favor SecureRandom.bytes over Rex::Text.rand_text_alphanumeric

Co-authored-by: adfoster-r7 <[email protected]>

lib/msf/core/exploit/remote/http_client.rb

@@ -236,7 +236,7 @@ def connect(opts={})
   # @return [Rex::Proto::Http::WebSocket::Interface]
   def connect_ws(opts={}, timeout = 20)
     # As per the spec (RFC6455 Section 11.3.1), a Sec-WebSocket-Key is a 16 byte value that has been Base64 encoded.
-    ws_key = Rex::Text.encode_base64(Rex::Text.rand_text_alphanumeric(16))
+    ws_key = Rex::Text.encode_base64(SecureRandom.bytes(16))
     opts['headers'] = opts.fetch('headers', {}).merge({
       'Connection' => 'Upgrade',
       'Upgrade' => 'WebSocket',