Method exploit has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.

Open

  def exploit
    php_pagename = rand_text_alpha(4 + rand(4)) + '.php'

    # Build the zip
    payload_zip = Rex::Zip::Archive.new

• Read up
  Read up

Method exploit has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.

Open

  def exploit
    if target.name =~ /Windows/
      linemax = datastore['PAYLOAD_SPLIT']
      vprint_status("#{rhost}:#{rport} - Using custom payload size of #{linemax}") if linemax != 250
      print_status("#{rhost}:#{rport} - Sending SOAP SXPG_CALL_SYSTEM request")

• Read up
  Read up

Method exploit has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.

Open

  def exploit
    if target.name =~ /Windows/
      linemax = datastore['PAYLOAD_SPLIT']
      vprint_status("#{rhost}:#{rport} - Using custom payload size of #{linemax}") if linemax != 250
      print_status("#{rhost}:#{rport} - Sending SOAP SXPG_COMMAND_EXECUTE request")

• Read up
  Read up

Method exploit has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.

Open

  def exploit
    print_status("Checking vulnerability...")
    unless vulnerable?
      fail_with(Failure::Unknown, "#{peer} - Java has not been executed, aborting...")
    end

• Read up
  Read up

Method run_sudo_cmd has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.

Open

  def run_sudo_cmd
    print_status("Resetting user's time stamp file and setting clock to the epoch")
    cmd_exec(
      "sudo -k; \n"+
      "#{SYSTEMSETUP_PATH} -setusingnetworktime Off -settimezone GMT"+

• Read up
  Read up

Method on_request_uri has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.

Open

  def on_request_uri(cli, request)
    user_agent = request['User-Agent']
    print_status("Request #{request.uri} from #{user_agent}")
    if request.uri.ends_with? '.pdf'
      send_response(cli, '', { 'Content-Type' => 'application/pdf' })

• Read up
  Read up

Method exploit has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.

Open

  def exploit
    connect

    print_status('Performing handshake with gdbserver...')
    handshake

• Read up
  Read up

Method cleanup has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.

Open

  def cleanup
    vprint_status("Starting the cron restore process...")
    super
    # Restore crontab back to is original state
    # If we don't do this, then cron will continue to append the no password rule to sudoers.

• Read up
  Read up

Method check_useragent has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.

Open

  def check_useragent(user_agent)
    safari_version = nil
    if user_agent =~ %r{Version/(\d+\.\d+(\.\d+)*)\sSafari}
      safari_version = Regexp.last_match(1)
    end

• Read up
  Read up

Method exploit has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.

Open

  def exploit
    prefix_jsp = rand_text_alphanumeric(rand(3..5))
    date_format = rand_text_numeric(rand(1..4))
    @jsp_file = prefix_jsp + date_format + '.jsp'
    http_method = datastore['HTTP_METHOD']

• Read up
  Read up

Method exploit has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.

Open

  def exploit
    # Set target
    uname = cmd_exec('uname')
    vprint_status("Operating system is #{uname}")
    if target.name.eql? 'Automatic'

• Read up
  Read up

Method auth_v11 has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.

Open

  def auth_v11
    res = send_request_cgi(
      'uri'    => normalize_uri(target_uri.path, 'fm/'),
      'method' => 'GET',
      'vars_get'  =>

• Read up
  Read up

Method check has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.

Open

  def check
    @cookie = rand_text_alphanumeric(16)
    printer_name = rand_text_alphanumeric(10 + rand(5))
    res = add_printer(printer_name, '')
    if !res

• Read up
  Read up

Method check has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.

Open

  def check
    check_code = CheckCode::Safe
    app_name = get_application_name
    check_code = CheckCode::Appears unless app_name.blank?
    test_payload = %Q|puts 1|

• Read up
  Read up

Method send_payload has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.

Open

  def send_payload(cmd)
    vprint_status('Adding a crafted configuration setting entry with the payload')

    cmd = cmd.gsub(/\\/, '\\' => '\\\\')
    cmd = cmd.gsub(/"/, '"' => '\\"')

• Read up
  Read up

Method login_phpmyadmin has 6 arguments (exceeds 4 allowed). Consider refactoring.

Open

  def login_phpmyadmin(uri, uname, passwd, cookies, token, sess_id)

Method check has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.

Open

  def check
    self.cookie = gitlab_sign_in(datastore['USERNAME'], datastore['PASSWORD']) unless cookie

    vprint_status('Trying to get the GitLab version')

• Read up
  Read up

Method do_get_csrf has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.

Open

  def do_get_csrf(uri)
    print_status("Fetching csrf token from #{uri}")
    res = send_request_cgi(
      'uri'    => uri,
      'method' => 'GET',

• Read up
  Read up

Method run_command has 6 arguments (exceeds 4 allowed). Consider refactoring.

Open

  def run_command(session, container_label, console_authenticity_token, container_id, console_id, command)

Method login has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.

Open

  def login(cookie)
    # Send a request to the login page so we can obtain some hidden values needed for login
    uri = normalize_uri(@base, "wikka.php") + "?wakka=UserSettings"
    res = send_request_raw({
      'method'  => 'GET',

• Read up
  Read up