Showing 15,831 of 21,886 total issues
Method initialize
has 28 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(merge_info(info,
'Name' => 'Unix Command Shell, Bind TCP (via netcat)',
'Description' => 'Listen for a connection and spawn a command shell via netcat',
'Author' =>
Method initialize
has 28 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize
super(
'Name' => 'DNS and DNSSEC Fuzzer',
'Description' => %q{
This module will connect to a DNS server and perform DNS and
Method exploit
has 28 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def exploit
if (target.arch.include? ARCH_CMD)
p = payload.encoded.gsub(/([$"])/) { |_m| "\\#{Regexp.last_match(1)}" }
evil_lua = %{ os.execute("#{p} &") }
else
Method initialize
has 28 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(
merge_info(
info,
'Name' => 'Windows Shell, Reverse TCP (via jjs)',
Method initialize
has 28 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(
update_info(
info,
'Name' => 'Windows Inject Reflective PE Files',
Method initialize
has 28 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(
update_info(
info,
'Name' => 'Windows Inject PE Files',
Method exploit
has 28 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def exploit
cookie_string ||= authenticate
unless cookie_string
fail_with(Failure::NoAccess, 'Authentication failed')
end
Method exploit
has 28 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def exploit
# Upload
@fname = "#{rand_text_alphanumeric(rand(10)+6)}.php"
print_status("Uploading '#{@fname}' (#{payload.encoded.length} bytes)...")
Method trigger_xslt_transform
has 28 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def trigger_xslt_transform(jsid, text_value, cookie_string)
return nil unless jsid && text_value
exploit_endpoint = normalize_uri(target_uri.path, 'en-US', 'api', 'search', 'jobs', jsid, 'results')
exploit_endpoint << "?xsl=/opt/splunk/var/run/splunk/dispatch/#{text_value}/#{datastore['RANDOM_FILENAME']}.xsl"
Method initialize
has 28 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(update_info(
info,
'Name' => 'Maarch LetterBox Unrestricted File Upload',
'Description' => %q{
Method check
has 28 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def check
a = nil
version_paths.each do |u|
vprint_status("Checking #{u}")
Method initialize
has 28 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(update_info(
info,
'Name' => 'WordPress Holding Pattern Theme Arbitrary File Upload',
'Description' => %q{
Method initialize
has 28 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(update_info(info,
'Name' => 'WordPress RevSlider File Upload and Execute Vulnerability',
'Description' => %q{
This module exploits an arbitrary PHP code upload vulnerability in the
Method initialize
has 28 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(update_info(info,
'Name' => 'Mac OS X "tpwn" Privilege Escalation',
'Description' => %q{
This module exploits a null pointer dereference in XNU to escalate
Method initialize
has 28 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(update_info(
info,
'Name' => 'WordPress Plugin Foxypress uploadify.php Arbitrary Code Execution',
'Description' => %q(
Method exploit
has 28 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def exploit
if is_root?
fail_with Failure::BadConfig, 'Session already has root privileges'
end
Method check
has 28 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def check
res = send_request_cgi(
'uri' => normalize_uri(target_uri.path, '/index.php'),
'method' => 'GET'
)
Method choose_target
has 28 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def choose_target
# If the user specified a target, use that one
return self.target unless self.target.name =~ /Automatic/
msearch =
Method exploit
has 28 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def exploit
connect
print_status('Performing handshake with gdbserver...')
handshake
Method exploit
has 28 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def exploit
print_status("Trying to execute arbitrary Java...")
unless vulnerable?
fail_with(Failure::Unknown, "#{peer} - Java has not been executed, aborting...")
end