Metasploit VulnAttempt Model to Expose Check Code Details for User Visibility

A feature request within the Metasploit Framework's development pipeline calls for a significant enhancement to vulnerability data reporting. The proposal is to add check code details directly to the `VulnAttempt` model. This change would allow the framework to surface granular, technical confirmation data to users, moving beyond simple vulnerability flags. The example provided shows a `vulns -v` command output where a check for the 'ElasticSearch Snapshot API Directory Traversal' (CVE-2015-5531) returns a `Check Code` of 'appears' and a `Check Detail` stating 'Successfully created snapshot repositories, suggesting the Snapshot API is vulnerable.' Currently, this rich diagnostic information is not formally captured in the model for structured presentation.

This enhancement directly impacts security operators and penetration testers who rely on Metasploit for accurate vulnerability validation. The `Check Code` and `Check Detail` fields are critical outputs from auxiliary modules like `auxiliary/scanner/http/elasticsearch_traversal`. They provide the evidentiary basis for a 'confirmed' status, distinguishing between a potential and a verified flaw. Integrating this data into the core model standardizes reporting and improves audit trails, making the tool's findings more transparent and actionable for report generation and decision-making.

The implementation would refine the intelligence workflow within the framework. By formally logging the method of confirmation—such as the successful creation of snapshot repositories in this Elasticsearch case—users gain deeper insight into the attack surface and the specific exploit path validated. This addresses a gap in forensic detail, ensuring that the 'why' behind a vulnerability flag is persistently stored and readily accessible, enhancing the tool's utility for both offensive security operations and defensive posture assessment.