False positives during vulnerability check

[fwkz]

More details:
https://www.reddit.com/r/netsec/comments/4gc0f8/routersploit_router_exploitation_framework/d2gh4gl

[MatthewHKnight]

I'd possibly have to agree with some false positives I was testing a ASUS RT-AC68U firmware 3.0.0.4.378_9313 It claims the router is vulnerable to;
exploits/dlink/dwr_932_info_disclosure
exploits/dlink/dns_320l_327l_rce
exploits/asmax/ar_804_gu_rce
it outputs a
cmd >
so unless it's some kinda file inclusion then i'm not 100% it's correct on the router being vulnerable.
for example;
[+] Device is vulnerable!

• exploits/dlink/dwr_932_info_disclosure
• exploits/dlink/dns_320l_327l_rce
• exploits/asmax/ar_804_gu_rce
  rsf (AutoPwn) > use exploits/dlink/dns_320l_327l_rce
  rsf (D-LINK DNS-320L & DIR-327L RCE) > set target 192.168.1.1
  [+] {'target': '192.168.1.1'}
  rsf (D-LINK DNS-320L & DIR-327L RCE) > check
  [+] Target is vulnerable
  rsf (D-LINK DNS-320L & DIR-327L RCE) > run
  [] Running module...
  [+] Target is vulnerable
  [] Invoking command loop...
  cmd > ?
  < HTML>< HEAD>< script >location.href='/cloud_sync.asp?flag=cgi-bin/gdrive.cgi?cmd=4&f_gaccount=;?;echo%20

[lucyoa]

Ok I pushed 2ec62d3
@MatthewHKnight could you check if it works for you?

Now command injection is verfied by simple math expression.

[MatthewHKnight]

@lucyoa It appears to be fixed now no longer getting that as a false positive report on my router.
Anyone still having that issue type:
cd routersploit
git pull
and then redo the attack shouldn't show these on a non-vulnerable router.