Land #18985, Fixes store_valid_credential conditional logic

rapid7 · Mar 21, 2024 · 3de8b02 · 3de8b02
2 parents 3af4358 + d750ea1
commit 3de8b02
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/modules/exploits/unix/webapp/wp_admin_shell_upload.rb b/modules/exploits/unix/webapp/wp_admin_shell_upload.rb
@@ -42,10 +42,10 @@ def initialize(info = {})
   def check
     cookie = wordpress_login(username, password)
     if cookie.nil?
-      store_valid_credential(user: username, private: password, proof: cookie)
       return CheckCode::Safe
     end
 
+    store_valid_credential(user: username, private: password, proof: cookie)
     CheckCode::Appears
   end