Add suggestions from code review

rapid7 · Nov 11, 2020 · ce7031e · ce7031e
1 parent e7a20ec
commit ce7031e
Showing 1 changed file with 5 additions and 6 deletions.
diff --git a/modules/exploits/multi/http/horizontcms_upload_exec.rb b/modules/exploits/multi/http/horizontcms_upload_exec.rb
@@ -119,15 +119,14 @@ def check
     @csrf_token = html.at('meta[@name="csrf-token"]')['content']
 
     # obtain version
-    version = res.body.scan(/Version: (.*?)\n/).flatten.first
+    /Version: (?<version>.*?)\n/ =~ res.body
 
-    if version.blank?
+    unless version
       return CheckCode::Detected('Could not determine HorizontCMS version.')
     end
 
     # vulnerable versions all start with 1.0.0 followed by `-beta`, `-alpha` or `-alpha.<number>`
-    version_no = version.split('-')[0]
-    version_status = version.split('-')[1]
+    version_no, version_status = version.split('-')
 
     unless version_no == '1.0.0' && version_status && (version_status.include?('alpha') || version_status.include?('beta'))
       return CheckCode::Safe("Target is HorizontCMS with version #{version}")
@@ -157,7 +156,7 @@ def login
     })
 
     unless res
-      fail_with(Failure::Disconnected, 'Connection failed while trying to authenticate.')
+      fail_with(Failure::Unreachable, 'Connection failed while trying to authenticate.')
     end
 
     unless res.code == 302 && res.body.include?('Redirecting to')
@@ -175,7 +174,7 @@ def login
     })
 
     unless res
-      fail_with(Failure::Disconnected, 'Connection failed while trying to authenticate.')
+      fail_with(Failure::Unreachable, 'Connection failed while trying to authenticate.')
     end
 
     unless res.code == 200 && res.body.include?('Dashboard - HorizontCMS')