Showing 7,361 of 22,177 total issues
Method initialize
has 58 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(update_info(info,
'Name' => 'Microsoft Windows Authenticated User Code Execution',
'Description' => %q{
This module uses a valid administrator username and password (or
Method exploit
has 58 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def exploit
# Check if we're already root
if is_root? && !datastore['ForceExploit']
fail_with Failure::BadConfig, 'Session already has root privileges. Set ForceExploit to override'
end
Method initialize
has 58 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(
update_info(
info,
'Name' => 'Dirty Pipe Local Privilege Escalation via CVE-2022-0847',
Method initialize
has 58 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(update_info(info,
'Name' => 'Linux Kernel UDP Fragmentation Offset (UFO) Privilege Escalation',
'Description' => %q{
This module attempts to gain root privileges on Linux systems by abusing
Method initialize
has 58 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(
update_info(
info,
'Name' => 'CWP login.php Unauthenticated RCE',
Method initialize
has 58 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(update_info(info,
'Name' => 'Linksys WRT54GL apply.cgi Command Execution',
'Description' => %q{
Some Linksys Routers are vulnerable to an authenticated OS command injection in
Method initialize
has 58 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(update_info(info,
'Name' => 'Axis Network Camera .srv-to-parhand RCE',
'Description' => %q{
This module exploits an auth bypass in .srv functionality and a
Method initialize
has 58 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(
update_info(
info,
'Name' => 'Axis IP Camera Application Upload',
Method initialize
has 58 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(
update_info(
info,
'Name' => 'Apache Solr Backup/Restore APIs RCE',
Method exploit
has 58 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def exploit
res = send_request_cgi({
'uri' => normalize_uri(target_uri.path, 'accounts', 'login/')
})
Method check
has 58 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def check
# Try to authenticate
success, msg_or_check_code = opennms_login('check')
return msg_or_check_code unless success
Method initialize
has 58 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(
update_info(
info,
'Name' => 'IPFire Bash Environment Variable Injection (Shellshock)',
Method initialize
has 58 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(
update_info(
info,
'Name' => 'OpenNMS Horizon Authenticated RCE',
Method init_orion_db
has 58 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def init_orion_db(orion_path)
if datastore['MSSQL_INSTANCE'] && datastore['MSSQL_DB']
print_status('MSSQL_INSTANCE and MSSQL_DB advanced options set, connect to SQL using SSPI')
db_instance_path = datastore['MSSQL_INSTANCE']
db_name = datastore['MSSQL_DB']
Method initialize
has 58 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(
update_info(
info,
'Name' => 'Veeam Backup and Replication Credentials Dump',
Method run
has 58 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def run
# keep track of any of the credentials files we read so we only read them once
cred_files = []
# where we'll store hashes of found credentials while parsing. reporting is done at the end.
creds = []
Method check_hardening
has 58 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def check_hardening
if aslr_enabled?
r = 'ASLR is enabled'
print_good r
report r
Method get_db_creds
has 58 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def get_db_creds
db_properties = process_vcdb_properties_file
self.vcdb_name = db_properties['name']
self.vcdb_user = db_properties['username']
Method has_h2_headings
has 58 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def has_h2_headings
has_vulnerable_application = false
has_verification_steps = false
has_scenarios = false
has_options = false
Method use
has 58 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def use(mod, opts = { })
if mod.nil?
raise RuntimeError, "No modules were specified", caller
end