infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

fixed some typos, thx mubix! 

git-svn-id: file:///home/svn/framework3/trunk@7569 4d416f70-5f16-0410-b530-b9f4589650da
unstable
Joshua Drake 2009-11-19 03:36:02 +00:00
parent 106350ac97
commit f767129e61
2 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
modules/exploits/windows/ftp/httpdx_tolog_format.rb
View File

@ -18,7 +18,7 @@ class Metasploit3 < Msf::Exploit::Remote
'Name' => 'HTTPDX tolog() Function Format String Vulnerability',
'Description' => %q{
This module exploits a format string vulnerability in HTTPDX FTP server.
By sending an speciall crafted FTP command containing format specifiers, an
By sending an specially crafted FTP command containing format specifiers, an
attacker can corrupt memory and execute arbitrary code.
By default logging is off for HTTP, but enabled for the 'moderator' user
@ -49,7 +49,7 @@ class Metasploit3 < Msf::Exploit::Remote
'Targets' =>
[
#
# Automatic targetting via fingerprinting
# Automatic targeting via fingerprinting
#
[ 'Automatic Targeting', { 'auto' => true } ],
@ -105,7 +105,7 @@ To find a target:
4. follow the xref to the imports area
5. copy/paste the address
6. the 'Writable' value should be anything after the last address IDA shows..
(preferrably something above 0x0d, to avoid bad chars)
(preferably something above 0x0d, to avoid bad chars)
If crashes occur referencing strange values, 'NumPops' probably needs adjusting.
For now, that will have to be done manually.

6
modules/exploits/windows/http/httpdx_tolog_format.rb
View File

@ -18,7 +18,7 @@ class Metasploit3 < Msf::Exploit::Remote
'Name' => 'HTTPDX tolog() Function Format String Vulnerability',
'Description' => %q{
This module exploits a format string vulnerability in HTTPDX HTTP server.
By sending an speciall crafted HTTP request containing format specifiers, an
By sending an specially crafted HTTP request containing format specifiers, an
attacker can corrupt memory and execute arbitrary code.
By default logging is off for HTTP, but enabled for the 'moderator' user
@ -49,7 +49,7 @@ class Metasploit3 < Msf::Exploit::Remote
'Targets' =>
[
#
# Automatic targetting via fingerprinting
# Automatic targeting via fingerprinting
#
[ 'Automatic Targeting', { 'auto' => true } ],
@ -110,7 +110,7 @@ To find a target:
4. follow the xref to the imports area
5. copy/paste the address
6. the 'Writable' value should be anything after the last address IDA shows..
(preferrably something above 0x0d, to avoid bad chars)
(preferably something above 0x0d, to avoid bad chars)
If crashes occur referencing strange values, 'NumPops' probably needs adjusting.
For now, that will have to be done manually.