Issues - rapid7/metasploit-framework

Method `start_listener` has 58 lines of code (exceeds 25 allowed). Consider refactoring.
Open

  def start_listener(dsthosts_cache, srchosts_cache)

    if datastore['BIDIRECTIONAL']
      args = {:BIDIRECTIONAL => true,  :dhosts => dsthosts_cache.dup, :shosts => srchosts_cache.dup}
    else

Found in modules/auxiliary/spoof/arp/arp_poisoning.rb - About 2 hrs to fix

Method `check` has 58 lines of code (exceeds 25 allowed). Consider refactoring.
Open

  def check
    targ = rhost

    srv_sock = Rex::Socket.create_udp(
      'PeerHost' => targ,

Found in modules/auxiliary/spoof/dns/bailiwicked_host.rb - About 2 hrs to fix

Method `run` has 58 lines of code (exceeds 25 allowed). Consider refactoring.
Open

  def run
    print_status('Requesting list of entities from endpoint, this may take a minute...')
    users = send_request_raw({
      'method' => 'GET',
      'uri' => normalize_uri(datastore['TARGETURI'], "/ws/dal/#{datastore['ENDPOINT']}"),

Found in modules/auxiliary/admin/http/openbravo_xxe.rb - About 2 hrs to fix

Method `run` has 58 lines of code (exceeds 25 allowed). Consider refactoring.
Open

  def run
    # version check will not stop the module, but it will try to
    # determine the version and print it if verbose is set to true
    version_check
    begin

Found in modules/auxiliary/admin/http/webnms_cred_disclosure.rb - About 2 hrs to fix

Method `login` has 58 lines of code (exceeds 25 allowed). Consider refactoring.
Open

  def login(username, password)
    # 1st step: we obtain a JSESSIONID cookie...
    res = send_request_cgi({
      'method' => 'GET',
      'uri' => normalize_uri(target_uri.path, 'PassTrixMain.cc')

Found in modules/auxiliary/admin/http/manageengine_pmp_privesc.rb - About 2 hrs to fix

Method `run` has 58 lines of code (exceeds 25 allowed). Consider refactoring.
Open

  def run
    username = get_username
    password = get_password
    email = get_email
    res = send_request_cgi('uri' => normalize_uri(target_uri.path))

Found in modules/auxiliary/admin/http/wp_masterstudy_privesc.rb - About 2 hrs to fix

Method `run` has 58 lines of code (exceeds 25 allowed). Consider refactoring.
Open

  def run
    open_pcap

    print_status("Sending packet to #{rhost}")

Found in modules/auxiliary/dos/wireshark/chunked.rb - About 2 hrs to fix

Method `scanner_process` has 58 lines of code (exceeds 25 allowed). Consider refactoring.
Open

  def scanner_process(data, shost, sport)

    head = data.slice!(0,12)

    xid, flags, quests, answers, auths, adds = head.unpack('n6')

Found in modules/auxiliary/scanner/netbios/nbname.rb - About 2 hrs to fix

Method `run_host` has 58 lines of code (exceeds 25 allowed). Consider refactoring.
Open

  def run_host(ip)

    timeout = datastore['TIMEOUT'].to_i

    ports = Rex::Socket.portspec_crack(datastore['PORTS'])

Found in modules/auxiliary/scanner/portscan/tcp.rb - About 2 hrs to fix

Method `exploit` has 58 lines of code (exceeds 25 allowed). Consider refactoring.
Open

  def exploit
    root_file = "#{datastore['WritableDir']}/#{rand_text_alpha(8)}"
    arp_file = "#{datastore['WritableDir']}/arp"
    c_file = %^#include <stdio.h>

Found in modules/exploits/aix/local/ibstat_path.rb - About 2 hrs to fix

Method `exploit` has 58 lines of code (exceeds 25 allowed). Consider refactoring.
Open

  def exploit
    base = normalize_uri(target_uri.path)

    username = datastore['USERNAME']
    password = datastore['PASSWORD']

Found in modules/exploits/unix/webapp/sugarcrm_unserialize_exec.rb - About 2 hrs to fix

Method `exploit` has 58 lines of code (exceeds 25 allowed). Consider refactoring.
Open

  def exploit
    # #
    # x86
    # #
    # WINDOWS XP and 7 full exploitation

Found in modules/exploits/multi/vpn/tincd_bof.rb - About 2 hrs to fix

Method `initialize` has 58 lines of code (exceeds 25 allowed). Consider refactoring.
Open

  def initialize(info = {})
    super(
      update_info(
        info,
        'Name' => 'GitLab GitHub Repo Import Deserialization RCE',

Found in modules/exploits/multi/http/gitlab_github_import_rce_cve_2022_2992.rb - About 2 hrs to fix

Method `exploit` has 58 lines of code (exceeds 25 allowed). Consider refactoring.
Open

  def exploit
    user = datastore['USER']
    pass = datastore['PASS']
    p = Rex::Text.encode_base64(payload.encoded)
    header = rand_text_alpha_upper(3)

Found in modules/exploits/multi/http/activecollab_chat.rb - About 2 hrs to fix

Method `initialize` has 58 lines of code (exceeds 25 allowed). Consider refactoring.
Open

  def initialize(info = {})
    super(
      update_info(
        info,
        'Name' => 'WordPress Backup Migration Plugin PHP Filter Chain RCE',

Found in modules/exploits/multi/http/wp_backup_migration_php_filter.rb - About 2 hrs to fix

Method `initialize` has 58 lines of code (exceeds 25 allowed). Consider refactoring.
Open

  def initialize(info = {})
    super(
      update_info(
        info,
        'Name' => 'WSO2 Arbitrary File Upload to RCE',

Found in modules/exploits/multi/http/wso2_file_upload_rce.rb - About 2 hrs to fix

Method `initialize` has 58 lines of code (exceeds 25 allowed). Consider refactoring.
Open

  def initialize(info = {})
    super(update_info(info,
      'Name'        => 'ManageEngine Eventlog Analyzer Arbitrary File Upload',
      'Description' => %q{
        This module exploits a file upload vulnerability in ManageEngine Eventlog Analyzer.

Found in modules/exploits/multi/http/eventlog_file_upload.rb - About 2 hrs to fix

Method `exploit` has 58 lines of code (exceeds 25 allowed). Consider refactoring.
Open

  def exploit

    init = send_request_cgi({
      'method' => 'GET',
      'uri' => normalize_uri(target_uri.path, '/index.php')

Found in modules/exploits/multi/http/ispconfig_php_exec.rb - About 2 hrs to fix

Method `http_send_command` has 58 lines of code (exceeds 25 allowed). Consider refactoring.
Open

  def http_send_command(cmd, opts = {})
    # 1 -Create the malicious function
    func_name = Rex::Text::rand_text_alpha(5).downcase
    request_parameters = {
      'method'    => 'POST',

Found in modules/exploits/multi/http/orientdb_exec.rb - About 2 hrs to fix

Method `exploit` has 58 lines of code (exceeds 25 allowed). Consider refactoring.
Open

  def exploit
    # Always display target info
    print_status(check[1])

    uri = target_uri.path

Found in modules/exploits/multi/http/phpmyadmin_preg_replace.rb - About 2 hrs to fix

rapid7/metasploit-framework

Showing 7,361 of 22,177 total issues

Method `start_listener` has 58 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `check` has 58 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `run` has 58 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `run` has 58 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `login` has 58 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `run` has 58 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `run` has 58 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `scanner_process` has 58 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `run_host` has 58 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `exploit` has 58 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `exploit` has 58 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `exploit` has 58 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `initialize` has 58 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `exploit` has 58 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `initialize` has 58 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `initialize` has 58 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `initialize` has 58 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `exploit` has 58 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `http_send_command` has 58 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `exploit` has 58 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Severity

Category

Status

Source

Language

rapid7/metasploit-framework

Showing 7,361 of 22,177 total issues

Method start_listener has 58 lines of code (exceeds 25 allowed). Consider refactoring. Open

Method check has 58 lines of code (exceeds 25 allowed). Consider refactoring. Open

Method run has 58 lines of code (exceeds 25 allowed). Consider refactoring. Open

Method run has 58 lines of code (exceeds 25 allowed). Consider refactoring. Open

Method login has 58 lines of code (exceeds 25 allowed). Consider refactoring. Open

Method run has 58 lines of code (exceeds 25 allowed). Consider refactoring. Open

Method run has 58 lines of code (exceeds 25 allowed). Consider refactoring. Open

Method scanner_process has 58 lines of code (exceeds 25 allowed). Consider refactoring. Open

Method run_host has 58 lines of code (exceeds 25 allowed). Consider refactoring. Open

Method exploit has 58 lines of code (exceeds 25 allowed). Consider refactoring. Open

Method exploit has 58 lines of code (exceeds 25 allowed). Consider refactoring. Open

Method exploit has 58 lines of code (exceeds 25 allowed). Consider refactoring. Open

Method initialize has 58 lines of code (exceeds 25 allowed). Consider refactoring. Open

Method exploit has 58 lines of code (exceeds 25 allowed). Consider refactoring. Open

Method initialize has 58 lines of code (exceeds 25 allowed). Consider refactoring. Open

Method initialize has 58 lines of code (exceeds 25 allowed). Consider refactoring. Open

Method initialize has 58 lines of code (exceeds 25 allowed). Consider refactoring. Open

Method exploit has 58 lines of code (exceeds 25 allowed). Consider refactoring. Open

Method http_send_command has 58 lines of code (exceeds 25 allowed). Consider refactoring. Open

Method exploit has 58 lines of code (exceeds 25 allowed). Consider refactoring. Open

Severity

Category

Status

Source

Language

Method `start_listener` has 58 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `check` has 58 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `run` has 58 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `run` has 58 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `login` has 58 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `run` has 58 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `run` has 58 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `scanner_process` has 58 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `run_host` has 58 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `exploit` has 58 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `exploit` has 58 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `exploit` has 58 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `initialize` has 58 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `exploit` has 58 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `initialize` has 58 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `initialize` has 58 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `initialize` has 58 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `exploit` has 58 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `http_send_command` has 58 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `exploit` has 58 lines of code (exceeds 25 allowed). Consider refactoring.
Open