Showing 7,361 of 22,177 total issues
Method start_listener
has 58 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def start_listener(dsthosts_cache, srchosts_cache)
if datastore['BIDIRECTIONAL']
args = {:BIDIRECTIONAL => true, :dhosts => dsthosts_cache.dup, :shosts => srchosts_cache.dup}
else
Method check
has 58 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def check
targ = rhost
srv_sock = Rex::Socket.create_udp(
'PeerHost' => targ,
Method run
has 58 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def run
print_status('Requesting list of entities from endpoint, this may take a minute...')
users = send_request_raw({
'method' => 'GET',
'uri' => normalize_uri(datastore['TARGETURI'], "/ws/dal/#{datastore['ENDPOINT']}"),
Method run
has 58 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def run
# version check will not stop the module, but it will try to
# determine the version and print it if verbose is set to true
version_check
begin
Method login
has 58 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def login(username, password)
# 1st step: we obtain a JSESSIONID cookie...
res = send_request_cgi({
'method' => 'GET',
'uri' => normalize_uri(target_uri.path, 'PassTrixMain.cc')
Method run
has 58 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def run
username = get_username
password = get_password
email = get_email
res = send_request_cgi('uri' => normalize_uri(target_uri.path))
Method run
has 58 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def run
open_pcap
print_status("Sending packet to #{rhost}")
Method scanner_process
has 58 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def scanner_process(data, shost, sport)
head = data.slice!(0,12)
xid, flags, quests, answers, auths, adds = head.unpack('n6')
Method run_host
has 58 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def run_host(ip)
timeout = datastore['TIMEOUT'].to_i
ports = Rex::Socket.portspec_crack(datastore['PORTS'])
Method exploit
has 58 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def exploit
root_file = "#{datastore['WritableDir']}/#{rand_text_alpha(8)}"
arp_file = "#{datastore['WritableDir']}/arp"
c_file = %^#include <stdio.h>
Method exploit
has 58 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def exploit
base = normalize_uri(target_uri.path)
username = datastore['USERNAME']
password = datastore['PASSWORD']
Method exploit
has 58 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def exploit
# #
# x86
# #
# WINDOWS XP and 7 full exploitation
Method initialize
has 58 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(
update_info(
info,
'Name' => 'GitLab GitHub Repo Import Deserialization RCE',
Method exploit
has 58 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def exploit
user = datastore['USER']
pass = datastore['PASS']
p = Rex::Text.encode_base64(payload.encoded)
header = rand_text_alpha_upper(3)
Method initialize
has 58 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(
update_info(
info,
'Name' => 'WordPress Backup Migration Plugin PHP Filter Chain RCE',
Method initialize
has 58 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(
update_info(
info,
'Name' => 'WSO2 Arbitrary File Upload to RCE',
Method initialize
has 58 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(update_info(info,
'Name' => 'ManageEngine Eventlog Analyzer Arbitrary File Upload',
'Description' => %q{
This module exploits a file upload vulnerability in ManageEngine Eventlog Analyzer.
Method exploit
has 58 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def exploit
init = send_request_cgi({
'method' => 'GET',
'uri' => normalize_uri(target_uri.path, '/index.php')
Method http_send_command
has 58 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def http_send_command(cmd, opts = {})
# 1 -Create the malicious function
func_name = Rex::Text::rand_text_alpha(5).downcase
request_parameters = {
'method' => 'POST',
Method exploit
has 58 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def exploit
# Always display target info
print_status(check[1])
uri = target_uri.path