Clean up previous modules

Missed in 35670713ff.
2018-08-30 13:06:51 -05:00 · 2018-08-30 13:06:51 -05:00 · 13ff71b879
parent d25aad571f
commit 13ff71b879
2 changed files with 16 additions and 24 deletions
--- a/modules/exploits/unix/fileformat/ghostscript_type_confusion.rb
+++ b/modules/exploits/unix/fileformat/ghostscript_type_confusion.rb
@ -10,18 +10,18 @@ class MetasploitModule < Msf::Exploit

  def initialize(info = {})
    super(update_info(info,
-      'Name'            => 'Ghostscript Type Confusion Arbitrary Command Execution',
-      'Description'     => %q{
+      'Name'           => 'Ghostscript Type Confusion Arbitrary Command Execution',
+      'Description'    => %q{
        This module exploits a type confusion vulnerability in Ghostscript that can
        be exploited to obtain arbitrary command execution. This vulnerability affects
        Ghostscript version 9.21 and earlier and can be exploited through libraries
        such as ImageMagick and Pillow.
      },
-      'Author'          => [
+      'Author'         => [
        'Atlassian Security Team', # Vulnerability discovery
        'hdm'                      # Metasploit module
      ],
-      'References'      => [
+      'References'     => [
        %w{AKA ghostbutt},
        %w{CVE 2017-8291},
        %w{URL https://bugs.ghostscript.com/show_bug.cgi?id=697808},
@ -29,28 +29,18 @@ class MetasploitModule < Msf::Exploit
        %w{URL https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=04b37bbce174eed24edec7ad5b920eb93db4d47d},
        %w{URL https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=4f83478c88c2e05d6e8d79ca4557eb039354d2f3}
      ],
-      'DisclosureDate'  => 'Apr 27 2017',
-      'License'         => MSF_LICENSE,
-      'Platform'        => 'unix',
-      'Arch'            => ARCH_CMD,
-      'Privileged'      => false,
-      'Payload'         => {
-        'BadChars'      => "\x22\x27\x5c)(", # ", ', \, (, and )
-        'Compat'        => {
-          'PayloadType' => 'cmd cmd_bash',
-          'RequiredCmd' => 'generic netcat bash-tcp'
-        }
+      'DisclosureDate' => 'Apr 27 2017',
+      'License'        => MSF_LICENSE,
+      'Platform'       => 'unix',
+      'Arch'           => ARCH_CMD,
+      'Privileged'     => false,
+      'Payload'        => {
+        'BadChars'     => "\x22\x27\x5c)(" # ", ', \, (, and )
      },
-      'Targets'         => [
+      'Targets'        => [
        ['EPS file',  template: 'msf.eps']
      ],
-      'DefaultTarget'   => 0,
-      'DefaultOptions'  => {
-        'PAYLOAD'               => 'cmd/unix/reverse_netcat',
-        'LHOST'                 => Rex::Socket.source_address,
-        'DisablePayloadHandler' => false,
-        'WfsDelay'              => 9001
-      }
+      'DefaultTarget'  => 0
    ))

    register_options([
--- a/modules/exploits/unix/fileformat/imagemagick_delegate.rb
+++ b/modules/exploits/unix/fileformat/imagemagick_delegate.rb
@ -30,6 +30,7 @@ class MetasploitModule < Msf::Exploit
      'Author'         => [
        'stewie',            # Vulnerability discovery
        'Nikolay Ermishkin', # Vulnerability discovery
+        'Tavis Ormandy',     # Vulnerability discovery
        'wvu',               # Metasploit module
        'hdm'                # Metasploit module
      ],
@ -41,7 +42,8 @@ class MetasploitModule < Msf::Exploit
        %w{URL http://seclists.org/oss-sec/2016/q3/682},
        %w{URL https://github.com/ImageMagick/ImageMagick/commit/06c41ab},
        %w{URL https://github.com/ImageMagick/ImageMagick/commit/a347456},
-        %w{URL http://permalink.gmane.org/gmane.comp.security.oss.general/19669}
+        %w{URL http://permalink.gmane.org/gmane.comp.security.oss.general/19669},
+        %w{AKA ImageTragick}
      ],
      'DisclosureDate' => 'May 3 2016',
      'License'        => MSF_LICENSE,