Showing 15,831 of 21,886 total issues
Method brute_exploit
has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def brute_exploit(brute_target)
if not @aixpayload
datastore['AIX'] = target['AIX']
@aixpayload = regenerate_payload.encoded
Method login
has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def login
cookie_jar.clear
print_status('Grabbing CSRF')
res = send_request_cgi(
Method initialize
has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info={})
super(merge_info(info,
'Name' => 'Microsoft Windows Defender Evasive JS.Net and HTA',
'Description' => %q{
This module will generate an HTA file that writes and compiles a JScript.NET file
Method execute_command
has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def execute_command(cmd, _opts = {})
# get token
res = send_request_cgi(
'uri' => normalize_uri(target_uri.path, 'admin', 'list.php'),
'keep_cookies' => true,
Method initialize
has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(update_info(info,
'Name' => 'CTEK SkyRouter 4200 and 4300 Command Execution',
'Description' => %q{
This module exploits an unauthenticated remote root exploit within ctek SkyRouter 4200 and 4300.
Method trigger_payload
has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def trigger_payload(jsid, csrf_token, cookie_string)
return nil unless jsid && csrf_token
runshellscript_url = normalize_uri(target_uri.path, 'en-US', 'splunkd', '__raw', 'servicesNS', datastore['USERNAME'], 'search', 'search', 'jobs')
runshellscript_data = {
Method cmd_shell
has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def cmd_shell(config_uri, cookie)
command = payload.encoded
inject = '|' + "#{command}" + ' ||'
clean_inject = CGI.unescapeHTML(inject.to_s)
Method do_login
has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def do_login
change_password
print_status("#{rhost}:22 - Attempt to start a SSH connection...")
opts = ssh_client_defaults.merge({
auth_methods: ['password', 'keyboard-interactive'],
Method sqli
has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def sqli(tableprefix, option)
# SQLi will grab Super User or Administrator sessions with a valid username and userid (else they are not logged in).
# The extra search for userid!=0 is because of our SQL data that's inserted in the session cookie history.
# This way we make sure that's excluded and we only get real Administrator or Super User sessions.
if option == 'check'
Method initialize
has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(update_info(
info,
'Name' => 'WordPress Asset-Manager PHP File Upload Vulnerability',
'Description' => %q(
Method exploit
has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def exploit
php_pagename = rand_text_alpha(8 + rand(8)) + '.php'
data = Rex::MIME::Message.new
data.add_part('upload', nil, nil, 'form-data; name="action"')
Method initialize
has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(update_info(
info,
'Name' => 'WordPress WP-Property PHP File Upload Vulnerability',
'Description' => %q(
Method initialize
has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(update_info(
info,
'Name' => 'Wordpress Front-end Editor File Upload',
'Description' => %q{
Method initialize
has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(update_info(info,
'Name' => 'Squash YAML Code Execution',
'Description' => %q{
This module exploits a remote code execution vulnerability in the
Method check
has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def check
res = send_request_cgi(
'uri' => normalize_uri(target_uri.path, 'index.php'),
'method' => 'GET'
)
Method initialize
has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(update_info(info,
'Name' => 'Wordpress InBoundio Marketing PHP Upload Vulnerability',
'Description' => %q{
This module exploits an arbitrary file upload in the WordPress InBoundio Marketing version
Method exploit
has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def exploit
print_status("Authenticating...")
res = send_request_auth
if res && res.code == 302
Method exploit
has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def exploit
connect
rnd_port = rand(1024) + 1
buf = "net.tcp.listen[#{rnd_port}';#{payload.encoded};']\n"
Method trigger_urlclassloader
has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def trigger_urlclassloader
# Here we construct a XSLT transform to load a Java payload via URLClassLoader.
url = get_uri
vars = Rex::RandomIdentifier::Generator.new({ language: :java })
Method execute_command
has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def execute_command(cmd, _opts = {})
case target['Type']
when :windows_dropper, :windows_command
cmd = "cmd /c #{cmd}"
when :unix_cmd, :linux_dropper