Various and sundry fixes for normalize_uri

modules/auxiliary/scanner/http/axis_local_file_include.rb

@@ -62,7 +62,7 @@ class Metasploit3 < Msf::Auxiliary
 				get_credentials(new_uri)
 
 			else
-				print_status("#{uri} - Apache Axis - The remote page not accessible")
+				print_status("#{target_url} - Apache Axis - The remote page not accessible")
 				return
 
 			end
@@ -82,7 +82,7 @@ class Metasploit3 < Msf::Auxiliary
 				'uri'     => "#{uri}" + lfi_payload,
 			}, 25)
 
-			print_status("#{uri} - Apache Axis - Dumping administrative credentials")
+			print_status("#{target_url} - Apache Axis - Dumping administrative credentials")
 
 			if (res and res.code == 200)
 				if res.body.to_s.match(/axisconfig/)

modules/exploits/multi/http/sit_file_upload.rb

@@ -65,7 +65,11 @@ class Metasploit3 < Msf::Exploit::Remote
 	def check
 
 		uri = normalize_uri(datastore['URI'])
-		uri << '/' if uri[-1,1] != '/'
+		if uri[-1,1] != '/'
+			uri = uri + "index.php"
+		else
+			uri = uri + "/index.php"
+		end
 
 		res = send_request_raw({
 			'uri'     => uri
@@ -88,7 +92,11 @@ class Metasploit3 < Msf::Exploit::Remote
 	def retrieve_session(user, pass)
 
 		uri = normalize_uri(datastore['URI'])
-		uri << '/' if uri[-1,1] != '/'
+		if uri[-1,1] == "/"
+			uri = uri + "login.php"
+		else
+			uri = uri + "/login.php"
+		end
 
 		res = send_request_cgi({
 			'uri'     => uri,
@@ -114,7 +122,11 @@ class Metasploit3 < Msf::Exploit::Remote
 	def upload_page(session, newpage, contents)
 
 		uri = normalize_uri(datastore['URI'])
-		uri << '/' if uri[-1,1] != '/'
+		if uri[-1,1] == "/"
+			uri = uri + "ftp_upload_file.php"
+		else
+			uri = uri + "/ftp_upload_file.php"
+		end
 
 		boundary = rand_text_alphanumeric(6)
 
@@ -176,7 +188,11 @@ class Metasploit3 < Msf::Exploit::Remote
 		print_status("Calling payload: #{cmdpath}")
 
 		uri = normalize_uri(datastore['URI'])
-		uri << '/' if uri[-1,1] != '/'
+		if uri[-1,1] == "/"
+			uri = uri + cmdpath
+		else
+			uri = uri + "/#{cmdpath}"
+		end
 
 		send_request_raw({
 			'uri'	=> uri