Land rapid7#3372, release fixes

wvu · wvu · commit 8235556cec04 · 2014-05-19T09:10:38.000-05:00
diff --git a/modules/auxiliary/admin/scada/advantech_webaccess_dbvisitor_sqli.rb b/modules/auxiliary/admin/scada/advantech_webaccess_dbvisitor_sqli.rb
@@ -19,7 +19,7 @@ def initialize(info = {})
         This module exploits a SQL injection vulnerability found in Advantech WebAccess 7.1. The
         vulnerability exists in the DBVisitor.dll component, and can be abused through malicious
         requests to the ChartThemeConfig web service. This module can be used to extract the site
-        and projects usernames and hashes.
+        and project usernames and hashes.
       },
       'References'     =>
         [
diff --git a/modules/auxiliary/scanner/snmp/brocade_enumhash.rb b/modules/auxiliary/scanner/snmp/brocade_enumhash.rb
@@ -44,7 +44,7 @@ def run_host(ip)
           row.each { |val| @hashes << val.value.to_s }
         end
 
-        print_good("#{ip} Found Users & Password Hashes:")
+        print_good("#{ip} - Found user and password hashes:")
         end
 
         credinfo = ""
@@ -67,7 +67,7 @@ def run_host(ip)
      rescue ::Interrupt
        raise $!
      rescue ::Exception => e
-       print_error("#{ip} error: #{e.class} #{e}")
+       print_error("#{ip} - Error: #{e.class} #{e}")
      disconnect_snmp
      end
   end
diff --git a/modules/auxiliary/scanner/snmp/netopia_enum.rb b/modules/auxiliary/scanner/snmp/netopia_enum.rb
@@ -95,7 +95,7 @@ def run_host(ip)
      rescue ::Interrupt
        raise $!
      rescue ::Exception => e
-       print_error("#{ip} error: #{e.class} #{e}")
+       print_error("#{ip} - Error: #{e.class} #{e}")
      disconnect_snmp
      end
   end
diff --git a/modules/auxiliary/scanner/snmp/ubee_ddw3611.rb b/modules/auxiliary/scanner/snmp/ubee_ddw3611.rb
@@ -152,7 +152,7 @@ def run_host(ip)
      rescue ::Interrupt
        raise $!
      rescue ::Exception => e
-       print_error("#{ip} error: #{e.class} #{e}")
+       print_error("#{ip} - Error: #{e.class} #{e}")
      disconnect_snmp
      end
   end
diff --git a/modules/exploits/windows/antivirus/symantec_workspace_streaming_exec.rb b/modules/exploits/windows/antivirus/symantec_workspace_streaming_exec.rb
@@ -19,11 +19,11 @@ def initialize(info = {})
       'Description' => %q{
         This module exploits a code execution flaw in Symantec Workspace Streaming. The
         vulnerability exists in the ManagementAgentServer.putFile XMLRPC call exposed by the
-        as_agent.exe service, which allows to upload arbitrary files under the server root.
-        This module abuses the auto deploy feature at the JBoss as_ste.exe's instance in order
+        as_agent.exe service, which allows for uploading arbitrary files under the server root.
+        This module abuses the auto deploy feature in the JBoss as_ste.exe instance in order
         to achieve remote code execution. This module has been tested successfully on Symantec
         Workspace Streaming 6.1 SP8 and Windows 2003 SP2. Abused services listen on a single
-        machine deployment, and also at the backend role in a multiple machines deployment
+        machine deployment, and also in the backend role in a multiple machine deployment.
       },
       'Author'       =>
         [

Original file line number	Diff line number	Diff line change
`@@ -19,7 +19,7 @@ def initialize(info = {})`
`19`	`19`	`This module exploits a SQL injection vulnerability found in Advantech WebAccess 7.1. The`
`20`	`20`	`vulnerability exists in the DBVisitor.dll component, and can be abused through malicious`
`21`	`21`	`requests to the ChartThemeConfig web service. This module can be used to extract the site`
`22`		`- and projects usernames and hashes.`
	`22`	`+ and project usernames and hashes.`
`23`	`23`	`},`
`24`	`24`	`'References' =>`
`25`	`25`	`[`