Clarification on --now Behavior in systemctl SUID Exploit

After the malicious service has been linked, it is started using `--now` during enabling (./systemctl enable --now $TF). However, in some cases, --now does not immediately start the service, requiring a manual start with:

```
./systemctl start $TF
```

While this is a trivial issue, explicitly mentioning it in the GTFOBins entry would make the exploit steps clearer and avoid confusion.