Showing 15,831 of 21,886 total issues
Method request_autodiscover
has 26 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def request_autodiscover(server_name)
xmlns = { 'xmlns' => 'http://schemas.microsoft.com/exchange/autodiscover/outlook/responseschema/2006a' }
response = send_xml('POST', "#{server_name}/autodiscover/autodiscover.xml?a=~#{random_ssrf_id}", soap_autodiscover)
Method initialize
has 26 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(update_info(info,
'Name' => 'Mac OS X Safari file:// Redirection Sandbox Escape',
'Description' => %q{
Versions of Safari before 8.0.6, 7.1.6, and 6.2.6 are vulnerable to a
Method initialize
has 26 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info={})
super(update_info(info,
'Name' => "Advantech WebAccess 8.1 Post Authentication Credential Collector",
'Description' => %q{
This module allows you to log into Advantech WebAccess 8.1, and collect all of the credentials.
Method run
has 26 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def run
unless check == Exploit::CheckCode::Vulnerable
print_error 'Check did not pass, exiting.'
return
end
Method exploit_lfi
has 26 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def exploit_lfi(file_path)
album_id, cookies = retrieve_album_id
unless album_id
print_bad('Failed to retrieve the Album Id')
Method on_request_uri
has 26 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def on_request_uri(cli, request)
case request.uri
when /redirect\.php/
print_status("Sending redirect")
send_redirect(cli, "#{datastore['TARGET_URI']}")
Method query_share
has 26 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def query_share(share)
share_path = "\\\\#{rhost}\\#{share}"
vprint_status("Enumerating #{share}...")
begin
Method initialize
has 26 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(update_info(info,
'Name' => 'SSL Labs API Client',
'Description' => %q{
This module is a simple client for the SSL Labs APIs, designed for
Method get_users
has 26 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def get_users
users = []
uri = normalize_uri(target_uri.path, 'credential-store', 'domain', domain)
uri << '/'
Method decrypt
has 26 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def decrypt(encrypted_pass)
uri = normalize_uri(target_uri, 'script')
res = send_request_cgi({
'method' => 'POST',
'uri' => uri,
Method run
has 26 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def run
print_status("Checking MyBB...")
unless check == Exploit::CheckCode::Detected
print_error("MyBB not found")
return
Method initialize
has 26 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize
super(
'Name' => 'JVC/Siemens/Vanderbilt IP-Camera Readfile Password Disclosure',
'Description' => %q{
SIEMENS IP-Camera (CVMS2025-IR + CCMS2025), JVC IP-Camera (VN-T216VPRU),
Method run
has 26 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def run
# Define our instance variables real quick.
@base_dn = nil
@ldap_mspki_enterprise_oids = []
@ldap_groups = []
Method initialize
has 26 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(update_info(info,
'Name' => 'NIS bootparamd Domain Name Disclosure',
'Description' => %q{
This module discloses the NIS domain name from bootparamd.
Method initialize
has 26 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(update_info(info,
'Name' => 'Joomla weblinks-categories Unauthenticated SQL Injection Arbitrary File Read',
'Description' => %q{
Joomla versions 3.2.2 and below are vulnerable to an unauthenticated SQL injection
Method initialize
has 26 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(update_info(info,
'Name' => 'Shodan Honeyscore Client',
'Description' => %q{
This module uses the shodan API to check
Method get_user_info
has 26 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def get_user_info(user_id)
vprint_status("Retrieving user's credentials")
res = send_request_cgi({
'method' => 'GET',
'uri' => normalize_uri(target_uri.path, 'user/fiche.php'),
Method auth_v10
has 26 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def auth_v10
# step 1: get a JSESSIONID cookie and the server Date header
res = send_request_cgi({
'uri' => normalize_uri(target_uri.path, 'fm/'),
'method' => 'GET'
Method initialize
has 26 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(update_info(info,
'Name' => 'Microsoft SQL Server NTLM Stealer',
'Description' => %q{
This module can be used to help capture or relay the LM/NTLM credentials of the
Method initialize
has 26 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(
update_info(
info,
'Name' => 'Microsoft SQL Server Command Execution',