Land #13899, Ensure sudo password is removed from filesystem after use

post/multi/manage/sudo: Use `register_file_for_cleanup` to ensure the clear
text sudo password is removed from the temporary file created in `/tmp/`.

modules/post/multi/manage/sudo.rb

@@ -7,6 +7,7 @@ class MetasploitModule < Msf::Post
   include Msf::Post::File
   include Msf::Post::Linux::Priv
   include Msf::Post::Linux::System
+  include Msf::Exploit::FileDropper
 
 
   def initialize(info={})
@@ -97,11 +98,14 @@ def askpass_sudo(password)
         # Generally will be much snappier over ssh.
         # Need to timeout in case there's a blocking prompt after all
         ::Timeout.timeout(120) do
+          # Create the shell script that will pass the password to sudo
           vprint_status "Writing the SUDO_ASKPASS script: #{askpass_sh}"
           write_file(askpass_sh, "#!/bin/sh\necho '#{password}'\n")
+          register_file_for_cleanup(askpass_sh)
           vprint_status "Setting executable bit."
           cmd_exec("chmod +x #{askpass_sh}")
           vprint_status "Setting environment variable."
+
           # Bruteforce the set command. At least one should work.
           cmd_exec("setenv SUDO_ASKPASS #{askpass_sh}")
           cmd_exec("export SUDO_ASKPASS=#{askpass_sh}")
@@ -113,18 +117,6 @@ def askpass_sudo(password)
       rescue
         print_error "SUDO: Sudo with a password failed. Check the session log."
       end
-      # askpass_cleanup(askpass_sh)
-    end
-  end
-
-  def askpass_cleanup(askpass_sh)
-    begin
-      ::Timeout.timeout(20) do
-        vprint_status "Deleting the SUDO_ASKPASS script."
-        cmd_exec("rm #{askpass_sh}")
-      end
-    rescue ::Timeout::Error
-      print_error "Timed out during sudo cleanup."
     end
   end
 end