From 1e374403ec0a5ca12c6b892320416d1650bf06bf Mon Sep 17 00:00:00 2001
From: h00die <michaeltcyr@gmail.com>
Date: Tue, 19 Dec 2023 19:01:45 -0500
Subject: [PATCH] better check for vmon

---
 .../linux/local/vcenter_java_wrapper_vmon_priv_esc.rb        | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/modules/exploits/linux/local/vcenter_java_wrapper_vmon_priv_esc.rb b/modules/exploits/linux/local/vcenter_java_wrapper_vmon_priv_esc.rb
index 0fdbe9e2d914..16af26849f91 100644
--- a/modules/exploits/linux/local/vcenter_java_wrapper_vmon_priv_esc.rb
+++ b/modules/exploits/linux/local/vcenter_java_wrapper_vmon_priv_esc.rb
@@ -72,8 +72,11 @@ def java_wrapper_vmon
   end
 
   def check
+    return CheckCode::Safe("#{java_wrapper_vmon} not found on system") unless file?(java_wrapper_vmon)
+    return CheckCode::Safe("#{java_wrapper_vmon} not writable") unless writable?(java_wrapper_vmon)
+
     group_owner = cmd_exec("stat -c \"%G\" \"#{java_wrapper_vmon}\"")
-    if writable?(java_wrapper_vmon) && group_owner == 'cis'
+    if group_owner == 'cis'
       return CheckCode::Appears("#{java_wrapper_vmon} is writable and owned by cis group")
     end