Showing 15,831 of 21,886 total issues
Method exec_function?
has 26 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def exec_function?(func_name)
query = "SELECT exec_#{func_name}('#{payload.encoded.gsub("'", "''")}')"
select_query = postgres_query(query)
case select_query.keys[0]
Method execute_command
has 26 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def execute_command(thread_id, cmd)
size = @vars["objectid_size"]
# 1. Creates a string on target VM with the command to be executed
cmd_obj_ids = create_string(cmd)
Method exploit
has 26 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def exploit
sploit = template
# Replace our placeholder string with a random one
sploit.sub!(PLACEHOLDER_STRING, Rex::Text.rand_text_alphanumeric(8..42))
Method manifest
has 26 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def manifest
%(<?xml version="1.0" encoding="utf-8"?>
<PackageManifest Version="2.0.0" xmlns="http://schemas.microsoft.com/developer/vsx-schema/2011" xmlns:d="http://schemas.microsoft.com/developer/vsx-schema-design/2011">
<Metadata>
<Identity Language="en-US" Id="extension-name-fillmein" Version="#{version}" Publisher="#{Rex::Text.rand_text_alpha(10)}" />
Method initialize
has 26 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(update_info(
info,
'Name' => 'FTP JCL Execution',
'Description' => %q{(Submit JCL to z/OS via FTP and SITE FILE=JES.
Method determine_version
has 26 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def determine_version
xml_payload = %(
<?xml version="1.0" encoding="UTF-8"?>
<methodCall>
<methodName>buildAgent.getVersion</methodName>
Method upload
has 26 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def upload(filename)
select(nil, nil, nil, 1)
peer = "#{rhost}:#{rport}"
print_status("Trying to upload #{::File.basename(filename)}")
Method check
has 26 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def check
# The first request should have no reply
csock = Rex::Socket::Tcp.create(
'PeerHost' => datastore['RHOST'],
Method add_printer
has 26 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def add_printer(driver_name)
fail_with(Failure::NotFound, 'Printer driver script not found') unless file?(@script_path)
dll_data = generate_payload_dll
dll_path = "#{@driver_path}\\CNMurGE.dll"
Method write_script_to_target
has 26 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def write_script_to_target(vbs, name)
filename = name || Rex::Text.rand_text_alpha((rand(8) + 6)) + ".vbs"
temppath = datastore['PATH'] || session.sys.config.getenv('TEMP')
filepath = temppath + "\\" + filename
Method initialize
has 26 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(
update_info(
info,
'Name' => 'Windows Escalate UAC Protection Bypass (ScriptHost Vulnerability)',
Method exploit
has 26 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def exploit
return unless check == Msf::Exploit::CheckCode::Vulnerable
msi_filename = Rex::Text.rand_text_alpha((rand(8)+6)) + ".msi"
Method undeploy_war
has 26 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def undeploy_war
war_name = war_payload.name
handle = 'com.bea.console.handles.JMXHandle("com.bea:Name=oats,Type=Domain")'
contents = %Q|com.bea.console.handles.AppDeploymentHandle("com.bea:Name=#{war_name},Type=AppDeployment")|
res = send_request_cgi({
Method ps_wmi_exec
has 26 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def ps_wmi_exec(opts = {})
ps_wrapper = <<EOS
Function New-RemoteProcess {
Param([string]$rhost,[string]$cmd,[string]$login,[string]$pass)
Method exploit
has 26 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def exploit
if (payload.encoded.length > payload_space)
fail_with(Failure::Unknown, "Insufficient space for payload, try using a staged, ORD and/or shell payload.")
end
Method generate
has 26 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def self.generate
from_values([
Types::RecordValues::SerializationHeaderRecord.new(root_id: 1, header_id: -1),
Types::RecordValues::SystemClassWithMembersAndTypes.from_member_values(
class_info: Types::General::ClassInfo.new(
Method check
has 26 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def check
res = send_request_cgi({
'method' => 'GET',
'uri' => normalize_uri(target_uri.path)
})
Method exploit
has 26 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def exploit
peer = "#{rhost}:#{rport}"
p = "<?php #{payload.encoded} ?>"
hex_payload = p.unpack("H*")[0]
php_fname = Rex::Text.rand_text_alpha(5) + ".php"
Method check_repos
has 26 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def check_repos
begin
res = send_request_cgi({
'uri' => '/rest/repository/',
'method' => 'GET',
Method initialize
has 26 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(update_info(info,
'Name' => 'ManageEngine Exchange Reporter Plus Unauthenticated RCE',
'Description' => %q{
This module exploits a remote code execution vulnerability that