Land rapid7#8118, Updated rails_secret_deserialization to add '-' cookie regex

Author: Brent Cook

modules/exploits/multi/http/rails_secret_deserialization.rb

@@ -235,7 +235,7 @@ def exploit
       'method' => datastore['HTTP_METHOD'],
     }, 25)
     if res && !res.get_cookies.empty?
-      match = res.get_cookies.match(/([._A-Za-z0-9]+)=([A-Za-z0-9%]*)--([0-9A-Fa-f]+);/)
+        match = res.get_cookies.match(/([.-_A-Za-z0-9]+)=([A-Za-z0-9%]*)--([0-9A-Fa-f]+);/)
     end
 
     if match