From e9a7ceaf1c1ebe2cc71cef02383a63d266adb6aa Mon Sep 17 00:00:00 2001
From: Brendan Coles <bcoles@gmail.com>
Date: Mon, 28 Oct 2019 03:24:20 +0000
Subject: [PATCH] Use CheckCode.message - Fix #12499

---
 modules/auxiliary/scanner/http/elasticsearch_traversal.rb | 2 +-
 modules/post/multi/recon/local_exploit_suggester.rb       | 6 +++---
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/modules/auxiliary/scanner/http/elasticsearch_traversal.rb b/modules/auxiliary/scanner/http/elasticsearch_traversal.rb
index a3f444c47e..041dcceef7 100644
--- a/modules/auxiliary/scanner/http/elasticsearch_traversal.rb
+++ b/modules/auxiliary/scanner/http/elasticsearch_traversal.rb
@@ -89,7 +89,7 @@ class MetasploitModule < Msf::Auxiliary
     vprint_status("Checking if it's a vulnerable ElasticSearch")
 
     check_code = check_host(ip)
-    print_status("#{check_code.second}")
+    print_status("#{check_code.message}")
     if check_host(ip) != Exploit::CheckCode::Appears
       return
     end
diff --git a/modules/post/multi/recon/local_exploit_suggester.rb b/modules/post/multi/recon/local_exploit_suggester.rb
index e55bd19be4..f172090716 100644
--- a/modules/post/multi/recon/local_exploit_suggester.rb
+++ b/modules/post/multi/recon/local_exploit_suggester.rb
@@ -127,13 +127,13 @@ class MetasploitModule < Msf::Post
 
         # See def is_check_interesting?
         unless is_check_interesting? checkcode
-          vprint_status "#{m.fullname}: #{checkcode.second}"
+          vprint_status "#{m.fullname}: #{checkcode.message}"
           next
         end
 
         # Prints the full name and the checkcode message for the exploit
-        print_good "#{m.fullname}: #{checkcode.second}"
-        results << [m.fullname, checkcode.second]
+        print_good "#{m.fullname}: #{checkcode.message}"
+        results << [m.fullname, checkcode.message]
 
         # If the datastore option is true, a detailed description will show
         next unless datastore['SHOWDESCRIPTION']