Method check has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.

Open

  def check
    package = cmd_exec('dpkg -l tomcat[6-8] | grep \'^i\'')
    if package.nil? || package.empty?
      return CheckCode::Safe('Unable to execute command to determine installed pacakges')
    end

• Read up
  Read up

Method module_check has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.

Open

  def module_check
    release = kernel_release
    version = "#{release} #{kernel_version.split(' ').first}"
    ubuntu_offsets = strip_comments(get_external_source_code('CVE-2022-34918', 'src/util.c')).scan(/kernels\[\] = \{(.+?)\};/m).flatten.first
    ubuntu_kernels = ubuntu_offsets.scan(/"(.+?)"/).flatten

• Read up
  Read up

Method check has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.

Open

  def check
    arch = kernel_arch
    unless live_compile? || arch.include?('x64') || arch.include?('aarch64') || arch.include?('x86') || arch.include?('armle')
      return CheckCode::Safe("System architecture #{arch} is not supported without live compilation")
    end

• Read up
  Read up

Method exploit has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.

Open

  def exploit
    if !datastore['ForceExploit'] && is_root?
      fail_with(Failure::BadConfig, 'Session already has root privileges. Set ForceExploit to override.')
    end

• Read up
  Read up

Method get_editable_file has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.

Open

  def get_editable_file
    if datastore['EDITABLEFILE'].present?
      fail_with(Failure::BadConfig, 'EDITABLEFILE must be a file.') unless file?(datastore['EDITABLEFILE'])

      vprint_status("Using user defined EDITABLEFILE: #{datastore['EDITABLEFILE']}")

• Read up
  Read up

Method exploit has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.

Open

  def exploit
    if !datastore['ForceExploit'] && is_root?
      fail_with(Failure::BadConfig, 'Session already has root privileges. Set ForceExploit to override.')
    end

• Read up
  Read up

Method exploit has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.

Open

  def exploit
    if !datastore['ForceExploit'] && is_root?
      fail_with(Failure::BadConfig, 'Session already has root privileges. Set ForceExploit to override.')
    end

• Read up
  Read up

Method check has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.

Open

  def check
    # Sanity check
    if is_root?
      fail_with(Failure::None, 'Session already has root privileges')
    end

• Read up
  Read up

Method exploit has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.

Open

  def exploit
    if !datastore['ForceExploit'] && is_root?
      fail_with(Failure::BadConfig, 'Session already has root privileges. Set ForceExploit to override.')
    end

• Read up
  Read up

Method check has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.

Open

  def check
    arch = kernel_hardware
    unless arch.include? 'x86_64'
      vprint_error "System architecture #{arch} is not supported"
      return CheckCode::Safe

• Read up
  Read up

Method exploit has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.

Open

  def exploit
    # Make sure we can write our exploit and payload to the local system
    fail_with Failure::BadConfig, "#{datastore['WritableDir']} is not writable" unless writable? datastore['WritableDir']
    count = 1 # default to running if we decide not to calculate
    count = list_minions_printer if datastore['CALCULATE']

• Read up
  Read up

Method check has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.

Open

  def check
    unless command_exists? '/usr/bin/vmplayer'
      print_error 'vmplayer is not installed. Exploitation will fail.'
      return CheckCode::Safe
    end

• Read up
  Read up

Method check has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.

Open

  def check
    return CheckCode::Safe('bash shell is not available') unless command_exists? 'bash'

    vprint_good 'bash shell is available'

• Read up
  Read up

Method check has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.

Open

  def check
    res = send_request_cgi(
      'method' => 'GET',
      'uri' => '/OA_HTML/FrmReportData'
    )

• Read up
  Read up

Method exploit has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.

Open

  def exploit
    telnet_port = rand(32767) + 32768

    print_status("#{rhost}:#{rport} - Telnet port: #{telnet_port}")

• Read up
  Read up

Method restart_exportation has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.

Open

  def restart_exportation(poller_id)
    print_status('Reload the poller to trigger exploitation.')
    token = get_token(normalize_uri(target_uri.path, 'main.get.php'), { 'p' => '60902', 'poller' => poller_id })

    unless token

• Read up
  Read up

Method check has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.

Open

  def check
    random_id = rand_text_numeric(5 + rand(8))
    res = send_session_id(random_id)

    unless res && res.code == 200 && res.headers['Content-Type'] && res.headers['Content-Type'] == 'image/gif'

• Read up
  Read up

Method exploit has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.

Open

  def exploit
    print_status('Encoding the payload as a .jsp file')
    payload = Msf::Util::EXE.to_jsp(generate_payload_exe)

    # Create a file

• Read up
  Read up

Method get_auth has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.

Open

  def get_auth
    print_status('Sending authentication request.')
    token = get_token(normalize_uri(target_uri.path, 'index.php'))
    unless token.nil?
      response = send_request_cgi(

• Read up
  Read up

Avoid deeply nested control flow statements.

Open

          next unless (round3_byte_array[i] == keystr3_byte_array[j])