Showing 15,831 of 21,886 total issues
Method on_request_uri
has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def on_request_uri(cli, request)
print_status("handling request for #{request.uri}")
case request.uri
when /\.jar$/i
Method execute_command
has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def execute_command(cmd, opts = {})
target = select_target
case target['Platform']
when 'linux'
cmd = Rex::Text.to_hex(cmd, '')
Method initialize
has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(update_info(info,
'Name' => 'Watchguard XCS FixCorruptMail Local Privilege Escalation',
'Description' => %q{
This module exploits a vulnerability in the Watchguard XCS 'FixCorruptMail' script called
Method exploit
has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def exploit
# New installations use a randomly generated suffix like "lyris629dAe536F"
pass = nil
Method authenticate
has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def authenticate(username, password)
res = send_request_cgi(
'uri' => '/admin_loginok.html',
'method' => 'POST',
'vars_post' => {
Method exploit
has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def exploit
if is_system?
fail_with(Failure::None, 'Session is already elevated')
end
Method get_directories
has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def get_directories(payload_filepath, targetedDirectories)
directoryNames = []
findFileDataSize = 592
maxPath = client.railgun.const('MAX_PATH')
fileNamePadding = 44
Method exploit
has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def exploit
page = rand_text_alpha_upper(rand(10) + 1) + ".jsp"
dbl = Rex::MIME::Message.new
Method fingerprint
has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def fingerprint
res = download_log(rand_text_alphanumeric(12) + '.txt')
return if not res
Method trigger_urlclassloader
has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def trigger_urlclassloader
# Here we construct a XSLT transform to load a Java payload via URLClassLoader.
url = get_uri
vars = Rex::RandomIdentifier::Generator.new({ language: :java })
Method exploit
has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def exploit
page = Rex::Text.rand_text_alpha_upper(8) + ".jsp"
fname = '../../../../../../../Progra~1/Novell/Tomcat/webapps/ROOT/'
Method check
has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def check
my_target = auto_target
token = auth(my_target)
# If we dont have a cookie that means authentication bypass issue has been patched on target system.
if token.nil?
Method generate_shares
has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def generate_shares(path)
share_name = @share_name
%Q|
<D:response xmlns:lp1="DAV:" xmlns:lp2="http://apache.org/dav/props/">
<D:href>#{path}#{share_name}/</D:href>
Method retrieve_original_settings
has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def retrieve_original_settings
res = send_request_cgi(
{
'uri' => normalize_uri(target_uri.path, 'api', 'json', 'admin', 'getServerSettings'),
'method' => 'POST',
Method check
has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def check
res = send_request_cgi({
'uri' => normalize_uri(target_uri.path, 'Telerik.Web.UI.WebResource.axd'),
'vars_get' => { 'type' => 'rau' }
})
Method exploit
has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def exploit
# Get the sessionID and siLockLongTermInstID
print_status('[01/11] Get the sessionID and siLockLongTermInstID')
populate_token_instid
# Allow Remote Access and Create new sysAd
Method generate_shares
has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def generate_shares(path)
share_name = @share_name
%Q|
<D:response xmlns:lp1="DAV:" xmlns:lp2="http://apache.org/dav/props/">
<D:href>#{path}#{share_name}/</D:href>
Method process_get
has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def process_get(cli, request)
myhost = (datastore['SRVHOST'] == '0.0.0.0') ? Rex::Socket.source_address(cli.peerhost) : datastore['SRVHOST']
webdav = "\\\\#{myhost}\\"
Method generate_shares
has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def generate_shares(path)
share_name = datastore['SHARENAME']
%Q|
<D:response xmlns:lp1="DAV:" xmlns:lp2="http://apache.org/dav/props/">
<D:href>#{path}#{share_name}/</D:href>
Method build_properties_class
has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def build_properties_class
# Create the object
object = Rex::Java::Serialization::Model::NewObject.new
object.class_desc = Rex::Java::Serialization::Model::ClassDesc.new