From bbb152a6d833ea4176b803e7d8f79ddb04f9418d Mon Sep 17 00:00:00 2001 From: Andrea Cardaci Date: Tue, 17 Mar 2020 19:02:34 +0100 Subject: [PATCH] Update modules/exploits/multi/http/horde_csv_rce.rb Co-Authored-By: Shelby Pace <40177151+space-r7@users.noreply.github.com> --- modules/exploits/multi/http/horde_csv_rce.rb | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/modules/exploits/multi/http/horde_csv_rce.rb b/modules/exploits/multi/http/horde_csv_rce.rb index 2318633132..8e4b058ec6 100644 --- a/modules/exploits/multi/http/horde_csv_rce.rb +++ b/modules/exploits/multi/http/horde_csv_rce.rb @@ -98,12 +98,12 @@ class MetasploitModule < Msf::Exploit::Remote if check # deliver the payload and return the body res = send_request_cgi(options) - if not res or res.code != 200 + unless res && res.code == 200 fail_with(Failure::UnexpectedReply, 'Cannot execute the payload') - else - vprint_good('Payload executed successfully') - return res.body end + + vprint_good('Payload executed successfully') + return res.body else # deliver the payload in a a new thread since the meterpreter payload does # not terminate when successful this allows to poll for session creation