Add in additional information about testing on Docker

documentation/modules/auxiliary/scanner/http/icinga_static_library_file_directory_traversal.md

@@ -1,16 +1,15 @@
-
 ## Vulnerable Application
 
 Icingaweb versions from 2.9.0 to 2.9.5 inclusive, and 2.8.0 to 2.8.5 inclusive suffer from an
 unauthenticated directory traversal vulnerability. The vulnerability is triggered
-through the icinga-php-thirdparty library, which allows unauthenticated users 
+through the icinga-php-thirdparty library, which allows unauthenticated users
 to retrieve arbitrary files from the targets filesystem via a GET request to
 `/lib/icinga/icinga-php-thirdparty/<absolute path to target file on disk>` as the user
 running the Icingaweb server, which will typically be the `www-data` user.
 
 This can then be used to retrieve sensitive configuration information from the target
 such as the configuration of various services, which may reveal sensitive login or configuration information,
-the `/etc/passwd` file to get a list of valid usernames for password guessing attacks, or other sensitive files 
+the `/etc/passwd` file to get a list of valid usernames for password guessing attacks, or other sensitive files
 which may exist as part of additional functionality available on the target server.
 
 This module was tested against Icingaweb 2.9.5 running on Docker.
@@ -30,10 +29,12 @@ Browse to port 8080 to confirm the site loads. No need to configure.
 2. Start msfconsole
 3. Do: `use auxiliary/scanner/http/icinga_static_library_file_directory_traversal`
 4. Do: `set rhosts [ip]`
-5. Do: `set file [file]`
+5. Do: `set file [file]`. On Docker use `/etc/passwd` for testing purposes.
 6. Do: `run`
 7. You should be able to retrieve a file
 
+## Options
+
 ## Scenarios
 
 ### Icingaweb 2.9.5 on Ubuntu 22.04 running on Docker