Sign upLogin

rapid7/metasploit-framework

View on GitHub
Star

Showing 15,831 of 21,886 total issues

Method initialize has 27 lines of code (exceeds 25 allowed). Consider refactoring.
Open

  def initialize(info = {})
    super(update_info(info,
      'Name'           => 'Symantec AppStream LaunchObj ActiveX Control Arbitrary File Download and Execute',
      'Description'    => %q{
          This module exploits a vulnerability in Symantec AppStream Client 5.x. The vulnerability
Severity: Minor
Found in modules/exploits/windows/browser/symantec_appstream_unsafe.rb - About 1 hr to fix

    Method on_request_uri has 27 lines of code (exceeds 25 allowed). Consider refactoring.
    Open

      def on_request_uri(cli, request)
    return if ((p = regenerate_payload(cli)) == nil)

    print_status("Sending #{self.name}")
    Severity: Minor
    Found in modules/exploits/windows/browser/ms06_067_keyframe.rb - About 1 hr to fix

      Method generate_shares has 27 lines of code (exceeds 25 allowed). Consider refactoring.
      Open

        def generate_shares(path)
    share_name = @share_name
%Q|
<D:response xmlns:lp1="DAV:" xmlns:lp2="http://apache.org/dav/props/">
<D:href>#{path}#{share_name}/</D:href>
      Severity: Minor
      Found in modules/exploits/windows/browser/ubisoft_uplay_cmd_exec.rb - About 1 hr to fix

        Method process_get has 27 lines of code (exceeds 25 allowed). Consider refactoring.
        Open

          def process_get(cli, request)
    myhost = (datastore['SRVHOST'] == '0.0.0.0') ? Rex::Socket.source_address(cli.peerhost) : datastore['SRVHOST']
    webdav = "\\\\#{myhost}\\"

    if blacklisted_path?(request.uri)
        Severity: Minor
        Found in modules/exploits/windows/browser/ubisoft_uplay_cmd_exec.rb - About 1 hr to fix

          Method exploit has 27 lines of code (exceeds 25 allowed). Consider refactoring.
          Open

            def exploit
    template = [
      "[Content_Types].xml",
      "_rels/.rels",
      "docProps/thumbnail.jpeg",
          Severity: Minor
          Found in modules/exploits/windows/fileformat/corelpdf_fusion_bof.rb - About 1 hr to fix

            Method on_file_read has 27 lines of code (exceeds 25 allowed). Consider refactoring.
            Open

              def on_file_read(fname, file)
    f = open(file, 'rb')
    buf = f.read
    f.close
            Severity: Minor
            Found in modules/exploits/windows/fileformat/ms12_005.rb - About 1 hr to fix

              Method make_ttf has 27 lines of code (exceeds 25 allowed). Consider refactoring.
              Open

                def make_ttf
    ttf_data = ""

    # load the static ttf file
              Severity: Minor
              Found in modules/exploits/windows/fileformat/adobe_cooltype_sing.rb - About 1 hr to fix

                Method exploit has 27 lines of code (exceeds 25 allowed). Consider refactoring.
                Open

                  def exploit

    template = %Q|<?xml version="1.0" encoding="UTF-8"?>
<playlist version="1" xmlns="http://xspf.org/ns/0/" xmlns:vlc="http://www.videolan.org/vlc/playlist/ns/0/">
<title>Playlist</title>
                Severity: Minor
                Found in modules/exploits/windows/fileformat/vlc_smb_uri.rb - About 1 hr to fix

                  Method exploit has 27 lines of code (exceeds 25 allowed). Consider refactoring.
                  Open

                    def exploit

    peer = "#{rhost}:#{rport}"

    # Setup the necessary files to do the wbemexec trick
                  Severity: Minor
                  Found in modules/exploits/windows/misc/bigant_server_dupf_upload.rb - About 1 hr to fix

                    Method generate_shares has 27 lines of code (exceeds 25 allowed). Consider refactoring.
                    Open

                      def generate_shares(path)
    share_name = datastore['SHARENAME']
%Q|
<D:response xmlns:lp1="DAV:" xmlns:lp2="http://apache.org/dav/props/">
<D:href>#{path}#{share_name}/</D:href>
                    Severity: Minor
                    Found in modules/exploits/windows/misc/vmhgfs_webdav_dll_sideload.rb - About 1 hr to fix

                      Method exploit has 27 lines of code (exceeds 25 allowed). Consider refactoring.
                      Open

                        def exploit
    if !datastore['ForceExploit'] && is_root?
      fail_with(Failure::BadConfig, 'Session already has root privileges. Set ForceExploit to override.')
    end
                      Severity: Minor
                      Found in modules/exploits/linux/local/vcenter_java_wrapper_vmon_priv_esc.rb - About 1 hr to fix

                        Method exploit has 27 lines of code (exceeds 25 allowed). Consider refactoring.
                        Open

                          def exploit
    if !datastore['ForceExploit'] && is_root?
      fail_with(Failure::BadConfig, 'Session already has root privileges. Set ForceExploit to override.')
    end
                        Severity: Minor
                        Found in modules/exploits/linux/local/rds_rds_page_copy_user_priv_esc.rb - About 1 hr to fix

                          Method exploit has 27 lines of code (exceeds 25 allowed). Consider refactoring.
                          Open

                            def exploit
    if !datastore['ForceExploit'] && is_root?
      fail_with(Failure::BadConfig, 'Session already has root privileges. Set ForceExploit to override.')
    end
                          Severity: Minor
                          Found in modules/exploits/linux/local/exim4_deliver_message_priv_esc.rb - About 1 hr to fix

                            Method api_key has 27 lines of code (exceeds 25 allowed). Consider refactoring.
                            Open

                              def api_key
    res = send_request_cgi({
      'method' => 'GET',
      'uri' => normalize_uri(target_uri.path, 'api/'),
      'vars_get' => {
                            Severity: Minor
                            Found in modules/exploits/linux/http/panos_op_cmd_exec.rb - About 1 hr to fix

                              Method execute_command has 27 lines of code (exceeds 25 allowed). Consider refactoring.
                              Open

                                def execute_command(cmd, _opts = {})
    # we need to percent encode the entire command.
    # however, the + character cannot be used and percent encoding does not help for it. so we need to change chmod +x with chmod 744
    cmd = CGI.escape(cmd.gsub('chmod +x', 'chmod 744'))
    start_time = rand(20.year.ago..10.year.ago) # this should be a date far enough in the past to make sure we capture all possible data
                              Severity: Minor
                              Found in modules/exploits/linux/http/opentsdb_key_cmd_injection.rb - About 1 hr to fix

                                Method check has 27 lines of code (exceeds 25 allowed). Consider refactoring.
                                Open

                                  def check
    # For this exploit to work, we need to check two services:
    # * HTTP - To create the backdoor account for SSH
    # * SSH  - To execute our payload
                                Severity: Minor
                                Found in modules/exploits/linux/http/cisco_firepower_useradd.rb - About 1 hr to fix

                                  Method add_device has 27 lines of code (exceeds 25 allowed). Consider refactoring.
                                  Open

                                    def add_device(cookies)
    add_uri = normalize_uri(target_uri.path, 'addhost')
    @hostname = Rex::Text.rand_text_alpha(6...12)
    comm_payload = "'; #{payload.encoded}#'"
                                  Severity: Minor
                                  Found in modules/exploits/linux/http/librenms_addhost_cmd_inject.rb - About 1 hr to fix

                                    Method initialize has 27 lines of code (exceeds 25 allowed). Consider refactoring.
                                    Open

                                      def initialize(info = {})
    super(update_info(info,
      'Name'           => 'Apache Continuum Arbitrary Command Execution',
      'Description'    => %q{
        This module exploits a command injection in Apache Continuum <= 1.4.2.
                                    Severity: Minor
                                    Found in modules/exploits/linux/http/apache_continuum_cmd_exec.rb - About 1 hr to fix

                                      Method exploit has 27 lines of code (exceeds 25 allowed). Consider refactoring.
                                      Open

                                        def exploit

    cookie = auth
    csrf_token = get_csrf_token(cookie)
                                      Severity: Minor
                                      Found in modules/exploits/linux/http/symantec_messaging_gateway_exec.rb - About 1 hr to fix

                                        Method execute_command has 27 lines of code (exceeds 25 allowed). Consider refactoring.
                                        Open

                                          def execute_command
    case target.name
    when 'ELASTIC'
      request = {
        'uri' => normalize_uri(target_uri.path, '.kibana_1', '_doc', 'upgrade-assistant-telemetry:upgrade-assistant-telemetry'),
                                        Severity: Minor
                                        Found in modules/exploits/linux/http/kibana_upgrade_assistant_telemetry_rce.rb - About 1 hr to fix
                                          Severity
                                          Category
                                          Status
                                          Source
                                          Language