Avoid the code nesting

Takahiro-Yoko · Takahiro-Yoko · commit 6cbb30c91a74 · 2025-01-04T09:11:24.000+09:00
diff --git a/modules/exploits/linux/http/selenium_greed_chrome_rce_cve_2022_28108.rb b/modules/exploits/linux/http/selenium_greed_chrome_rce_cve_2022_28108.rb
@@ -62,25 +62,25 @@ def initialize(info = {})
   end
 
   def check
-    res = send_request_cgi({
+    # Request for Selenium Grid version 3
+    v3res = send_request_cgi({
       'method' => 'GET',
       'uri' => normalize_uri(target_uri.path)
     })
-    if res&.code != 200
-      res = send_request_cgi({
-        'method' => 'GET',
-        'uri' => normalize_uri(target_uri.path, 'status')
-      })
-      if res && res.get_json_document && res.get_json_document.include?('value') &&
-         res.get_json_document['value'].include?('message') &&
-         res.get_json_document['value']['message'].downcase.include?('selenium grid')
-        return Exploit::CheckCode::Detected('Selenium Grid version 4.x detected.')
-      end
+    # Request for Selenium Grid version 4
+    v4res = send_request_cgi({
+      'method' => 'GET',
+      'uri' => normalize_uri(target_uri.path, 'status')
+    })
+    return Exploit::CheckCode::Detected('Selenium Grid version 4.x detected.') if v3res&.code != 200 &&
+                                                                                  v4res && v4res.get_json_document &&
+                                                                                  v4res.get_json_document.include?('value') &&
+                                                                                  v4res.get_json_document['value'].include?('message') &&
+                                                                                  v4res.get_json_document['value']['message'].downcase.include?('selenium grid')
 
-      return Exploit::CheckCode::Unknown
-    end
+    return Exploit::CheckCode::Unknown('Unexpected server reply.') unless v3res&.code == 200
 
-    js_code = res.get_html_document.css('script').find { |script| script.text.match(/var json = Object.freeze\('(.*?)'\);/) }
+    js_code = v3res.get_html_document.css('script').find { |script| script.text.match(/var json = Object.freeze\('(.*?)'\);/) }
     return Exploit::CheckCode::Unknown('Unable to determine the version.') unless js_code
 
     json_str = js_code.text.match(/var json = Object.freeze\('(.*?)'\);/)[1]
