Finish documentation, adds description and notes

Author: msutovsky-r7

documentation/modules/exploit/linux/local/ndsudo_cve_2024_32019.md

@@ -1,8 +1,6 @@
 ## Vulnerable Application
 
-Instructions to get the vulnerable application. If applicable, include links to the vulnerable install
-files, as well as instructions on installing/configuring the environment if it is different than a
-standard install. Much of this will come from the PR, and can be copy/pasted.
+The `ndsudo` is a tool shipped with Netdata Agent. The version v1.45.0 and below contain vulnerability, which allows an attacker to gain privilege escalation using `ndsudo` binary. The vulnerability is untrusted search path, when searching for additional binary files, such as `nvme`. An attacker can create malicious binary with same name and add the directory of this binary into `$PATH` variable. The `ndsudo` will trust the first occurence of this binary and execute it.
 
 Installation steps:
 
@@ -11,16 +9,17 @@ Installation steps:
 1. `gunzip netdata-latest.tar.gz`
 1. `tar -xf netdata-latest.tar`
 1. `cd netdata-v1.45.0-8-g5803c7766/`
-1. `sudo `
+1. `sudo ./netdata-installer.sh`
 
 ## Verification Steps
-Example steps in this format (is also in the PR):
 
 1. Install the application
 1. Start msfconsole
-1. Do: `use [module path]`
+1. Receive a session
+1. Do: `use exploit/linux/local/ndsudo_cve_2024_32019`
+1. Do: `set session [session number]`
 1. Do: `run`
-1. You should get a shell.
+1. Get root shell/meterpreter session
 
 ## Options
 
@@ -36,7 +35,6 @@ A path to `ndsudo` binary.
 
 ## Scenarios
 
-
 ```
 msf exploit(linux/local/ndsudo_cve_2024_32019) > run verbose=true
 [*] Started reverse TCP handler on 192.168.3.7:4444

modules/exploits/linux/local/ndsudo_cve_2024_32019.rb

@@ -19,16 +19,11 @@ def initialize(info = {})
     super(
       update_info(
         info,
-        # The Name should be just like the line of a Git commit - software name,
-        # vuln type, class. Preferably apply
-        # some search optimization so people can actually find the module.
-        # We encourage consistency between module name and file name.
         'Name' => 'Netdata ndsudo privilege escalation',
         'Description' => %q{
-          TODO
+          The `ndsudo` is a tool shipped with Netdata Agent. The version v1.45.0 and below contain vulnerability, which allows an attacker to gain privilege escalation using `ndsudo` binary. The vulnerability is untrusted search path, when searching for additional binary files, such as `nvme`. An attacker can create malicious binary with same name and add the directory of this binary into `$PATH` variable. The `ndsudo` will trust the first occurence of this binary and execute it.
         },
         'License' => MSF_LICENSE,
-
         'Author' => [
           'msutovsky-r7', # msf module
           'mia-0' # security researcher
@@ -44,11 +39,10 @@ def initialize(info = {})
         ],
         'DisclosureDate' => '2024-04-12',
         'DefaultTarget' => 0,
-        # TODO
         'Notes' => {
-          'Stability' => [],
-          'Reliability' => [],
-          'SideEffects' => []
+          'Stability' => [CRASH_SAFE],
+          'Reliability' => [REPEATABLE_SESSION],
+          'SideEffects' => [IOC_IN_LOGS]
         }
       )
     )