Adds check for ndsudo binary

msutovsky-r7 · msutovsky-r7 · commit e23feb0faf5a · 2025-08-20T12:49:38.000+02:00
diff --git a/modules/exploits/linux/local/ndsudo_cve_2024_32019.rb b/modules/exploits/linux/local/ndsudo_cve_2024_32019.rb
@@ -53,7 +53,9 @@ def initialize(info = {})
 
   def check
     # could not find reasonable way to get version
-    CheckCode::Safe('Vulnerable binary not detected, check NdsudoPath option') unless file?(datastore['NdsudoPath'])
+    return CheckCode::Safe('Vulnerable binary not detected, check NdsudoPath option') unless file?(datastore['NdsudoPath']) && executable?(datastore['NdsudoPath'])
+    return CheckCode::Unknown('Failed to run vulnerable binary, either binary is not ndsudo or user does not have right to execute ndsudo') unless cmd_exec(datastore['NdsudoPath']) == 'at least 2 parameters are needed, but 1 were given.'
+
     CheckCode::Appears('Vulnerable binary detected')
   end
 
