +-
 modules/exploits/windows/local/mqac_write.rb                | 4 +++-
 modules/exploits/windows/local/ms13_053_schlamperei.rb      | 6 +++---
 modules/exploits/windows/local/ms14_070_tcpip_ioctl.rb      | 2 +-
 .../exploits/windows/local/virtual_box_guest_additions.rb   | 2 +-
 5 files changed, 9 insertions(+), 7 deletions(-)

diff --git a/modules/exploits/windows/local/bthpan.rb b/modules/exploits/windows/local/bthpan.rb
index b084b24773..8f86edb891 100644
--- a/modules/exploits/windows/local/bthpan.rb
+++ b/modules/exploits/windows/local/bthpan.rb
@@ -145,7 +145,7 @@ class MetasploitModule < Msf::Exploit::Local
       fail_with(Failure::None, 'Session is already elevated')
     end
 
-    unless check == Exploit::CheckCode::Vulnerable
+    if check == Exploit::CheckCode::Safe
       fail_with(Failure::NotVulnerable, "Exploit not available on this system")
     end
 
diff --git a/modules/exploits/windows/local/mqac_write.rb b/modules/exploits/windows/local/mqac_write.rb
index 8938107475..c466e1d768 100644
--- a/modules/exploits/windows/local/mqac_write.rb
+++ b/modules/exploits/windows/local/mqac_write.rb
@@ -115,7 +115,9 @@ class MetasploitModule < Msf::Exploit::Local
 
     # Running on Windows XP versions that aren't listed in the supported list
     # results in a BSOD and so we should not let that happen.
-    return unless check == Exploit::CheckCode::Appears
+    if check == Exploit::CheckCode::Safe
+      fail_with(Failure::NotVulnerable, "Exploit not available on this system")
+    end
 
     base_addr = 0xffff
     handle = open_device('\\\\.\\MQAC', 'FILE_SHARE_WRITE|FILE_SHARE_READ', 0, 'OPEN_EXISTING')
diff --git a/modules/exploits/windows/local/ms13_053_schlamperei.rb b/modules/exploits/windows/local/ms13_053_schlamperei.rb
index 3900bcd413..f6f7fef93c 100644
--- a/modules/exploits/windows/local/ms13_053_schlamperei.rb
+++ b/modules/exploits/windows/local/ms13_053_schlamperei.rb
@@ -64,7 +64,7 @@ class MetasploitModule < Msf::Exploit::Local
   def check
     os = sysinfo["OS"]
     unless (os =~ /windows/i)
-      return Exploit::CheckCode::Unknown
+      return Exploit::CheckCode::Safe
     end
 
     file_path = expand_path("%windir%") << "\\system32\\win32k.sys"
@@ -81,7 +81,7 @@ class MetasploitModule < Msf::Exploit::Local
         return Exploit::CheckCode::Appears if revision < 22348
       end
     end
-    return Exploit::CheckCode::Unknown
+    return Exploit::CheckCode::Safe
   end
 
 
@@ -96,7 +96,7 @@ class MetasploitModule < Msf::Exploit::Local
       fail_with(Failure::NoTarget, "Running against 64-bit systems is not supported")
     end
 
-    unless check == Exploit::CheckCode::Vulnerable
+    if check == Exploit::CheckCode::Safe
       fail_with(Failure::NotVulnerable, "Exploit not available on this system")
     end
 
diff --git a/modules/exploits/windows/local/ms14_070_tcpip_ioctl.rb b/modules/exploits/windows/local/ms14_070_tcpip_ioctl.rb
index e1eb99561c..6809b48556 100644
--- a/modules/exploits/windows/local/ms14_070_tcpip_ioctl.rb
+++ b/modules/exploits/windows/local/ms14_070_tcpip_ioctl.rb
@@ -99,7 +99,7 @@ class MetasploitModule < Msf::Exploit::Local
       fail_with(Failure::NoTarget, "Running against 64-bit systems is not supported")
     end
 
-    unless check == Exploit::CheckCode::Vulnerable
+    if check == Exploit::CheckCode::Safe
       fail_with(Failure::NotVulnerable, "Exploit not available on this system")
     end
 
diff --git a/modules/exploits/windows/local/virtual_box_guest_additions.rb b/modules/exploits/windows/local/virtual_box_guest_additions.rb
index 0f4af645c4..fd498565f7 100644
--- a/modules/exploits/windows/local/virtual_box_guest_additions.rb
+++ b/modules/exploits/windows/local/virtual_box_guest_additions.rb
@@ -138,7 +138,7 @@ class MetasploitModule < Msf::Exploit::Local
       fail_with(Failure::NoTarget, "Running against 64-bit systems is not supported")
     end
 
-    unless check == Exploit::CheckCode::Vulnerable
+    if check == Exploit::CheckCode::Safe
       fail_with(Failure::NotVulnerable, "Exploit not available on this system")
     end