From a73f024ce11f21c49b0ee5ca1c2ce2896387bc64 Mon Sep 17 00:00:00 2001
From: bmc <>
Date: Sun, 19 Feb 2006 03:58:18 +0000
Subject: [PATCH] * less duplication, since the common case is just fine for
 all but a few instances

git-svn-id: file:///home/svn/incoming/trunk@3531 4d416f70-5f16-0410-b530-b9f4589650da
---
 lib/msf/core/exploit/http.rb | 54 +++++++++++++++---------------------
 1 file changed, 22 insertions(+), 32 deletions(-)

diff --git a/lib/msf/core/exploit/http.rb b/lib/msf/core/exploit/http.rb
index d8468b0b00..dd73592e86 100644
--- a/lib/msf/core/exploit/http.rb
+++ b/lib/msf/core/exploit/http.rb
@@ -461,10 +461,10 @@ protected
 		
         register_evasion_options(
             [
-				# utf-7 and utf-7-all are currently not supported by most
-				# browsers, so remove them from the defaults.  support for them
-				# is enabled in the mixin if you override the Enum on a per
-				# exploit basis.
+				# utf-8, utf-7 and utf-7-all are currently not supported by
+				# most browsers.  as such, they are not added by default.  The
+				# mixin supports encoding using them, however they are not
+				# listed in the Option.
                 OptEnum.new('HTML::unicode', [false, 'Enable HTTP obfuscation via unicode', 'none', ['none', 'utf-16le', 'utf-16be', 'utf-16be-marker', 'utf-32le', 'utf-32be']]),
 				OptEnum.new('HTML::base64', [false, 'Enable HTML obfuscation via an embeded base64 html object', 'none', ['none', 'plain', 'single_pad', 'double_pad', 'random_space_injection']]),
 				OptInt.new('HTML::javascript::escape', [false, 'Enable HTML obfuscation via HTML escaping (number of iterations)',  0]),
@@ -503,34 +503,24 @@ protected
 				body = '<script>document.write(unescape("' + Rex::Text.to_hex(body, '%') + '"))</script>'
 			}
 		end
-			
-
-		case datastore['HTML::unicode']
-			when 'utf-16le'
-				headers['Content-Type'] = 'text/html; charset: utf-16le'
-				body = Rex::Text.to_unicode(body, 'utf-16le')
-			when 'utf-16be'
-				headers['Content-Type'] = 'text/html; charset: utf-16be'
-				body = Rex::Text.to_unicode(body, 'utf-16be')
-			when 'utf-16be-marker'
-				headers['Content-Type'] = 'text/html'
-				body = "\xFE\xFF" + Rex::Text.to_unicode(body, 'utf-16be')
-			when 'utf-32le'
-				headers['Content-Type'] = 'text/html; charset: utf-32le'
-				body = Rex::Text.to_unicode(body, 'utf-32le')
-			when 'utf-32be'
-				headers['Content-Type'] = 'text/html; charset: utf-32be'
-				body = Rex::Text.to_unicode(body, 'utf-32be')
-			when 'utf-7'
-				headers['Content-Type'] = 'text/html; charset: utf-7'
-				body = Rex::Text.to_unicode(body, 'utf-7')
-			when 'utf-7-all'
-				headers['Content-Type'] = 'text/html; charset: utf-7'
-				body = Rex::Text.to_unicode(body, 'utf-7', 'all')
-			when 'none'
-				# do nothing
-			else
-				raise RuntimeError, 'Invalid unicode.  how did you get here?'
+		
+		if ['utf-16le','utf-16be','utf32-le','utf32-be','utf-7','utf-8'].include?(datastore['HTML::unicode'])
+			headers['Content-Type'] = 'text/html; charset: ' + datastore['HTML::unicode']
+			body = Rex::Text.to_unicode(body, datastore['HTML::unicode'])
+		else
+			# special cases
+			case datastore['HTML::unicode']
+				when 'utf-16be-marker'
+					headers['Content-Type'] = 'text/html'
+					body = "\xFE\xFF" + Rex::Text.to_unicode(body, 'utf-16be')
+				when 'utf-7-all'
+					headers['Content-Type'] = 'text/html; charset: utf-7'
+					body = Rex::Text.to_unicode(body, 'utf-7', 'all')
+				when 'none'
+					# do nothing
+				else
+					raise RuntimeError, 'Invalid unicode.  how did you get here?'
+			end
 		end
 		
 		super(cli, body, headers)