Showing 15,730 of 21,757 total issues
Method exploit
has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def exploit
php_pagename = rand_text_alpha(8 + rand(8)) + '.php'
data = Rex::MIME::Message.new
data.add_part('upload', nil, nil, 'form-data; name="action"')
Method initialize
has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(update_info(
info,
'Name' => 'WordPress Asset-Manager PHP File Upload Vulnerability',
'Description' => %q(
Method sqli
has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def sqli(tableprefix, option)
# SQLi will grab Super User or Administrator sessions with a valid username and userid (else they are not logged in).
# The extra search for userid!=0 is because of our SQL data that's inserted in the session cookie history.
# This way we make sure that's excluded and we only get real Administrator or Super User sessions.
if option == 'check'
Method initialize
has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(update_info(info,
'Name' => 'Squash YAML Code Execution',
'Description' => %q{
This module exploits a remote code execution vulnerability in the
Method initialize
has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(update_info(info,
'Name' => 'Wordpress InBoundio Marketing PHP Upload Vulnerability',
'Description' => %q{
This module exploits an arbitrary file upload in the WordPress InBoundio Marketing version
Method exploit
has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def exploit
print_status("Authenticating...")
res = send_request_auth
if res && res.code == 302
Method exploit
has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def exploit
connect
rnd_port = rand(1024) + 1
buf = "net.tcp.listen[#{rnd_port}';#{payload.encoded};']\n"
Method check
has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def check
res = send_request_cgi(
'uri' => normalize_uri(target_uri.path, 'index.php'),
'method' => 'GET'
)
Method execute_command
has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def execute_command(cmd, _opts = {})
case target['Type']
when :windows_dropper, :windows_command
cmd = "cmd /c #{cmd}"
when :unix_cmd, :linux_dropper
Method trigger_urlclassloader
has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def trigger_urlclassloader
# Here we construct a XSLT transform to load a Java payload via URLClassLoader.
url = get_uri
vars = Rex::RandomIdentifier::Generator.new({ language: :java })
Method build_request
has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def build_request(v)
xml = ''
elo = Rex::Text.rand_text_alpha(rand(12)+4)
Method send_crafted_request
has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def send_crafted_request(path:, qsl: datastore['MinQSL'], customh_length: 1, cmd: '', allow_retry: true)
uri = Rex::Text.uri_encode(normalize_uri(target_uri.path, path)).gsub(/([?&])/, { '?' => '%3F', '&' => '%26' })
qsl_delta = uri.length - path.length - Rex::Text.uri_encode(target_uri.path).length
if qsl_delta.odd?
fail_with Failure::Unknown, "Got odd qslDelta, that means the URL encoding gone wrong: path=#{path}, qsl_delta=#{qsl_delta}"
Method exploit
has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def exploit
# if we are using the exec CMD stager
# important to check which php functions are disabled
if datastore['CMD']
p = "passthru(\"%s\");" % datastore['CMD']
Method change_username
has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def change_username(curr_uname, new_uname)
@user_id ||= get_user_id(curr_uname)
headers = {
'X-Requested-With' => 'XMLHttpRequest',
Method save_page
has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def save_page(nodeid, userid, pt_id, payload_url, wi_id, session_info)
print_status("Sending request to '#{target_uri.path}/admin/savepage' to save new page at '#{payload_url}'.")
res = send_request_cgi({
'method' => 'POST',
'uri' => normalize_uri(target_uri.path, 'admin', 'savepage'),
Method upload_payload
has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def upload_payload(backdoor_fname, payload_fname)
p = generate_payload_exe(
code: payload.encoded,
platform: @my_target.platform,
arch: @my_target.arch
Method log_in
has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def log_in(username, password)
res = send_request_cgi(
'method' => 'GET',
'uri' => normalize_uri(target_uri.path, 'login'),
'keep_cookies' => true
Method exploit
has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def exploit
@use_public_repo = true
datastore['GIT_USERNAME'] = datastore['USERNAME']
datastore['GIT_PASSWORD'] = datastore['PASSWORD']
Method pick_target
has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def pick_target
return target if target.name != 'Automatic'
print_status("Determining target")
Method exploit
has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def exploit
@username = datastore['USERNAME']
@password = datastore['PASSWORD']
@auth_cookies = ''
p = payload.encoded