Add human-readable descriptions to CheckCode returns in modules

modules/exploits/unix/webapp/actualanalyzer_ant_cookie_exec.rb

@@ -70,19 +70,19 @@ def check
     res = send_request_raw('uri' => normalize_uri(target_uri.path, 'aa.php'))
     if !res
       vprint_error("Connection failed")
-      return Exploit::CheckCode::Unknown
+      return Exploit::CheckCode::Unknown('Could not determine the target status')
     elsif res.code == 404
       vprint_error("Could not find aa.php")
-      return Exploit::CheckCode::Safe
+      return Exploit::CheckCode::Safe('The target is not vulnerable')
     elsif res.code == 200 && res.body =~ /ActualAnalyzer Lite/ && res.body =~ /Admin area<\/title>/
       vprint_error("ActualAnalyzer is not installed. Try installing first.")
-      return Exploit::CheckCode::Detected
+      return Exploit::CheckCode::Detected('The target service was detected')
     end
     # check version
     res = send_request_raw('uri' => normalize_uri(target_uri.path, 'view.php'))
     if !res
       vprint_error("Connection failed")
-      return Exploit::CheckCode::Unknown
+      return Exploit::CheckCode::Unknown('Could not determine the target status')
     elsif res.code == 200 && /title="ActualAnalyzer Lite \(free\) (?<version>[\d\.]+)"/ =~ res.body
       vprint_status("Found version: #{version}")
       if Rex::Version.new(version) <= Rex::Version.new('2.81')
@@ -92,13 +92,13 @@ def check
           info: "Module #{fullname} detected ActualAnalyzer #{version}",
           refs: references
         )
-        return Exploit::CheckCode::Vulnerable
+        return Exploit::CheckCode::Vulnerable('The target is vulnerable')
       end
-      return Exploit::CheckCode::Detected
+      return Exploit::CheckCode::Detected('The target service was detected')
     elsif res.code == 200 && res.body =~ /ActualAnalyzer Lite/
-      return Exploit::CheckCode::Detected
+      return Exploit::CheckCode::Detected('The target service was detected')
     end
-    Exploit::CheckCode::Safe
+    Exploit::CheckCode::Safe('The target is not vulnerable')
   end
 
   #

modules/exploits/unix/webapp/ajenti_auth_username_cmd_injection.rb

@@ -59,11 +59,11 @@ def check
 
     unless res
       vprint_error 'Connection failed'
-      return CheckCode::Unknown
+      return CheckCode::Unknown('Could not determine the target status')
     end
 
     unless res.body =~ /ajenti/i
-      return CheckCode::Safe
+      return CheckCode::Safe('The target is not vulnerable')
     end
 
     version = res.body.scan(/'ajentiVersion', '([\d\.]+)'/).flatten.first
@@ -73,10 +73,10 @@ def check
     end
 
     if version == '2.1.31'
-      return CheckCode::Appears
+      return CheckCode::Appears("Version #{version} appears to be vulnerable")
     end
 
-    CheckCode::Detected
+    CheckCode::Detected("Detected version #{version}")
   end
 
   def exploit

modules/exploits/unix/webapp/arkeia_upload_exec.rb

@@ -71,13 +71,13 @@ def check
     if res and res.code == 200 and res.body =~ /v(\d+\.\d+\.\d+)/
       version = $1
     else
-      return Exploit::CheckCode::Unknown
+      return Exploit::CheckCode::Unknown('Could not determine the target status')
     end
 
     vprint_status("Version #{version} detected")
 
     if version > "10.0.10"
-      return Exploit::CheckCode::Safe
+      return Exploit::CheckCode::Safe("Version #{version} is not vulnerable")
     end
 
     # Check for vulnerable component
@@ -90,10 +90,10 @@ def check
     })
 
     if res and res.code == 200 and res.body =~ /Les versions brutes des messages est affichee ci-dessous/
-      return Exploit::CheckCode::Appears
+      return Exploit::CheckCode::Appears("Version #{version} appears to be vulnerable")
     end
 
-    return Exploit::CheckCode::Safe
+    return Exploit::CheckCode::Safe("Version #{version} is not vulnerable")
   end
 
   def exploit

modules/exploits/unix/webapp/awstats_configdir_exec.rb

@@ -66,10 +66,10 @@ def check
     }, 25)
 
     if (res and res.body.match(/localhost/))
-      return Exploit::CheckCode::Vulnerable
+      return Exploit::CheckCode::Vulnerable('The target is vulnerable')
     end
 
-    return Exploit::CheckCode::Safe
+    return Exploit::CheckCode::Safe('The target is not vulnerable')
   end
 
   def exploit

modules/exploits/unix/webapp/awstats_migrate_exec.rb

@@ -70,10 +70,10 @@ def check
     }, 25)
 
     if (res and res.body.match(/localhost/))
-      return Exploit::CheckCode::Vulnerable
+      return Exploit::CheckCode::Vulnerable('The target is vulnerable')
     end
 
-    return Exploit::CheckCode::Safe
+    return Exploit::CheckCode::Safe('The target is not vulnerable')
   end
 
   def exploit

modules/exploits/unix/webapp/awstatstotals_multisort.rb

@@ -64,10 +64,10 @@ def check
     }, 25)
 
     if (res and res.body.match(/localhost/))
-      return Exploit::CheckCode::Vulnerable
+      return Exploit::CheckCode::Vulnerable('The target is vulnerable')
     end
 
-    return Exploit::CheckCode::Safe
+    return Exploit::CheckCode::Safe('The target is not vulnerable')
   end
 
   def exploit

modules/exploits/unix/webapp/barracuda_img_exec.rb

@@ -66,10 +66,10 @@ def check
     }, 25)
 
     if (res and res.body.match(/localhost/))
-      return Exploit::CheckCode::Vulnerable
+      return Exploit::CheckCode::Vulnerable('The target is vulnerable')
     end
 
-    return Exploit::CheckCode::Safe
+    return Exploit::CheckCode::Safe('The target is not vulnerable')
   end
 
   def exploit

modules/exploits/unix/webapp/basilic_diff_exec.rb

@@ -75,10 +75,10 @@ def check
     })
 
     if res and res.code == 200 and res.body =~ /#{sig}/
-      return Exploit::CheckCode::Vulnerable
+      return Exploit::CheckCode::Vulnerable('The target is vulnerable')
     end
 
-    return Exploit::CheckCode::Safe
+    return Exploit::CheckCode::Safe('The target is not vulnerable')
   end
 
   def exploit

modules/exploits/unix/webapp/byob_unauth_rce.rb

@@ -128,11 +128,11 @@ def check
     })
 
     if res&.code == 500
-      return CheckCode::Vulnerable
+      return CheckCode::Vulnerable('The target is vulnerable')
     else
       case res&.code
       when 200
-        return CheckCode::Safe
+        return CheckCode::Safe('The target is not vulnerable')
       when nil
         return CheckCode::Unknown('The target did not respond.')
       else

modules/exploits/unix/webapp/carberp_backdoor_exec.rb

@@ -59,10 +59,10 @@ def check
     confirm_string = rand_text_alpha(8)
     cmd = "echo '#{confirm_string}';"
     shell = http_send_command(cmd)
-    check_code = Exploit::CheckCode::Safe
+    check_code = Exploit::CheckCode::Safe('The target is not vulnerable')
 
     if shell and shell.body.include?(confirm_string)
-      check_code = Exploit::CheckCode::Vulnerable
+      check_code = Exploit::CheckCode::Vulnerable('The target is vulnerable')
     end
 
     check_code

modules/exploits/unix/webapp/citrix_access_gateway_exec.rb

@@ -95,10 +95,10 @@ def check
     post("ping -c 10 127.0.0.1", false)
     elapsed = Time.now - start
     if elapsed >= 3
-      return Exploit::CheckCode::Vulnerable
+      return Exploit::CheckCode::Vulnerable('The target is vulnerable')
     end
 
-    return Exploit::CheckCode::Safe
+    return Exploit::CheckCode::Safe('The target is not vulnerable')
   end
 
   def exploit

modules/exploits/unix/webapp/clipbucket_upload_exec.rb

@@ -70,18 +70,18 @@ def check
     if res and res.code == 200 and res.body =~ /ClipBucket version (\d+\.\d+)/
       version = $1
     else
-      return Exploit::CheckCode::Unknown
+      return Exploit::CheckCode::Unknown('Could not determine the target status')
     end
 
     vprint_status("Version #{version} detected")
 
     if version > "2.6"
-      return Exploit::CheckCode::Safe
+      return Exploit::CheckCode::Safe("Version #{version} is not vulnerable")
     else
-      return Exploit::CheckCode::Appears
+      return Exploit::CheckCode::Appears("Version #{version} appears to be vulnerable")
     end
 
-    return Exploit::CheckCode::Safe
+    return Exploit::CheckCode::Safe("Version #{version} is not vulnerable")
   end
 
   def exploit

modules/exploits/unix/webapp/coppermine_piceditor.rb

@@ -77,10 +77,10 @@ def check
     }, 25)
 
     if (res and res.body =~ /Coppermine Picture Editor/i)
-      return Exploit::CheckCode::Appears
+      return Exploit::CheckCode::Appears('The target appears to be vulnerable')
     end
 
-    return Exploit::CheckCode::Safe
+    return Exploit::CheckCode::Safe('The target is not vulnerable')
   end
 
   def exploit

modules/exploits/unix/webapp/datalife_preview_exec.rb

@@ -84,9 +84,9 @@ def check
     res = send_injection("#{rand_text_alpha(4 + rand(4))}')||printf(\"#{fingerprint}\");//")
 
     if res and res.code == 200 and res.body =~ /#{fingerprint}/
-      return Exploit::CheckCode::Vulnerable
+      return Exploit::CheckCode::Vulnerable('The target is vulnerable')
     else
-      return Exploit::CheckCode::Safe
+      return Exploit::CheckCode::Safe('The target is not vulnerable')
     end
   end
 

modules/exploits/unix/webapp/dogfood_spell_exec.rb

@@ -69,10 +69,10 @@ def check
     )
 
     if (res and res.body =~ /Spell Check complete/)
-      return Exploit::CheckCode::Detected
+      return Exploit::CheckCode::Detected('The target service was detected')
     end
 
-    return Exploit::CheckCode::Safe
+    return Exploit::CheckCode::Safe('The target is not vulnerable')
   end
 
   def exploit

modules/exploits/unix/webapp/drupal_coder_exec.rb

@@ -74,9 +74,9 @@ def check
     )
 
     if res && res.body.include?('file parameter is not setNo path to parameter file')
-      Exploit::CheckCode::Appears
+      Exploit::CheckCode::Appears('The target appears to be vulnerable')
     else
-      Exploit::CheckCode::Safe
+      Exploit::CheckCode::Safe('The target is not vulnerable')
     end
   end
 

modules/exploits/unix/webapp/drupal_drupalgeddon2.rb

@@ -180,7 +180,7 @@ def initialize(info = {})
   end
 
   def check
-    checkcode = CheckCode::Unknown
+    checkcode = CheckCode::Unknown('Could not determine the target status')
 
     @version = target['Version'] || drupal_version
 
@@ -190,7 +190,7 @@ def check
     end
 
     vprint_status("Drupal #{@version} targeted at #{full_uri}")
-    checkcode = CheckCode::Detected
+    checkcode = CheckCode::Detected("Detected version #{@version}")
 
     changelog = drupal_changelog(@version)
 
@@ -204,10 +204,10 @@ def check
       vprint_warning('CHANGELOG.txt no longer contains patch level')
     when true
       vprint_warning('Drupal appears patched in CHANGELOG.txt')
-      checkcode = CheckCode::Safe
+      checkcode = CheckCode::Safe("Version #{@version} is not vulnerable")
     when false
       vprint_good('Drupal appears unpatched in CHANGELOG.txt')
-      checkcode = CheckCode::Appears
+      checkcode = CheckCode::Appears("Version #{@version} appears to be vulnerable")
     end
 
     # NOTE: Exploiting the vuln will move us from "Safe" to Vulnerable
@@ -218,7 +218,7 @@ def check
 
     if res.body.start_with?(token)
       vprint_good('Drupal is vulnerable to code execution')
-      checkcode = CheckCode::Vulnerable
+      checkcode = CheckCode::Vulnerable("Detected vulnerable version #{@version}")
     end
 
     checkcode

modules/exploits/unix/webapp/drupal_restws_exec.rb

@@ -71,9 +71,9 @@ def check
     )
 
     if res && res.body.include?(r)
-      Exploit::CheckCode::Vulnerable
+      Exploit::CheckCode::Vulnerable('The target is vulnerable')
     else
-      Exploit::CheckCode::Safe
+      Exploit::CheckCode::Safe('The target is not vulnerable')
     end
   end
 

modules/exploits/unix/webapp/drupal_restws_unserialize.rb

@@ -93,7 +93,7 @@ def initialize(info = {})
   end
 
   def check
-    checkcode = CheckCode::Unknown
+    checkcode = CheckCode::Unknown('Could not determine the target status')
 
     version = drupal_version
 
@@ -104,11 +104,11 @@ def check
 
     if version.to_s !~ /^8\b/
       vprint_error("Drupal #{version} is not supported")
-      return CheckCode::Safe
+      return CheckCode::Safe("Version #{version} is not vulnerable")
     end
 
     vprint_status("Drupal #{version} targeted at #{full_uri}")
-    checkcode = CheckCode::Detected
+    checkcode = CheckCode::Detected("Detected version #{version}")
 
     changelog = drupal_changelog(version)
 
@@ -122,10 +122,10 @@ def check
       vprint_warning('CHANGELOG.txt no longer contains patch level')
     when true
       vprint_warning('Drupal appears patched in CHANGELOG.txt')
-      checkcode = CheckCode::Safe
+      checkcode = CheckCode::Safe("Version #{version} is not vulnerable")
     when false
       vprint_good('Drupal appears unpatched in CHANGELOG.txt')
-      checkcode = CheckCode::Appears
+      checkcode = CheckCode::Appears("Version #{version} appears to be vulnerable")
     end
 
     # Any further with GET and we risk caching the targeted node
@@ -139,7 +139,7 @@ def check
 
     if res.body.include?(token)
       vprint_good('Drupal is vulnerable to code execution')
-      checkcode = CheckCode::Vulnerable
+      checkcode = CheckCode::Vulnerable("Detected vulnerable version #{version}")
     end
 
     checkcode

modules/exploits/unix/webapp/egallery_upload_exec.rb

@@ -68,9 +68,9 @@ def check
     })
 
     if res and res.code == 200 and res.body.empty?
-      return Exploit::CheckCode::Appears
+      return Exploit::CheckCode::Appears('The target appears to be vulnerable')
     else
-      return Exploit::CheckCode::Safe
+      return Exploit::CheckCode::Safe('The target is not vulnerable')
     end
   end