Land #4640, @todb-r7's module cleanup

2015-01-26 12:06:17 -06:00 · 2015-01-26 12:06:17 -06:00 · 1e728ca00f
parent 8ad80f1e3f bae19405a7
commit 1e728ca00f
17 changed files with 46 additions and 44 deletions
--- a/modules/auxiliary/gather/huawei_wifi_info.rb
+++ b/modules/auxiliary/gather/huawei_wifi_info.rb
@ -55,16 +55,16 @@ class Metasploit3 < Msf::Auxiliary
    super(update_info(info,
      'Name'           => "Huawei Datacard Information Disclosure Vulnerability",
      'Description'    => %q{
-        This module exploits an un-authenticated information disclosure vulnerability in Huawei
+        This module exploits an unauthenticated information disclosure vulnerability in Huawei
        SOHO routers. The module will gather information by accessing the /api pages where
        authentication is not required, allowing configuration changes as well as information
-        disclosure including any stored SMS.
+        disclosure, including any stored SMS.
      },
      'License'        => MSF_LICENSE,
      'Author'         =>
        [
-          'Jimson K James.',
+          'Jimson K James',
-          '<tomsmaily[at]aczire.com>', # Msf module
+          'Tom James <tomsmaily[at]aczire.com>', # Msf module
        ],
      'References'     =>
        [
--- a/modules/auxiliary/gather/konica_minolta_pwd_extract.rb
+++ b/modules/auxiliary/gather/konica_minolta_pwd_extract.rb
@ -14,10 +14,11 @@ class Metasploit3 < Msf::Auxiliary
  def initialize(info = {})
    super(update_info(info,
      'Name'        => 'Konica Minolta Password Extractor',
-      'Description' => %q(
+      'Description' => %q{
          This module will extract FTP and SMB account usernames and passwords
-        from Konica Minolta mfp devices. Tested models include: C224, C280,
+          from Konica Minolta multifunction printer (MFP) devices. Tested models
-        283, C353, C360, 363, 420, C452,C452, C452, C454e, C554 ),
+          include: C224, C280, 283, C353, C360, 363, 420, C452,C452, C452, C454e, C554
        },
      'Author'      =>
        [
          'Deral "Percentx" Heiland',
--- a/modules/auxiliary/gather/mcafee_epo_xxe.rb
+++ b/modules/auxiliary/gather/mcafee_epo_xxe.rb
@ -18,15 +18,15 @@ class Metasploit3 < Msf::Auxiliary
      off of the filesystem. This properties file contains an encrypted password that is set during
      installation. What is interesting about this password is that it is set as the same password
      as the database 'sa' user and of the admin user created during installation. This password
-      is encrypted with a static key, and is encrypted using a weak cipher at that (ECB). By default,
+      is encrypted with a static key, and is encrypted using a weak cipher (ECB). By default,
-      if installed with a local SQL Server instance, the SQL server is listening on all interfaces.
+      if installed with a local SQL Server instance, the SQL Server is listening on all interfaces.
      Recovering this password allows an attacker to potentially authenticate as the 'sa' SQL Server
      user in order to achieve remote command execution with permissions of the database process. If
-      the administrator has no changed the password for the initially created account since installation,
+      the administrator has not changed the password for the initially created account since installation,
-      the attacker also now has the password for this account. By default, 'admin' is recommended.
+      the attacker will have the password for this account. By default, 'admin' is recommended.
-      Any user account can be used to exploit this, all that is needed is a pair of credentials.
+      Any user account can be used to exploit this, all that is needed is a valid credential.
      The most data that can be successfully retrieved is 255 characters due to length restrictions
      on the field used to perform the XXE attack.
--- a/modules/auxiliary/scanner/http/allegro_rompager_misfortune_cookie.rb
+++ b/modules/auxiliary/scanner/http/allegro_rompager_misfortune_cookie.rb
@ -19,7 +19,7 @@ class Metasploit4 < Msf::Auxiliary
        'Misfortune Cookie' vulnerability which affects Allegro Software
        Rompager versions before 4.34 and can allow attackers to authenticate
        to the HTTP service as an administrator without providing valid
-        credentials, however more specifics are not yet known.
+        credentials.
      ),
      'Author' => [
        'Jon Hart <jon_hart[at]rapid7.com>', # metasploit module
--- a/modules/auxiliary/voip/cisco_cucdm_call_forward.rb
+++ b/modules/auxiliary/voip/cisco_cucdm_call_forward.rb
@ -16,7 +16,7 @@ class Metasploit3 < Msf::Auxiliary
      'Description' => %q{
        The BVSMWeb portal in the web framework in Cisco Unified Communications Domain Manager
        (CDM) 10 does not properly implement access control, which allows remote attackers to
-        modify user information. This module exploits the vulnerability for configure unauthorized
+        modify user information. This module exploits the vulnerability to configure unauthorized
        call forwarding.
      },
      'Author'      => 'fozavci',
--- a/modules/auxiliary/voip/cisco_cucdm_speed_dials.rb
+++ b/modules/auxiliary/voip/cisco_cucdm_speed_dials.rb
@ -17,7 +17,7 @@ class Metasploit3 < Msf::Auxiliary
        The BVSMWeb portal in the web framework in Cisco Unified Communications Domain Manager
        (CDM), before version 10, doesn't implement access control properly, which allows remote
        attackers to modify user information. This module exploits the vulnerability to make
-        unauthorized speeddial manipulations.
+        unauthorized speeddial entity manipulations.
      },
      'Author'        => 'fozavci',
      'References'    =>
--- a/modules/exploits/linux/local/desktop_privilege_escalation.rb
+++ b/modules/exploits/linux/local/desktop_privilege_escalation.rb
@ -20,11 +20,11 @@ class Metasploit4 < Msf::Exploit::Local
      'Description'   => %q{
        This module steals the user password of an administrative user on a desktop Linux system
        when it is entered for unlocking the screen or for doing administrative actions using
-        policykit. Then it escalates to root privileges using sudo and the stolen user password.
+        PolicyKit. Then, it escalates to root privileges using sudo and the stolen user password.
        It exploits the design weakness that there is no trusted channel for transferring the
        password from the keyboard to the actual password verificatition against the shadow file
        (which is running as root since /etc/shadow is only readable to the root user). Both
-        screensavers (xscreensaver/gnome-screensaver) and policykit use a component running under
+        screensavers (xscreensaver/gnome-screensaver) and PolicyKit use a component running under
        the current user account to query for the password and then pass it to a setuid-root binary
        to do the password verification. Therefore, it is possible to inject a password stealer
        after compromising the user account. Since sudo requires only the user password (and not
--- a/modules/exploits/multi/http/manageengine_auth_upload.rb
+++ b/modules/exploits/multi/http/manageengine_auth_upload.rb
@ -17,10 +17,10 @@ class Metasploit3 < Msf::Exploit::Remote
        This module exploits a directory traversal vulnerability in ManageEngine ServiceDesk,
        AssetExplorer, SupportCenter and IT360 when uploading attachment files. The JSP that accepts
        the upload does not handle correctly '../' sequences, which can be abused to write
-        in the file system. Authentication is needed to exploit this vulnerability, but this module
+        to the file system. Authentication is needed to exploit this vulnerability, but this module
        will attempt to login using the default credentials for the administrator and guest
-        accounts. Alternatively you can provide a pre-authenticated cookie or a username / password
+        accounts. Alternatively, you can provide a pre-authenticated cookie or a username / password.
-        combo. For IT360 targets enter the RPORT of the ServiceDesk instance (usually 8400). All
+        For IT360 targets, enter the RPORT of the ServiceDesk instance (usually 8400). All
        versions of ServiceDesk prior v9 build 9031 (including MSP but excluding v4), AssetExplorer,
        SupportCenter and IT360 (including MSP) are vulnerable. At the time of release of this
        module, only ServiceDesk v9 has been fixed in build 9031 and above. This module has been
--- a/modules/exploits/multi/http/pandora_upload_exec.rb
+++ b/modules/exploits/multi/http/pandora_upload_exec.rb
@ -13,9 +13,9 @@ class Metasploit3 < Msf::Exploit::Remote
  def initialize(info={})
    super(update_info(info,
-      'Name'           => "Pandora v3.1 Auth Bypass and Arbitrary File Upload Vulnerability",
+      'Name'           => "Pandora FMS v3.1 Auth Bypass and Arbitrary File Upload Vulnerability",
      'Description'    => %q{
-        This module exploits an authentication bypass vulnerability in Pandora v3.1 as
+        This module exploits an authentication bypass vulnerability in Pandora FMS v3.1 as
        disclosed by Juan Galiana Lara. It also integrates with the built-in pandora
        upload which allows a user to upload arbitrary files to the '/images/' directory.
--- a/modules/exploits/unix/webapp/wp_symposium_shell_upload.rb
+++ b/modules/exploits/unix/webapp/wp_symposium_shell_upload.rb
@ -15,17 +15,15 @@ class Metasploit3 < Msf::Exploit::Remote
    super(update_info(
      info,
      'Name'            => 'WordPress WP Symposium 14.11 Shell Upload',
-      'Description'     => %q{WP Symposium Plugin for WordPress contains a
+      'Description'     => %q{
-                              flaw that allows a remote attacker to execute
+          WP Symposium Plugin for WordPress contains a flaw that allows a remote attacker
-                              arbitrary PHP code. This flaw exists because the
+          to execute arbitrary PHP code. This flaw exists because the
-                              /wp-symposium/server/file_upload_form.php script
+          /wp-symposium/server/file_upload_form.php script does not properly verify or
-                              does not properly verify or sanitize
+          sanitize user-uploaded files. By uploading a .php file, the remote system will
-                              user-uploaded files. By uploading a .php file,
+          place the file in a user-accessible path. Making a direct request to the
-                              the remote system will place the file in a
+          uploaded file will allow the attacker to execute the script with the privileges
-                              user-accessible path. Making a direct request to
+          of the web server.
-                              the uploaded file will allow the attacker to
+        },
                              execute the script with the privileges of the
                              web server.},
      'License'         => MSF_LICENSE,
      'Author'          =>
        [
--- a/modules/exploits/windows/browser/getgodm_http_response_bof.rb
+++ b/modules/exploits/windows/browser/getgodm_http_response_bof.rb
@ -18,6 +18,7 @@ class Metasploit3 < Msf::Exploit::Remote
          This module exploits a stack-based buffer overflow vulnerability in
        GetGo Download Manager version 4.9.0.1982 and earlier, caused by an
        overly long HTTP response header.
        By persuading the victim to download a file from a malicious server, a
        remote attacker could execute arbitrary code on the system or cause
        the application to crash. This module has been tested successfully on
--- a/modules/exploits/windows/fileformat/bpftp_client_bps_bof.rb
+++ b/modules/exploits/windows/fileformat/bpftp_client_bps_bof.rb
@ -18,6 +18,7 @@ class Metasploit3 < Msf::Exploit::Remote
      'Description'    => %q{
          This module exploits a stack-based buffer overflow vulnerability in
        BulletProof FTP Client 2010, caused by an overly long hostname.
        By persuading the victim to open a specially-crafted .BPS file, a
        remote attacker could execute arbitrary code on the system or cause
        the application to crash. This module has been tested successfully on
--- a/modules/exploits/windows/fileformat/iftp_schedule_bof.rb
+++ b/modules/exploits/windows/fileformat/iftp_schedule_bof.rb
@ -19,6 +19,7 @@ class Metasploit3 < Msf::Exploit::Remote
      'Description'    => %q{
          This module exploits a stack-based buffer overflow vulnerability in
        i-Ftp v2.20, caused by a long time value set for scheduled download.
        By persuading the victim to place a specially-crafted Schedule.xml file
        in the i-FTP folder, a remote attacker could execute arbitrary code on
        the system or cause the application to crash. This module has been
--- a/modules/exploits/windows/http/lexmark_markvision_gfd_upload.rb
+++ b/modules/exploits/windows/http/lexmark_markvision_gfd_upload.rb
@ -15,8 +15,8 @@ class Metasploit3 < Msf::Exploit::Remote
    super(update_info(info,
      'Name'          => 'Lexmark MarkVision Enterprise Arbitrary File Upload',
      'Description'   => %q{
-        This module exploits a code execution flaw in Lexmark MarkVision Enterprise before 2.1.
+        This module exploits a code execution flaw in Lexmark MarkVision Enterprise before version 2.1.
-        A directory traversal in the GfdFileUploadServlet servlet allows an unauthenticated
+        A directory traversal vulnerability in the GfdFileUploadServlet servlet allows an unauthenticated
        attacker to upload arbitrary files, including arbitrary JSP code. This module has been
        tested successfully on Lexmark MarkVision Enterprise 2.0 with Windows 2003 SP2.
      },
--- a/modules/exploits/windows/mysql/mysql_start_up.rb
+++ b/modules/exploits/windows/mysql/mysql_start_up.rb
@ -19,7 +19,7 @@ class Metasploit3 < Msf::Exploit::Remote
        specifically against Windows MySQL servers. This module abuses the FILE
        privilege to write a payload to Microsoft's All Users Start Up directory
        which will execute every time a user logs in. The default All Users Start
-        Up directory used by the module is Windows 7 friendly.
+        Up directory used by the module is present on Windows 7.
      },
      'Author'         =>
        [
--- a/modules/payloads/stagers/windows/bind_hidden_ipknock_tcp.rb
+++ b/modules/payloads/stagers/windows/bind_hidden_ipknock_tcp.rb
@ -24,7 +24,7 @@ module Metasploit3
      'Description'   => 'Listen for a connection. First, the port will need to be knocked from
                          the IP defined in KHOST. This IP will work as an authentication method
                          (you can spoof it with tools like hping). After that you could get your
-                          shellcode from any IP. The socket will appear as "closed" helping us to
+                          shellcode from any IP. The socket will appear as "closed," thus helping to
                          hide the shellcode',
      'Author'        =>
        [
--- a/modules/payloads/stagers/windows/bind_hidden_tcp.rb
+++ b/modules/payloads/stagers/windows/bind_hidden_tcp.rb
@ -21,7 +21,7 @@ module Metasploit3
  def initialize(info = {})
    super(merge_info(info,
      'Name'          => 'Hidden Bind TCP Stager',
-      'Description'   => 'Listen for a connection from a hidden port and spawn a command shell to the allowed host',
+      'Description'   => 'Listen for a connection from a hidden port and spawn a command shell to the allowed host.',
      'Author'        =>
        [
          'hdm',        # original payload module (stager bind_tcp)