Merge branch 'master' of https://github.com/rapid7/metasploit-framework

modules/auxiliary/scanner/http/rails_xml_yaml_scanner.rb

@@ -20,9 +20,9 @@ class Metasploit3 < Msf::Auxiliary
 				an arbitrary object instantiation flaw in the XML request processor.
 			},
 			'Author'      => [
-					  'hdm', #author
+					'hdm', #author
-					  'jjarmoc' #improvements
+					'jjarmoc' #improvements
-					  ],
+					],
 			'License'     => MSF_LICENSE,
 			'References'  =>
 				[

modules/exploits/windows/local/bypassuac.rb

@@ -56,14 +56,8 @@ class Metasploit3 < Msf::Exploit::Local
 		#
 		vuln = false
 		winver = sysinfo["OS"]
-		affected = [ 'Windows Vista', 'Windows 7', 'Windows 2008', 'Windows 8' ]
+		if winver !~ /Windows Vista|Windows 2008|Windows [78]/
-		affected.each { |v|
+			print_error("#{winver} is not vulnerable.")
-			if winver.include? v
-				vuln = true
-			end
-		}
-		if not vuln
-			print_error("#{winver} does not have UAC")
 			return
 		end
 

modules/post/windows/escalate/bypassuac.rb

@@ -43,13 +43,7 @@ class Metasploit3 < Msf::Post
 		vuln = false
 		sysinfo = session.sys.config.sysinfo
 		winver = sysinfo["OS"]
-		affected = [ 'Windows Vista', 'Windows 7', 'Windows 2008', 'Windows 8' ]
+		if winver !~ /Windows Vista|Windows 2008|Windows [78]/
-		affected.each { |v|
-			if winver.include? v
-				vuln = true
-			end
-		}
-		if not vuln
 			print_error("#{winver} is not vulnerable.")
 			return
 		end

modules/post/windows/gather/credentials/steam.rb

@@ -15,7 +15,7 @@ class Metasploit3 < Msf::Post
 
 	def initialize(info={})
 		super( update_info(info,
-			'Name'           => 'Steam client session Collector.',
+			'Name'           => 'Steam Client Session Collector.',
 			'Description'    => %q{ This module will collect Steam session information from an
 				account set to autologin. },
 			'License'        => MSF_LICENSE,