Sign upLogin

rapid7/metasploit-framework

View on GitHub
Star

Showing 4,139 of 21,886 total issues

File android.rb has 637 lines of code (exceeds 250 allowed). Consider refactoring.
Open

require 'rex/post/meterpreter'
require 'rex/post/meterpreter/extensions/android/command_ids'
require 'date'

module Rex
Severity: Major
Found in lib/rex/post/meterpreter/ui/console/command_dispatcher/android.rb - About 1 day to fix

    File uds.rb has 636 lines of code (exceeds 250 allowed). Consider refactoring.
    Open

    module Msf
class Post
module Hardware
module Automotive
    Severity: Major
    Found in lib/msf/core/post/hardware/automotive/uds.rb - About 1 day to fix

      Method on_request_uri has 280 lines of code (exceeds 25 allowed). Consider refactoring.
      Open

        def on_request_uri(cli, request)
    print_status("Request from #{request['User-Agent']}")
    if request.uri =~ %r{/loader32$}
      print_good("armle target is vulnerable.")
      local_file = File.join( Msf::Config.data_directory, "exploits", "CVE-2016-4655", "exploit32" )
      Severity: Major
      Found in modules/exploits/apple_ios/browser/webkit_trident.rb - About 1 day to fix

        Class EXE has 74 methods (exceeds 20 allowed). Consider refactoring.
        Open

        class EXE

require 'rex'
require 'rex/peparsey'
require 'rex/pescan'
        Severity: Major
        Found in lib/msf/util/exe.rb - About 1 day to fix

          Class Modules has 74 methods (exceeds 20 allowed). Consider refactoring.
          Open

                  class Modules

          include Msf::Ui::Console::CommandDispatcher
          include Msf::Ui::Console::CommandDispatcher::Common
          Severity: Major
          Found in lib/msf/ui/console/command_dispatcher/modules.rb - About 1 day to fix

            File packet.rb has 624 lines of code (exceeds 250 allowed). Consider refactoring.
            Open

            require 'openssl'
require 'rex/post/meterpreter/command_mapper'

module Rex
module Post
            Severity: Major
            Found in lib/rex/post/meterpreter/packet.rb - About 1 day to fix

              File oraenum.rb has 621 lines of code (exceeds 250 allowed). Consider refactoring.
              Open

              class MetasploitModule < Msf::Auxiliary
  include Msf::Auxiliary::Report
  include Msf::Exploit::ORACLE

  def initialize(info = {})
              Severity: Major
              Found in modules/auxiliary/admin/oracle/oraenum.rb - About 1 day to fix

                Method exploit has 272 lines of code (exceeds 25 allowed). Consider refactoring.
                Open

                  def exploit
    if !datastore['ForceExploit'] && is_root?
      fail_with(Failure::BadConfig, 'Session already has root privileges. Set ForceExploit to override.')
    end
                Severity: Major
                Found in modules/exploits/linux/local/sock_sendpage.rb - About 1 day to fix

                  File whatsupgold_credential_dump.rb has 614 lines of code (exceeds 250 allowed). Consider refactoring.
                  Open

                  require 'metasploit/framework/credential_collection'

class MetasploitModule < Msf::Post
  include Msf::Post::Common
  include Msf::Post::File
                  Severity: Major
                  Found in modules/post/windows/gather/credentials/whatsupgold_credential_dump.rb - About 1 day to fix

                    Method apply_prepends has 267 lines of code (exceeds 25 allowed). Consider refactoring.
                    Open

                      def apply_prepends(buf)
    pre = ''
    app = ''

    test_arch = [ *(self.arch) ]
                    Severity: Major
                    Found in lib/msf/core/payload/linux.rb - About 1 day to fix

                      File dns.rb has 611 lines of code (exceeds 250 allowed). Consider refactoring.
                      Open

                      module Msf
module Ui
module Console
module CommandDispatcher
                      Severity: Major
                      Found in lib/msf/ui/console/command_dispatcher/dns.rb - About 1 day to fix

                        Class Db has 70 methods (exceeds 20 allowed). Consider refactoring.
                        Open

                        class Db

  require 'tempfile'

  include Msf::Ui::Console::CommandDispatcher
                        Severity: Major
                        Found in lib/msf/ui/console/command_dispatcher/db.rb - About 1 day to fix

                          File vim_soap.rb has 597 lines of code (exceeds 250 allowed). Consider refactoring.
                          Open

                          module Msf

module Exploit::Remote::VIMSoap
  include Msf::Exploit::Remote::HttpClient
                          Severity: Major
                          Found in lib/msf/core/exploit/remote/vim_soap.rb - About 1 day to fix

                            File auth_brute.rb has 595 lines of code (exceeds 250 allowed). Consider refactoring.
                            Open

                            module Msf

###
#
# This module provides methods for brute forcing authentication
                            Severity: Major
                            Found in lib/msf/core/auxiliary/auth_brute.rb - About 1 day to fix

                              File utils.rb has 587 lines of code (exceeds 250 allowed). Consider refactoring.
                              Open

                              module Rex::Proto::NTLM
  class Utils

    # duplicate from lib/rex/proto/smb/utils cause we only need this function from Rex::Proto::SMB::Utils
    # Convert a unix timestamp to a 64-bit signed server time
                              Severity: Major
                              Found in lib/rex/proto/ntlm/utils.rb - About 1 day to fix

                                File http_client.rb has 587 lines of code (exceeds 250 allowed). Consider refactoring.
                                Open

                                require 'uri'
require 'digest'

module Msf
                                Severity: Major
                                Found in lib/msf/core/exploit/remote/http_client.rb - About 1 day to fix

                                  Method on_request_uri has 252 lines of code (exceeds 25 allowed). Consider refactoring.
                                  Open

                                    def on_request_uri(cli, request)
    print_status("Sending #{request.uri} to #{request['User-Agent']}")
    escaped_payload = Rex::Text.to_unescape(payload.raw)
    jscript = %Q^
var shellcode = unescape("#{escaped_payload}");
                                  Severity: Major
                                  Found in modules/exploits/multi/browser/chrome_jscreate_sideeffect.rb - About 1 day to fix

                                    File crushftp_rce_cve_2023_43177.rb has 585 lines of code (exceeds 250 allowed). Consider refactoring.
                                    Open

                                    class MetasploitModule < Msf::Exploit::Remote
  Rank = ExcellentRanking

  include Msf::Exploit::Remote::HttpClient
  include Msf::Exploit::FileDropper
                                    Severity: Major
                                    Found in modules/exploits/multi/http/crushftp_rce_cve_2023_43177.rb - About 1 day to fix

                                      Method on_request_uri has 249 lines of code (exceeds 25 allowed). Consider refactoring.
                                      Open

                                        def on_request_uri(cli, request)
    print_status("Sending #{request.uri} to #{request['User-Agent']}")
    download_payload = ''
    shellcode = payload.encoded
    uripath = datastore['URIPATH'] || get_resource
                                      Severity: Major
                                      Found in modules/exploits/multi/browser/chrome_object_create.rb - About 1 day to fix

                                        File cloud_lookup.rb has 580 lines of code (exceeds 250 allowed). Consider refactoring.
                                        Open

                                        require 'public_suffix'

class MetasploitModule < Msf::Auxiliary
  include Msf::Exploit::Remote::DNS::Enumeration
  include Msf::Auxiliary::Report
                                        Severity: Major
                                        Found in modules/auxiliary/gather/cloud_lookup.rb - About 1 day to fix
                                          Severity
                                          Category
                                          Status
                                          Source
                                          Language