Fix webdav upload php false positive

Author: sjanusz-r7

modules/exploits/multi/http/webdav_upload_php.rb

@@ -163,6 +163,16 @@ def check
       return Exploit::CheckCode::Unknown("Target responded with unexpected HTTP status #{res.code}")
     end
 
+    correct_message = res.message == 'OK'
+    header_url_regex = %r{^\d,\d, <http://apache.org/dav/propset/fs/\d>$}
+    correct_header = res.headers['DAV'].match?(header_url_regex)
+
+    unless correct_message && correct_header
+      print_error "Target responded with an unknown message: '#{res.message}', should be 'OK'" unless correct_message
+      print_error "Target responded with an unknown DAV header: '#{res.headers['DAV']}', should be '#{header_url_regex}'" unless correct_header
+      return Exploit::CheckCode::Unknown('Target responded with unexpected message and/or header')
+    end
+
     # Record results!
     opts, service = report_webdav_service(res, res_creds)