Clean up module

Author: wvu

lib/msf/core/db_manager/vuln.rb

@@ -230,4 +230,4 @@ def vulns(wspace=workspace)
     wspace.vulns
   }
   end
-end
+end

modules/auxiliary/scanner/http/host_header_injection.rb

@@ -5,60 +5,60 @@
 
 require 'msf/core'
 
-class Metasploit3 < Msf::Auxiliary
+class Metasploit4 < Msf::Auxiliary
 
   include Msf::Exploit::Remote::HttpClient
   include Msf::Auxiliary::WmapScanServer
   include Msf::Auxiliary::Scanner
 
-  def initialize(info={})
+  def initialize(info = {})
     super(update_info(info,
-      'Name'        => 'HTTP Host-Header Injection Detection',
-      'Description' => 'Checks if the host is vulnerable to Host-Header Injection',
-      'Author'       =>
+      'Name'        => 'HTTP Host Header Injection Detection',
+      'Description' => 'Checks if the host is vulnerable to Host header injection',
+      'Author'      =>
         [
-          'Jay Turla <@shipcod3>',
-          'Medz Barao <@godflux>'
+          'Jay Turla', # @shipcod3
+          'Medz Barao' # @godflux
         ],
       'License'     => MSF_LICENSE,
-      'References'     =>
+      'References'  =>
         [
           ['URL', 'http://www.skeletonscribe.net/2013/05/practical-http-host-header-attacks.html']
         ]
     ))
 
     register_options(
       [
-        OptString.new('TARGETHOST',[true, "The redirector target", "evil.com"]),
-      ],self.class)
+        OptString.new('TARGETHOST', [true, 'The redirector target', 'evil.com'])
+      ], self.class)
   end
 
-  def run_host(target_host)
-
+  def run_host(ip)
     begin
-      p = "#{datastore['TARGETHOST']}"
-      res = send_request_raw({
+      target_host = "#{datastore['TARGETHOST']}"
+      res = send_request_raw(
         'uri'          => '/',
         'method'       => 'GET',
         'headers'      => {
-          'host' => p,
-          'x-forwarded-host' => p,
+          'Host'             => target_host,
+          'X-Forwarded-Host' => target_host
         }
-      })
+      )
 
       unless res
         vprint_error("#{peer} did not reply to our request")
         return
       end
 
-      if res.headers =~ /#{p}/ || res.body =~ /#{p}/
-        print_good("#{peer} is vulnerable to HTTP Host-Header Injection")
+      if res.headers.include?(target_host) || res.body.include?(target_host)
+        print_good("#{peer} is vulnerable to HTTP Host header injection")
         report_vuln(
-          host: rhost,
+          host: ip,
           port: rport,
           proto: 'tcp',
-          sname: (ssl ? 'https' : 'http'),
-          info: "Vulnerable to HTTP Host-Header Injection",
+          sname: ssl ? 'https' : 'http',
+          name: 'HTTP Host header injection',
+          refs: self.references
         )
       else
         vprint_error("#{peer} returned #{res.code} #{res.message}")
@@ -67,4 +67,5 @@ def run_host(target_host)
     rescue ::Timeout::Error, ::Errno::EPIPE
     end
   end
+
 end