Showing 7,361 of 22,177 total issues
Method run
has 59 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def run
res = send_request_cgi({
'method' => 'GET',
'uri' => '/',
'authorization' => basic_auth(datastore['WS_USERNAME'], datastore['WS_PASSWORD'])
Method run_host
has 59 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def run_host(ip)
data = '<?xml version="1.0" encoding="utf-8" ?>'
data << '<env:Envelope xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:env="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">'
data << '<env:Body>'
data << '<n1:SUSR_RFC_USER_INTERFACE xmlns:n1="urn:sap-com:document:sap:rfc:functions" env:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">'
Method run_host
has 59 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def run_host(ip)
right_marker = Rex::Text.rand_text_alpha(5)
left_marker = Rex::Text.rand_text_alpha(5)
flag = Rex::Text.rand_text_alpha(5)
Method each_user_fromuser_pass
has 59 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def each_user_fromuser_pass(&block)
# Class variables to track credential use (for threading)
@@credentials_tried = {}
@@credentials_skipped = {}
Method is_vulnerable?
has 59 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def is_vulnerable?(ip)
begin
connect
smb_login
handle = dcerpc_handle(RPC_NETLOGON_UUID, '1.0','ncacn_np', ["\\netlogon"])
Method createpdf
has 59 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def createpdf
# Code below taken POC provided by CheckPoint Research
pdf = ''
pdf << "%PDF-1.7\n"
pdf << "1 0 obj\n"
Method initialize
has 59 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(merge_info(info,
'Name' => 'Apple iOS Command Shell, Reverse TCP Inline',
'Description' => 'Connect back to attacker and spawn a command shell',
'Author' => 'hdm',
Method exploit
has 59 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def exploit
if check != CheckCode::Appears
fail_with(Failure::NotVulnerable, 'Target is not vulnerable')
end
Method initialize
has 59 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(
update_info(
info,
'Name' => 'SAP Solution Manager remote unauthorized OS commands execution',
Method initialize
has 59 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(update_info(info,
'Name' => 'HP SiteScope issueSiebelCmd Remote Code Execution',
'Description' => %q{
This module exploits a code execution flaw in HP SiteScope. The vulnerability exists in the
Method initialize
has 59 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(update_info(info,
'Name' => 'Apache Tomcat Manager Authenticated Upload Code Execution',
'Description' => %q{
This module can be used to execute a payload on Apache Tomcat servers that
Method exploit
has 59 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def exploit
vprint_status('Getting nonce')
res = send_request_cgi(
'uri' => normalize_uri(target_uri.path)
)
Method initialize
has 59 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(
update_info(
info,
'Name' => 'SPIP connect Parameter PHP Injection',
Method initialize
has 59 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(
update_info(
info,
'Name' => 'Spring Cloud Function SpEL Injection',
Method initialize
has 59 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(
update_info(
info,
'Name' => 'Lucee Authenticated Scheduled Job Code Execution',
Method initialize
has 59 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(update_info(info,
'Name' => 'Apache Struts ParametersInterceptor Remote Code Execution',
'Description' => %q{
This module exploits a remote command execution vulnerability in Apache Struts
Method initialize
has 59 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(update_info(info,
'Name' => 'Apache Struts includeParams Remote Code Execution',
'Description' => %q{
This module exploits a remote command execution vulnerability in Apache Struts
Method initialize
has 59 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(update_info(info,
'Name' => 'JBoss JMX Console Beanshell Deployer WAR Upload and Deployment',
'Description' => %q{
This module can be used to install a WAR file payload on JBoss servers that have
Method initialize
has 59 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(update_info(info,
'Name' => 'Mozilla Suite/Firefox Navigator Object Code Execution',
'Description' => %q{
This module exploits a code execution vulnerability in the Mozilla
Method initialize
has 59 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(
update_info(info,
'Name' => 'Sun Java Calendar Deserialization Privilege Escalation',
'Description' => %q{