Merge pull request rapid7#21354 from adfoster-r7/improve-checkcode-messages-7

Add human-readable descriptions to CheckCode returns in modules

Author: cgranleese-r7

modules/exploits/multi/http/pandora_upload_exec.rb

@@ -72,16 +72,16 @@ def check
       if res and res.code == 200
         # Tested on v3.1 Build PC100609 and PC100608
         if res.body.include?("v3.1 Build PC10060")
-          return Exploit::CheckCode::Appears
+          return Exploit::CheckCode::Appears('The target appears to be a vulnerable version')
         elsif res.body.include?("Pandora")
-          return Exploit::CheckCode::Detected
+          return Exploit::CheckCode::Detected('The target application was detected but the version could not be confirmed as vulnerable')
         end
       end
-      return Exploit::CheckCode::Safe
+      return Exploit::CheckCode::Safe('The target is not running a vulnerable version')
     rescue ::Rex::ConnectionError
       vprint_error("Connection failed")
     end
-    return Exploit::CheckCode::Unknown
+    return Exploit::CheckCode::Unknown('Could not connect to the target')
   end
 
   # upload a payload using the pandora built-in file upload

modules/exploits/multi/http/papercut_ng_auth_bypass.rb

@@ -202,10 +202,10 @@ def check
     # For the check command
     bypass_success = bypass_auth
     if bypass_success.nil?
-      return Exploit::CheckCode::Safe
+      return Exploit::CheckCode::Safe('The target is not vulnerable')
     end
 
-    return Exploit::CheckCode::Vulnerable
+    return Exploit::CheckCode::Vulnerable('Successfully verified the authentication bypass')
   end
 
   def exploit

modules/exploits/multi/http/pentaho_business_server_authbypass_and_ssti.rb

@@ -124,12 +124,12 @@ def check
       'uri' => normalize_uri(target_uri.path, 'api', 'ldap', 'config', 'ldapTreeNodeChildren', "require#{post_require_mixup}#{period_mixup}js")
     )
 
-    return Exploit::CheckCode::Unknown unless res
+    return Exploit::CheckCode::Unknown('Could not authenticate to the target') unless res
 
     if res.code == 200 && res.body == '{}'
-      Exploit::CheckCode::Appears
+      Exploit::CheckCode::Appears('The target appears to be vulnerable based on the response')
     else
-      Exploit::CheckCode::Safe
+      Exploit::CheckCode::Safe('The target is not vulnerable')
     end
   end
 

modules/exploits/multi/http/phoenix_exec.rb

@@ -56,10 +56,10 @@ def check
     test = Rex::Text.rand_text_alpha(8)
     res = http_send_command("echo \"#{test}\";")
     if res && res.body.include?(test)
-      return Exploit::CheckCode::Vulnerable
+      return Exploit::CheckCode::Vulnerable('Successfully verified remote code execution')
     end
 
-    Exploit::CheckCode::Safe
+    Exploit::CheckCode::Safe('The target is not vulnerable')
   end
 
   def exploit

modules/exploits/multi/http/php_cgi_arg_injection.rb

@@ -86,7 +86,7 @@ def check
     return CheckCode::Unknown('Connection failed.') unless response
 
     if response.code == 200 && response.body.to_s.lstrip =~ /^<code><span style/i
-      return CheckCode::Vulnerable
+      return CheckCode::Vulnerable('The target is vulnerable')
     end
 
     if datastore['PLESK'] && response.code == 500

modules/exploits/multi/http/php_fpm_rce.rb

@@ -379,7 +379,7 @@ def check
 
     print_good("Parameters found: QSL=#{@params[:qsl]}, customh_length=#{@params[:customh_length]}")
     print_good('Target is vulnerable!')
-    CheckCode::Vulnerable
+    CheckCode::Vulnerable('The target is vulnerable')
   ensure
     disconnect(client) if client&.conn?
   end

modules/exploits/multi/http/php_utility_belt_rce.rb

@@ -60,9 +60,9 @@ def check
     res = http_send_command("echo #{txt};")
 
     if res && res.body.include?(txt)
-      Exploit::CheckCode::Vulnerable
+      Exploit::CheckCode::Vulnerable('Successfully verified arbitrary PHP code execution')
     else
-      Exploit::CheckCode::Safe
+      Exploit::CheckCode::Safe('The target is not vulnerable')
     end
   end
 

modules/exploits/multi/http/phpfilemanager_rce.rb

@@ -63,9 +63,9 @@ def check
     res = http_send_command("echo #{txt}")
 
     if res && res.body =~ /#{txt}/
-      return Exploit::CheckCode::Vulnerable
+      return Exploit::CheckCode::Vulnerable('Successfully verified remote command execution vulnerability')
     else
-      return Exploit::CheckCode::Safe
+      return Exploit::CheckCode::Safe('The target is not vulnerable')
     end
   end
 

modules/exploits/multi/http/phpldapadmin_query_engine.rb

@@ -69,10 +69,10 @@ def check
     )
 
     if (res and res.body =~ /phpLDAPadmin \(1\.2\.[0|1]\.\d/i)
-      return Exploit::CheckCode::Appears
+      return Exploit::CheckCode::Appears('The target appears to be vulnerable based on the response')
     end
 
-    return Exploit::CheckCode::Safe
+    return Exploit::CheckCode::Safe('The target is not vulnerable')
   end
 
   def get_session

modules/exploits/multi/http/phpmoadmin_exec.rb

@@ -63,10 +63,10 @@ def check
     })
 
     if res and res.body.include?(testrun)
-      return Exploit::CheckCode::Vulnerable
+      return Exploit::CheckCode::Vulnerable('The target is vulnerable')
     end
 
-    Exploit::CheckCode::Safe
+    Exploit::CheckCode::Safe('The target is not vulnerable')
   end
 
   def exploit