Land rapid7#4712, @todb-r7's release fixes

wvu · wvu · commit 3b28b23e2e21 · 2015-02-05T13:18:09.000-06:00
diff --git a/modules/auxiliary/admin/http/manageengine_dir_listing.rb b/modules/auxiliary/admin/http/manageengine_dir_listing.rb
@@ -22,9 +22,9 @@ def initialize(info={})
         using the default credentials for the administrator and guest accounts; alternatively
         you can provide a pre-authenticated cookie or a username / password combo. For IT360
         targets enter the RPORT of the OpManager instance (usually 8300). This module has been
-        tested on both Windows and Linux with several different versions Windows paths have to
+        tested on both Windows and Linux with several different versions. Windows paths have to
         be escaped with 4 backslashes on the command line. There is a companion module that
-        allows you to download an arbitrary file. This vulnerability has been fixed in Applications
+        allows for arbitrary file download. This vulnerability has been fixed in Applications
         Manager v11.9 b11912 and OpManager 11.6.
       },
       'Author'         =>
diff --git a/modules/auxiliary/admin/http/manageengine_file_download.rb b/modules/auxiliary/admin/http/manageengine_file_download.rb
@@ -22,7 +22,7 @@ module will attempt to login using the default credentials for the administrator
         and password combo. For IT360 targets enter the RPORT of the OpManager instance (usually
         8300). This module has been tested on both Windows and Linux with several different
         versions. Windows paths have to be escaped with 4 backslashes on the command line. There is
-        a companion module that allows you to list the contents of any directory recursively. This
+        a companion module that allows the recursive listing of any directory. This
         vulnerability has been fixed in Applications Manager v11.9 b11912 and OpManager 11.6.
       },
       'Author'       =>
diff --git a/modules/auxiliary/scanner/http/wordpress_ghost_scanner.rb b/modules/auxiliary/scanner/http/wordpress_ghost_scanner.rb
@@ -11,11 +11,11 @@ class Metasploit3 < Msf::Auxiliary
 
   def initialize(info = {})
     super(update_info(info,
-    'Name' => 'WordPress XMLRPC Ghost Vulnerability Scanner',
+    'Name' => 'WordPress XMLRPC GHOST Vulnerability Scanner',
     'Description' => %q{
-      This module can be used to determine hosts vulnerable to the Ghost vulnerability via
+      This module can be used to determine hosts vulnerable to the GHOST vulnerability via
       a call to the WordPress XMLRPC interface. If the target is vulnerable, the system
-      will segfault and return a server error. On patched systems a normal XMLRPC error
+      will segfault and return a server error. On patched systems, a normal XMLRPC error
       is returned.
     },
     'Author' =>
diff --git a/modules/exploits/unix/webapp/wp_pixabay_images_upload.rb b/modules/exploits/unix/webapp/wp_pixabay_images_upload.rb
@@ -13,9 +13,9 @@ class Metasploit3 < Msf::Exploit::Remote
 
   def initialize(info = {})
     super(update_info(info,
-      'Name'           => 'Wordpress Pixabay Images PHP Code Upload',
+      'Name'           => 'WordPress Pixabay Images PHP Code Upload',
       'Description'    => %q{
-        This module exploits multiple vulnerabilities in the Wordpress plugin Pixabay
+        This module exploits multiple vulnerabilities in the WordPress plugin Pixabay
         Images 2.3.6. The plugin does not check the host of a provided download URL
         which can be used to store and execute malicious PHP code on the system.
       },
@@ -74,7 +74,7 @@ def call_payload(file_name)
 
   def exploit
     unless wordpress_and_online?
-      fail_with(Failure::NoTarget, "#{peer} - #{target_uri} does not seeem to be Wordpress site")
+      fail_with(Failure::NoTarget, "#{peer} - #{target_uri} does not seeem to be WordPress site")
     end
 
     print_status("#{peer} - Starting up web service...")
@@ -120,7 +120,7 @@ def exploit
   def check
     res = wordpress_and_online?
     unless res
-      vprint_error("#{peer} - It doesn't look like a Wordpress site")
+      vprint_error("#{peer} - It doesn't look like a WordPress site")
       return Exploit::CheckCode::Unknown
     end
 
diff --git a/modules/exploits/unix/webapp/wp_platform_exec.rb b/modules/exploits/unix/webapp/wp_platform_exec.rb
@@ -13,9 +13,9 @@ class Metasploit3 < Msf::Exploit::Remote
   def initialize(info = {})
     super(update_info(
       info,
-      'Name'           => 'Remote Code Execution in Wordpress Platform Theme',
+      'Name'           => 'Remote Code Execution in WordPress Platform Theme',
       'Description'    => %q{
-        The Wordpress Theme "platform" contains a remote code execution vulnerability
+        The WordPress Theme "platform" contains a remote code execution vulnerability
         through an unchecked admin_init call. The theme includes the uploaded file
         from it's temp filename with php's include function.
       },
diff --git a/modules/exploits/windows/browser/malwarebytes_update_exec.rb b/modules/exploits/windows/browser/malwarebytes_update_exec.rb
@@ -6,7 +6,7 @@
 require 'msf/core'
 
 class Metasploit3 < Msf::Exploit::Remote
-  Rank = NormalRanking
+  Rank = GoodRanking # Would be Great except MBAE doesn't version check
 
   include Msf::Exploit::EXE
   include Msf::Exploit::Remote::HttpServer
@@ -22,8 +22,8 @@ def initialize(info = {})
         This module exploits a vulnerability in the update functionality of
         Malwarebytes Anti-Malware consumer before 2.0.3 and Malwarebytes
         Anti-Exploit consumer 1.03.1.1220.
-        Due to the lack of proper update package validation a man-in-the-middle
-        attacker could execute arbitrary code by spoofing the update server
+        Due to the lack of proper update package validation, a man-in-the-middle
+        (MITM) attacker could execute arbitrary code by spoofing the update server
         data-cdn.mbamupdates.com and uploading an executable. This module has
         been tested successfully with MBAM 2.0.2.1012 and MBAE 1.03.1.1220.
       },
diff --git a/modules/exploits/windows/local/ms15_004_tswbproxy.rb b/modules/exploits/windows/local/ms15_004_tswbproxy.rb
@@ -16,11 +16,13 @@ def initialize(info={})
     super(update_info(info, {
       'Name'           => 'MS15-004 Microsoft Remote Desktop Services Web Proxy IE Sandbox Escape',
       'Description'    => %q{
-        This module abuses a process creation policy in Internet Explorer's sandbox, specifically
-        the Microsoft Remote Desktop Services Web Proxy IE one, which allows the attacker to escape
-        the Protected Mode, and execute code with Medium Integrity. At the moment, this module only
-        bypass Protected Mode on Windows 7 SP1 and prior (32 bits). This module has been tested
-        successfully on Windows 7 SP1 (32 bits) with IE 8 and IE 11.
+        This module abuses a process creation policy in Internet Explorer's
+        sandbox; specifically, Microsoft's RemoteApp and Desktop Connections runtime
+        proxy, TSWbPrxy.exe.  This vulnerability allows the attacker to escape the
+        Protected Mode and execute code with Medium Integrity. At the moment, this
+        module only bypass Protected Mode on Windows 7 SP1 and prior (32 bits). This
+        module has been tested successfully on Windows 7 SP1 (32 bits) with IE 8 and IE
+        11.
       },
       'License'        => MSF_LICENSE,
       'Author'         =>
