sempervictus
diff --git a/‎lib/msf/core/exploit/http/client.rb
Lines changed: 4 additions & 4 deletions b/‎lib/msf/core/exploit/http/client.rb
Lines changed: 4 additions & 4 deletions
diff --git a/‎modules/auxiliary/admin/appletv/appletv_display_image.rb
Lines changed: 3 additions & 3 deletions b/‎modules/auxiliary/admin/appletv/appletv_display_image.rb
Lines changed: 3 additions & 3 deletions
diff --git a/‎modules/auxiliary/admin/appletv/appletv_display_video.rb
Lines changed: 4 additions & 4 deletions b/‎modules/auxiliary/admin/appletv/appletv_display_video.rb
Lines changed: 4 additions & 4 deletions
diff --git a/‎modules/auxiliary/admin/http/linksys_e1500_e2500_exec.rb
Lines changed: 4 additions & 4 deletions b/‎modules/auxiliary/admin/http/linksys_e1500_e2500_exec.rb
Lines changed: 4 additions & 4 deletions
diff --git a/‎modules/auxiliary/admin/http/linksys_wrt54gl_exec.rb
Lines changed: 5 additions & 5 deletions b/‎modules/auxiliary/admin/http/linksys_wrt54gl_exec.rb
Lines changed: 5 additions & 5 deletions
diff --git a/‎modules/auxiliary/admin/http/openbravo_xxe.rb
Lines changed: 7 additions & 7 deletions b/‎modules/auxiliary/admin/http/openbravo_xxe.rb
Lines changed: 7 additions & 7 deletions
diff --git a/‎modules/auxiliary/admin/sap/sap_mgmt_con_osexec.rb
Lines changed: 3 additions & 3 deletions b/‎modules/auxiliary/admin/sap/sap_mgmt_con_osexec.rb
Lines changed: 3 additions & 3 deletions
diff --git a/‎modules/auxiliary/dos/sap/sap_soap_rfc_eps_delete_file.rb
Lines changed: 3 additions & 3 deletions b/‎modules/auxiliary/dos/sap/sap_soap_rfc_eps_delete_file.rb
Lines changed: 3 additions & 3 deletions
diff --git a/‎modules/auxiliary/gather/snare_registry.rb
Lines changed: 4 additions & 4 deletions b/‎modules/auxiliary/gather/snare_registry.rb
Lines changed: 4 additions & 4 deletions
diff --git a/‎modules/auxiliary/gather/xbmc_traversal.rb
Lines changed: 3 additions & 3 deletions b/‎modules/auxiliary/gather/xbmc_traversal.rb
Lines changed: 3 additions & 3 deletions
@@ -48,8 +48,8 @@ def initialize(info = {})
         OptString.new('UserAgent', [false, 'The User-Agent header to use for all requests',
           Rex::Proto::Http::Client::DefaultUserAgent
           ]),
-        OptString.new('HTTPUSERNAME', [false, 'The HTTP username to specify for authentication', '']),
-        OptString.new('HTTPPASSWORD', [false, 'The HTTP password to specify for authentication', '']),
+        OptString.new('HttpUsername', [false, 'The HTTP username to specify for authentication', '']),
+        OptString.new('HttpPassword', [false, 'The HTTP password to specify for authentication', '']),
         OptBool.new('DigestAuthIIS', [false, 'Conform to IIS, should work for most servers. Only set to false for non-IIS servers', true]),
         Opt::SSLVersion,
         OptBool.new('FingerprintCheck', [ false, 'Conduct a pre-exploit fingerprint verification', true]),
@@ -149,8 +149,8 @@ def connect(opts={})
       dossl = ssl
     end
 
-    client_username = opts['username'] || datastore['HTTPUSERNAME'] || ''
-    client_password = opts['password'] || datastore['HTTPPASSWORD'] || ''
+    client_username = opts['username'] || datastore['HttpUsername'] || ''
+    client_password = opts['password'] || datastore['HttpPassword'] || ''
 
     nclient = Rex::Proto::Http::Client.new(
       opts['rhost'] || rhost,
 
@@ -36,7 +36,7 @@ def initialize(info = {})
       Opt::RPORT(7000),
       OptInt.new('TIME', [true, 'Time in seconds to show the image', 10]),
       OptPath.new('FILE', [true, 'Image to upload and show']),
-      OptString.new('HTTPPASSWORD', [false, 'The password for AppleTV AirPlay'])
+      OptString.new('HttpPassword', [false, 'The password for AppleTV AirPlay'])
     ], self.class)
 
     # We're not actually using any of these against AppleTV in our Rex HTTP client init,
@@ -72,8 +72,8 @@ def send_image_request(opts)
       ssl,
       ssl_version,
       proxies,
-      datastore['HTTPUSERNAME'],
-      datastore['HTTPPASSWORD']
+      datastore['HttpUsername'],
+      datastore['HttpPassword']
     )
     add_socket(http)
 
 
@@ -33,15 +33,15 @@ def initialize(info = {})
         [
           ['URL', 'http://nto.github.io/AirPlay.html']
         ],
-      'DefaultOptions' => { 'HTTPUSERNAME' => 'AirPlay' },
+      'DefaultOptions' => { 'HttpUsername' => 'AirPlay' },
       'License'        => MSF_LICENSE
     ))
 
     register_options([
       Opt::RPORT(7000),
       OptInt.new('TIME', [true, 'Time in seconds to show the video', 60]),
       OptString.new('URL', [true, 'URL of video to show. Must use an IP address']),
-      OptString.new('HTTPPASSWORD', [false, 'The password for AppleTV AirPlay'])
+      OptString.new('HttpPassword', [false, 'The password for AppleTV AirPlay'])
     ], self.class)
 
     # We're not actually using any of these against AppleTV in our Rex HTTP client init,
@@ -77,8 +77,8 @@ def send_video_request(opts)
       ssl,
       ssl_version,
       proxies,
-      datastore['HTTPUSERNAME'],
-      datastore['HTTPPASSWORD']
+      datastore['HttpUsername'],
+      datastore['HttpPassword']
     )
     add_socket(http)
 
 
@@ -32,16 +32,16 @@ def initialize(info = {})
 
     register_options(
       [
-        OptString.new('HTTPUSERNAME',[ true, 'User to login with', 'admin']),
-        OptString.new('HTTPPASSWORD',[ true, 'Password to login with', 'password']),
+        OptString.new('HttpUsername',[ true, 'User to login with', 'admin']),
+        OptString.new('HttpPassword',[ true, 'Password to login with', 'password']),
         OptString.new('CMD', [ true, 'The command to execute', 'telnetd -p 1337'])
       ], self.class)
   end
 
   def run
     uri = '/apply.cgi'
-    user = datastore['HTTPUSERNAME']
-    pass = datastore['HTTPPASSWORD']
+    user = datastore['HttpUsername']
+    pass = datastore['HttpPassword']
 
     print_status("#{rhost}:#{rport} - Trying to login with #{user} / #{pass}")
 
 
@@ -42,8 +42,8 @@ def initialize(info = {})
       [
         Opt::RPORT(80),
         OptString.new('TARGETURI',[ true, 'PATH to OS Command Injection', '/apply.cgi']),
-        OptString.new('HTTPUSERNAME',[ true, 'User to login with', 'admin']),
-        OptString.new('HTTPPASSWORD',[ false, 'Password to login with', 'password']),
+        OptString.new('HttpUsername',[ true, 'User to login with', 'admin']),
+        OptString.new('HttpPassword',[ false, 'Password to login with', 'password']),
         OptString.new('CMD', [ true, 'The command to execute', 'ping 127.0.0.1']),
         OptString.new('NETMASK', [ false, 'LAN Netmask of the router', '255.255.255.0']),
         OptAddress.new('LANIP', [ false, 'LAN IP address of the router (default is RHOST)']),
@@ -66,7 +66,7 @@ def lan_ip
   def run
     #setting up some basic variables
     uri = datastore['TARGETURI']
-    user = datastore['HTTPUSERNAME']
+    user = datastore['HttpUsername']
     rhost = datastore['RHOST']
     netmask = datastore['NETMASK']
     routername = datastore['ROUTER_NAME']
@@ -75,10 +75,10 @@ def run
 
     ip = lan_ip.split('.')
 
-    if datastore['HTTPPASSWORD'].nil?
+    if datastore['HttpPassword'].nil?
       pass = ""
     else
-      pass = datastore['HTTPPASSWORD']
+      pass = datastore['HttpPassword']
     end
 
     print_status("Trying to login with #{user} / #{pass}")
 
@@ -41,8 +41,8 @@ def initialize(info = {})
     register_options(
       [
         OptString.new('TARGETURI', [ true, "Base Openbravo directory path", '/openbravo/']),
-        OptString.new('HTTPUSERNAME', [true, "The Openbravo user", "Openbravo"]),
-        OptString.new('HTTPPASSWORD', [true, "The Openbravo password", "openbravo"]),
+        OptString.new('HttpUsername', [true, "The Openbravo user", "Openbravo"]),
+        OptString.new('HttpPassword', [true, "The Openbravo password", "openbravo"]),
         OptString.new('FILEPATH', [true, "The filepath to read on the server", "/etc/passwd"]),
         OptString.new('ENDPOINT', [true, "The XML API REST endpoint to use", "ADUser"])
       ], self.class)
@@ -53,7 +53,7 @@ def run
     users = send_request_raw({
       'method' => 'GET',
       'uri' => normalize_uri(datastore['TARGETURI'], "/ws/dal/#{datastore["ENDPOINT"]}"),
-      'authorization' => basic_auth(datastore['HTTPUSERNAME'], datastore['HTTPPASSWORD'])
+      'authorization' => basic_auth(datastore['HTTPUSERNAME'], datastore['HttpPassword'])
     }, 60)
 
     if !users or users.code != 200
@@ -86,20 +86,20 @@ def run
         'method' => 'PUT',
         'uri' => normalize_uri(target_uri.path, "/ws/dal/#{datastore["ENDPOINT"]}/#{id}"),
         'data' => xml,
-        'authorization' => basic_auth(datastore['HTTPUSERNAME'], datastore['HTTPPASSWORD'])
+        'authorization' => basic_auth(datastore['HttpUsername'], datastore['HttpPassword'])
       })
 
       if !resp or resp.code != 200 or resp.body =~ /Not updating entity/
         print_error("Problem updating #{datastore["ENDPOINT"]} #{other_id} with ID: #{id}")
         next
       end
 
-      print_status("Found writeable #{datastore["ENDPOINT"]}: #{other_id}")
+      print_status("Found writable #{datastore["ENDPOINT"]}: #{other_id}")
 
       u = send_request_raw({
         'method' => 'GET',
         'uri' => normalize_uri(datastore['TARGETURI'], "/ws/dal/#{datastore["ENDPOINT"]}/#{id}"),
-        'authorization' => basic_auth(datastore['HTTPUSERNAME'], datastore['HTTPPASSWORD'])
+        'authorization' => basic_auth(datastore['HttpUsername'], datastore['HttpPassword'])
       })
 
       u = REXML::Document.new u.body
@@ -116,7 +116,7 @@ def run
         'method' => 'PUT',
         'uri' => normalize_uri(target_uri.path, "/ws/dal/#{datastore["ENDPOINT"]}/#{id}"),
       'data' => xml,
-      'authorization' => basic_auth(datastore['HTTPUSERNAME'], datastore['HTTPPASSWORD'])
+      'authorization' => basic_auth(datastore['HttpUsername'], datastore['HttpPassword'])
       })
 
       print_good("File saved to: #{path}")
 
@@ -32,8 +32,8 @@ def initialize
       [
         Opt::RPORT(50013),
         OptString.new('URI', [false, 'Path to the SAP Management Console ', '/']),
-        OptString.new('HTTPUSERNAME', [true, 'Username to use', '']),
-        OptString.new('HTTPPASSWORD', [true, 'Password to use', '']),
+        OptString.new('HttpUsername', [true, 'Username to use', '']),
+        OptString.new('HttpPassword', [true, 'Password to use', '']),
         OptString.new('CMD', [true, 'Command to run', 'set']),
       ], self.class)
     register_autofilter_ports([ 50013 ])
@@ -126,7 +126,7 @@ def osexecute(rhost, cmd_to_run)
     data << '</SOAP-ENV:Body>' + "\r\n"
     data << '</SOAP-ENV:Envelope>' + "\r\n\r\n"
 
-    user_pass = Rex::Text.encode_base64(datastore['HTTPUSERNAME'] + ":" + datastore['HTTPPASSWORD'])
+    user_pass = Rex::Text.encode_base64(datastore['HttpUsername'] + ":" + datastore['HttpPassword'])
 
     begin
       res = send_request_raw({
 
@@ -51,8 +51,8 @@ def initialize
     register_options([
       Opt::RPORT(8000),
       OptString.new('CLIENT', [true, 'SAP Client', '001']),
-      OptString.new('HTTPUSERNAME', [true, 'Username', 'SAP*']),
-      OptString.new('HTTPPASSWORD', [true, 'Password', '06071992']),
+      OptString.new('HttpUsername', [true, 'Username', 'SAP*']),
+      OptString.new('HttpPassword', [true, 'Password', '06071992']),
       OptString.new('DIRNAME', [true, 'Directory Path which contains the file to delete', '/tmp']),
       OptString.new('FILENAME', [true, 'Filename to delete', 'msf.txt'])
     ], self.class)
@@ -80,7 +80,7 @@ def run_host(ip)
         'uri' => '/sap/bc/soap/rfc',
         'method' => 'POST',
         'data' => data,
-        'authorization' => basic_auth(datastore['HTTPUSERNAME'], datastore['HTTPPASSWORD']),
+        'authorization' => basic_auth(datastore['HttpUsername'], datastore['HttpPassword']),
         'cookie' => 'sap-usercontext=sap-language=EN&sap-client=' + datastore['CLIENT'],
         'ctype' => 'text/xml; charset=UTF-8',
         'headers' => {
 
@@ -35,8 +35,8 @@ def initialize(info = {})
     register_options(
       [
         Opt::RPORT(6161),
-        OptString.new('HTTPUSERNAME', [ false, 'The username for Snare remote access', 'snare' ]),
-        OptString.new('HTTPPASSWORD', [ false, 'The password for Snare remote access', '' ]),
+        OptString.new('HttpUsername', [ false, 'The username for Snare remote access', 'snare' ]),
+        OptString.new('HttpPassword', [ false, 'The password for Snare remote access', '' ]),
         OptString.new('REG_DUMP_KEY', [ false, 'Retrieve this registry key and all sub-keys', 'HKLM\\HARDWARE\\DESCRIPTION\\System' ]),
         OptBool.new('REG_DUMP_ALL', [false, 'Retrieve the entire Windows registry', false]),
         OptInt.new('TIMEOUT', [true, 'Timeout in seconds for downloading each registry key/hive', 300])
@@ -68,7 +68,7 @@ def dump_key(reg_key)
     end
     res = send_request_cgi({
       'uri' => normalize_uri('RegDump'),
-      'authorization' => basic_auth(datastore['HTTPUSERNAME'], datastore['HTTPPASSWORD']),
+      'authorization' => basic_auth(datastore['HttpUsername'], datastore['HttpPassword']),
       'vars_get' => vars_get
     }, datastore['TIMEOUT'])
     if !res
@@ -102,7 +102,7 @@ def retrieve_hive_list
     print_status("#{peer} - Retrieving list of registry hives ...")
     res = send_request_cgi(
       'uri' => normalize_uri('RegDump'),
-      'authorization' => basic_auth(datastore['HTTPUSERNAME'], datastore['HTTPPASSWORD'])
+      'authorization' => basic_auth(datastore['HttpUsername'], datastore['HttpPassword'])
     )
     if !res
       fail_with(Failure::Unreachable, "#{peer} - Connection failed")
 
@@ -38,8 +38,8 @@ def initialize(info={})
         Opt::RPORT(8080),
         OptString.new('FILEPATH', [false, 'The name of the file to download', '/private/var/mobile/Library/Preferences/XBMC/userdata/passwords.xml']),
         OptInt.new('DEPTH', [true, 'The max traversal depth', 9]),
-        OptString.new('HTTPUSERNAME', [true, 'The username to use for the HTTP server', 'xbmc']),
-        OptString.new('HTTPPASSWORD', [false, 'The password to use for the HTTP server', 'xbmc']),
+        OptString.new('HttpUsername', [true, 'The username to use for the HTTP server', 'xbmc']),
+        OptString.new('HttpPassword', [false, 'The password to use for the HTTP server', 'xbmc']),
       ], self.class)
   end
 
@@ -56,7 +56,7 @@ def run
       res = send_request_raw({
         'method' => 'GET',
         'uri'    => "/#{traversal}/#{datastore['FILEPATH']}",
-        'authorization' => basic_auth(datastore['HTTPUSERNAME'],datastore['HTTPPASSWORD'])
+        'authorization' => basic_auth(datastore['HttpUsername'],datastore['HttpPassword'])
       }, 25)
     rescue Rex::ConnectionRefused
       print_error("#{rhost}:#{rport} Could not connect.")