ensure binary mode when opening files, whitespace fixes

git-svn-id: file:///home/svn/framework3/trunk@9653 4d416f70-5f16-0410-b530-b9f4589650da

modules/auxiliary/admin/backupexec/dump.rb

@@ -79,7 +79,7 @@ def initialize(info = {})
 	def run
 		print_status("Attempting to retrieve #{datastore['RPATH']}...")
 
-		lfd = File.open(datastore['LPATH'], 'w')
+		lfd = File.open(datastore['LPATH'], 'wb')
 
 		connect
 		data = ndmp_recv()

modules/auxiliary/admin/motorola/wr850g_cred.rb

@@ -16,7 +16,7 @@ class Metasploit3 < Msf::Auxiliary
 	include Msf::Exploit::Remote::Tcp
 
 	def initialize(info = {})
-		super(update_info(info,	
+		super(update_info(info,
 			'Name'           => 'Motorola WR850G v4.03 Credentials',
 			'Description'    => %q{
 					Login credentials to the Motorola WR850G router with

modules/auxiliary/admin/mssql/mssql_exec.rb

@@ -15,7 +15,7 @@
 class Metasploit3 < Msf::Auxiliary
 
 	include Msf::Exploit::Remote::MSSQL
-	
+
 	def initialize(info = {})
 		super(update_info(info,
 			'Name'           => 'Microsoft SQL Server xp_cmdshell Command Execution',

modules/auxiliary/admin/oracle/oraenum.rb

@@ -415,7 +415,7 @@ def run
 					user,pass = record.split(",")
 					accts["#{pass.chomp}"] = "#{user}"
 				end
-				::File.open(ordfltpss, "r").each_line do  |l|
+				::File.open(ordfltpss, "rb").each_line do  |l|
 					accrcrd =  l.split(",")
 					if accts.has_key?(accrcrd[2])
 						print_status("\tDefault pass for account #{accrcrd[0]} is #{accrcrd[1]} ")

modules/auxiliary/admin/oracle/sid_brute.rb

@@ -48,27 +48,22 @@ def run
 
 		print_status("Starting brute force on #{rhost}, using sids from #{list}...")
 
-		fd = File.open(list).each do |sid|
-
-		login = "(DESCRIPTION=(CONNECT_DATA=(SID=#{sid})(CID=(PROGRAM=)(HOST=MSF)(USER=)))(ADDRESS=(PROTOCOL=tcp)(HOST=#{rhost})(PORT=#{rport})))"
-
-		pkt = tns_packet(login)
+		fd = File.open(list, 'rb').each do |sid|
+			login = "(DESCRIPTION=(CONNECT_DATA=(SID=#{sid})(CID=(PROGRAM=)(HOST=MSF)(USER=)))(ADDRESS=(PROTOCOL=tcp)(HOST=#{rhost})(PORT=#{rport})))"
+			pkt = tns_packet(login)
+
+			begin
+				connect
+			rescue => e
+				print_error("#{e}")
+				disconnect
+				return
+			end
 
-		begin
-			connect
-		rescue => e
-			print_error("#{e}")
+			sock.put(pkt)
+			select(nil,nil,nil,s.to_i)
+			res = sock.get_once(-1,3)
 			disconnect
-			return
-		end
-
-		sock.put(pkt)
-
-		select(nil,nil,nil,s.to_i)
-
-		res = sock.get_once(-1,3)
-
-		disconnect
 
 		 	if ( res and res =~ /ERROR_STACK/ )
 				''

modules/auxiliary/client/smtp/emailer.rb

@@ -25,9 +25,9 @@ def initialize(info = {})
 		super(update_info(info,
 			'Name'           => 'Generic Emailer (SMTP)',
 			'Description'    => %q{
-				This module can be used to automate email delivery.
-			This code is based on Joshua Abraham's email script for social
-			engineering.
+					This module can be used to automate email delivery.
+				This code is based on Joshua Abraham's email script for social
+				engineering.
 			},
 			'License'        => MSF_LICENSE,
 			'Version'        => '$Revision$',
@@ -50,7 +50,7 @@ def initialize(info = {})
 
 	def run
 
-		fileconf = File.open(datastore['YAML_CONFIG'])
+		fileconf = File.open(datastore['YAML_CONFIG'], "rb")
 		yamlconf = YAML::load(fileconf)
 
 		fileto = yamlconf['to']
@@ -82,9 +82,8 @@ def run
 
 		datastore['MAILFROM'] = from
 
-		msg = File.open(msg_file).read
-
-		email_sig = File.open(sig_file).read
+		msg = File.open(msg_file, 'rb').read
+		email_sig = File.open(sig_file, 'rb').read
 
 		if (type !~ /text/i and type !~ /text\/html/i)
 			print_error("YAML config: #{type}")
@@ -136,7 +135,7 @@ def run
         end
 
 
-		File.open(fileto).each do |l|
+		File.open(fileto, 'rb').each do |l|
 			next if l !~ /\@/
 
 			nem = l.split(',')
@@ -153,7 +152,7 @@ def run
 			end
 
 			if sig
-				data_sig = File.open(sig_file).read
+				data_sig = File.open(sig_file, 'rb').read
 				email_msg_body = "#{email_msg_body}\n#{data_sig}"
 			end
 
@@ -171,7 +170,7 @@ def run
 
 			if attachment
 				if attachment_file_name
-					data_attachment = File.open(attachment_file).read
+					data_attachment = File.open(attachment_file, 'rb').read
 					mime_msg.add_part(Rex::Text.encode_base64(data_attachment, "\r\n"), attachment_file_type, "base64", "attachment; filename=\"#{attachment_file_name}\"")
 				end
 			end

modules/auxiliary/dos/windows/smb/vista_negotiate_stop.rb

@@ -26,7 +26,7 @@ def initialize(info = {})
 			'Author'         => [ 'hdm' ],
 			'License'        => MSF_LICENSE,
 			'Version'        => '$Revision$',
-			'References'     => 
+			'References'     =>
 				[
 					[ 'OSVDB', '64341'],
 				]

modules/auxiliary/dos/windows/tftp/pt360_write.rb

@@ -27,7 +27,7 @@ def initialize(info = {})
 			'License'        => MSF_LICENSE,
 			'Version'        => '$Revision$',
 			'References'     =>
-				[ 
+				[
 					[ 'CVE', '2008-1311'],
 					[ 'OSVDB', '42932'],
 					[ 'URL', 'http://milw0rm.com/exploits/6863']

modules/auxiliary/dos/windows/tftp/solarwinds.rb

@@ -27,7 +27,7 @@ def initialize(info = {})
 			'License'        => MSF_LICENSE,
 			'Version'        => '$Revision$',
 			'References'     =>
-				[ 
+				[
 					[ 'CVE', '2010-2115' ],
 					[ 'OSVDB', '64845' ],
 					[ 'URL', 'http://www.exploit-db.com/exploits/12683' ]

modules/auxiliary/gather/search_email_collector.rb

@@ -113,7 +113,7 @@ def search_bing(targetdom)
 	#for writing file with all email's found
 	def write_output(data)
 		print_status("Writing email address list to #{datastore['OUTFILE']}...")
-		::File.open(datastore['OUTFILE'], "a") do |fd|
+		::File.open(datastore['OUTFILE'], "ab") do |fd|
 			fd.write(data)
 		end
 	end

modules/auxiliary/scanner/finger/finger_users.rb

@@ -149,7 +149,7 @@ def finger_slurp_data
 
 	def finger_user_common
 		if(! @common)
-			File.open(datastore['USERS_FILE'], "r") do |fd|
+			File.open(datastore['USERS_FILE'], "rb") do |fd|
 				data = fd.read(fd.stat.size)
 				@common = data.split(/\n/).compact.uniq
 				@common.delete("")

modules/auxiliary/scanner/http/brute_dirs.rb

@@ -97,7 +97,7 @@ def run_host(ip)
 				# Look for a string we can signature on as well
 				if(tcode >= 200 and tcode <= 299)
 
-					File.open(datastore['HTTP404Sigs']).each do |str|
+					File.open(datastore['HTTP404Sigs'], 'rb').each do |str|
 						if(res.body.index(str))
 							emesg = str
 							break

modules/auxiliary/scanner/http/copy_of_file.rb

@@ -92,7 +92,7 @@ def run_host(ip)
 			# Look for a string we can signature on as well
 			if(tcode >= 200 and tcode <= 299)
 
-				File.open(datastore['HTTP404Sigs']).each do |str|
+				File.open(datastore['HTTP404Sigs'], 'rb').each do |str|
 					if(res.body.index(str))
 						emesg = str
 						break

modules/auxiliary/scanner/http/dir_scanner.rb

@@ -90,7 +90,7 @@ def run_host(ip)
 			# Look for a string we can signature on as well
 			if(tcode >= 200 and tcode <= 299)
 
-				File.open(datastore['HTTP404Sigs']).each do |str|
+				File.open(datastore['HTTP404Sigs'], 'rb').each do |str|
 					if(res.body.index(str))
 						emesg = str
 						break
@@ -121,7 +121,7 @@ def run_host(ip)
 		dm = datastore['NoDetailMessages']
 
 		queue = []
-		File.open(datastore['DICTIONARY']).each_line do |testd|
+		File.open(datastore['DICTIONARY'], 'rb').each_line do |testd|
 			queue << testd.strip + '/'
 		end
 

modules/auxiliary/scanner/http/dir_webdav_unicode_bypass.rb

@@ -98,7 +98,7 @@ def run_host(ip)
 			# Look for a string we can signature on as well
 			if(tcode >= 200 and tcode <= 299)
 
-				File.open(datastore['HTTP404S']).each do |str|
+				File.open(datastore['HTTP404S'], 'rb').each do |str|
 					if(res.body.index(str))
 						emesg = str
 						break
@@ -126,7 +126,7 @@ def run_host(ip)
 
 		webdav_req = %q|<?xml version="1.0" encoding="utf-8"?><propfind xmlns="DAV:"><prop><getcontentlength xmlns="DAV:"/><getlastmodified xmlns="DAV:"/><executable xmlns="http://apache.org/dav/props/"/><resourcetype xmlns="DAV:"/><checked-in xmlns="DAV:"/><checked-out xmlns="DAV:"/></prop></propfind>|
 
-		File.open(datastore['DICTIONARY']).each do |testf|
+		File.open(datastore['DICTIONARY'], 'rb').each do |testf|
 			begin
 				testfdir = testf.chomp + '/'
 				res = send_request_cgi({

modules/auxiliary/scanner/http/enum_delicious.rb

@@ -77,7 +77,7 @@ def write_output(data)
 			print_status("OUTFILE did not exist, creating..")
 		end
 
-		File.open(file_name, 'a') do |fd|
+		File.open(file_name, 'ab') do |fd|
 			fd.write(data)
 		end
 

modules/auxiliary/scanner/http/enum_wayback.rb

@@ -69,7 +69,7 @@ def write_output(data)
 			print_status("OUTFILE did not exist, creating..")
 		end
 
-		File.open(file_name, 'a') do |fd|
+		File.open(file_name, 'ab') do |fd|
 			fd.write(data)
 		end
 

modules/auxiliary/scanner/http/files_dir.rb

@@ -69,7 +69,7 @@ def run_host(ip)
 
 		queue = []
 
-		File.open(datastore['DICTIONARY']).each do |testf|
+		File.open(datastore['DICTIONARY'], 'rb').each do |testf|
 			queue << testf.strip
 		end
 
@@ -92,7 +92,7 @@ def run_host(ip)
 
 			# Look for a string we can signature on as well
 			if(tcode >= 200 and tcode <= 299)
-				File.open(datastore['HTTP404Sigs']).each do |str|
+				File.open(datastore['HTTP404Sigs'], 'rb').each do |str|
 					if(res.body.index(str))
 						emesg = str
 						break

modules/auxiliary/scanner/http/nginx_source_disclosure.rb

@@ -17,34 +17,32 @@ class Metasploit3 < Msf::Auxiliary
 	include Msf::Auxiliary::Report
 	include Msf::Auxiliary::Scanner
 
-
 	def initialize
-
 		super(
 			'Name'           => 'Nginx Source Code Disclosure/Download',
 			'Version'        => '$Revision$',
-			'Description'    => 'This module exploits a nginx source code disclosure/download vulnerability.',
+			'Description'    => %q{
+					This module exploits a source code disclosure/download vulnerability in
+				versions of the nginx web server between 0.7.56 and 0.8.40 (inclusive).
+			}
 			'References'     =>
 				[
-					['CVE', '2010-2263'],
-					['OSVDB', '65531'],
-					['BID', '40760'],
+					[ 'CVE', '2010-2263' ],
+					[ 'OSVDB', '65531' ],
+					[ 'BID', '40760' ]
 				],
 			'Author'         =>
 				[
 					'Alligator Security Team',
 					'Tiago Ferreira <tiago.ccna[at]gmail.com>',
 				],
-			'License'        =>  MSF_LICENSE
-		)
+			'License'        =>  MSF_LICENSE)
 
 		register_options(
 			[
-				Opt::RPORT(80),
 				OptString.new('URI', [true, 'Specify the path to download the file (ex: admin.php)', '/admin.php']),
 				OptString.new('PATH_SAVE', [true, 'The path to save the downloaded source code', '']),
 			], self.class)
-
 	end
 
 	def target_url
@@ -113,4 +111,3 @@ def run_host(ip)
 	end
 
 end
-

modules/auxiliary/scanner/http/replace_ext.rb

@@ -100,7 +100,7 @@ def run_host(ip)
 				# Look for a string we can signature on as well
 				if(tcode >= 200 and tcode <= 299)
 
-					File.open(datastore['HTTP404Sigs']).each do |str|
+					File.open(datastore['HTTP404Sigs'], 'rb').each do |str|
 						if(res.body.index(str))
 							emesg = str
 							break

modules/auxiliary/scanner/http/svn_scanner.rb

@@ -81,7 +81,7 @@ def run_host(target_host)
 			# Look for a string we can signature on as well
 			if(tcode >= 200 and tcode <= 299)
 
-				File.open(datastore['HTTP404Sigs']).each do |str|
+				File.open(datastore['HTTP404Sigs'], 'rb').each do |str|
 					if(res.body.index(str))
 						emesg = str
 						break

modules/auxiliary/scanner/http/web_vulndb.rb

@@ -65,7 +65,7 @@ def run_host(ip)
 
 		queue = []
 
-		File.open(datastore['VULNCSV']).each do |testf|
+		File.open(datastore['VULNCSV'], 'rb').each do |testf|
 			queue << testf.strip
 		end
 
@@ -88,7 +88,7 @@ def run_host(ip)
 
 			# Look for a string we can signature on as well
 			if(tcode >= 200 and tcode <= 299)
-				File.open(datastore['HTTP404Sigs']).each do |str|
+				File.open(datastore['HTTP404Sigs'], 'rb').each do |str|
 					if(res.body.index(str))
 						emesg = str
 						break

modules/auxiliary/scanner/ip/ipidseq.rb

@@ -99,7 +99,7 @@ def run_host(ip)
 		return if ipids.empty?
 
 		print_status("#{ip}'s IPID sequence class: #{analyze(ipids)}")
-		
+
 		#Add Report
 		report_note(
 			:host	=> ip,
@@ -223,4 +223,3 @@ def probereply(pcap, to)
 	end
 
 end
-