Sign upLogin

rapid7/metasploit-framework

View on GitHub
Star

Showing 7,361 of 22,177 total issues

Method initialize has 55 lines of code (exceeds 25 allowed). Consider refactoring.
Open

  def initialize(info = {})
    super(
      update_info(
        info,
        'Name' => 'Netfilter nft_set_elem_init Heap Overflow Privilege Escalation',
Severity: Major
Found in modules/exploits/linux/local/netfilter_nft_set_elem_init_privesc.rb - About 2 hrs to fix

    Method initialize has 55 lines of code (exceeds 25 allowed). Consider refactoring.
    Open

      def initialize(info = {})
    super(
      update_info(
        info,
        'Name' => 'Nagios XI 5.5.0-5.7.3 - Snmptrap Authenticated Remote Code Exection',
    Severity: Major
    Found in modules/exploits/linux/http/nagios_xi_snmptrap_authenticated_rce.rb - About 2 hrs to fix

      Method exploit has 55 lines of code (exceeds 25 allowed). Consider refactoring.
      Open

        def exploit
    # step 1: get a JSESSIONID cookie
    res = send_request_cgi(
      'uri'    => normalize_uri(target_uri.path, 'app', 'ui', 'login'),
      'method' => 'GET'
      Severity: Major
      Found in modules/exploits/linux/http/cisco_ucs_rce.rb - About 2 hrs to fix

        Method initialize has 55 lines of code (exceeds 25 allowed). Consider refactoring.
        Open

          def initialize(info={})
    super(update_info(info,
      'Name'           => "Mailcleaner Remote Code Execution",
      'Description'    => %q{
        This module exploits the command injection vulnerability of MailCleaner Community Edition product. An authenticated user can execute an
        Severity: Major
        Found in modules/exploits/linux/http/mailcleaner_exec.rb - About 2 hrs to fix

          Method initialize has 55 lines of code (exceeds 25 allowed). Consider refactoring.
          Open

            def initialize(info = {})
    super(
      update_info(
        info,
        'Name' => 'Nagios XI Prior to 5.8.0 - Plugins Filename Authenticated Remote Code Exection',
          Severity: Major
          Found in modules/exploits/linux/http/nagios_xi_plugins_filename_authenticated_rce.rb - About 2 hrs to fix

            Method initialize has 55 lines of code (exceeds 25 allowed). Consider refactoring.
            Open

              def initialize(info = {})
    super(
      update_info(
        info,
        'Name' => 'Nagios XI 5.6.0-5.7.3 - Mibs.php Authenticated Remote Code Exection',
            Severity: Major
            Found in modules/exploits/linux/http/nagios_xi_mibs_authenticated_rce.rb - About 2 hrs to fix

              Method initialize has 55 lines of code (exceeds 25 allowed). Consider refactoring.
              Open

                def initialize(info = {})
    super(
      update_info(
        info,
        'Name' => 'Spring Cloud Gateway Remote Code Execution',
              Severity: Major
              Found in modules/exploits/linux/http/spring_cloud_gateway_rce.rb - About 2 hrs to fix

                Method initialize has 55 lines of code (exceeds 25 allowed). Consider refactoring.
                Open

                  def initialize(info = {})
    super(
      update_info(
        info,
        'Name' => 'IBM Data Risk Manager a3user Default Password',
                Severity: Major
                Found in modules/exploits/linux/ssh/ibm_drm_a3user.rb - About 2 hrs to fix

                  Method initialize has 55 lines of code (exceeds 25 allowed). Consider refactoring.
                  Open

                    def initialize(info = {})
    super(
      update_info(
        info,
        'Name' => 'Synology DiskStation Manager smart.cgi Remote Command Execution',
                  Severity: Major
                  Found in modules/exploits/linux/http/synology_dsm_smart_exec_auth.rb - About 2 hrs to fix

                    Method initialize has 55 lines of code (exceeds 25 allowed). Consider refactoring.
                    Open

                      def initialize(info = {})
    super(
      update_info(
        info,
        'Name' => 'Quantum vmPRO Backdoor Command',
                    Severity: Major
                    Found in modules/exploits/linux/ssh/quantum_vmpro_backdoor.rb - About 2 hrs to fix

                      Method run has 55 lines of code (exceeds 25 allowed). Consider refactoring.
                      Open

                        def run
    # A table to store the found credentials.
    cred_table = Rex::Text::Table.new(
      'Header' => '.netrc credentials',
      'Indent' => 1,
                      Severity: Major
                      Found in modules/post/multi/gather/netrc_creds.rb - About 2 hrs to fix

                        Method gathernix has 55 lines of code (exceeds 25 allowed). Consider refactoring.
                        Open

                          def gathernix
    print_status('Unix OS detected')
    user_files = cmd_exec('locate tomcat-users.xml').split("\n")
    if !user_files.empty?
      user_files.each do |path|
                        Severity: Major
                        Found in modules/post/multi/gather/tomcat_gather.rb - About 2 hrs to fix

                          Method run has 55 lines of code (exceeds 25 allowed). Consider refactoring.
                          Open

                            def run
    print_status("Running module against #{sysinfo['Computer']}")
    # Collect even without a database to store them.
    if session.framework.db.active
      db_ok = true
                          Severity: Major
                          Found in modules/post/windows/gather/credentials/credential_collector.rb - About 2 hrs to fix

                            Method run has 55 lines of code (exceeds 25 allowed). Consider refactoring.
                            Open

                              def run
    installs = []
    results = []
    users = []
    print_status("Enumerating Tomcat Servers on #{sysinfo['Computer']}")
                            Severity: Major
                            Found in modules/post/windows/gather/enum_tomcat.rb - About 2 hrs to fix

                              Method run has 55 lines of code (exceeds 25 allowed). Consider refactoring.
                              Open

                                def self.run(options)
    Git.clone_wiki! if options[:wiki_pull]

    # Create a new branch based on the commits from https://github.com/rapid7/metasploit-framework/wiki to move
    # Wiki files into the metasploit-framework repo
                              Severity: Major
                              Found in docs/build.rb - About 2 hrs to fix

                                Method run has 55 lines of code (exceeds 25 allowed). Consider refactoring.
                                Open

                                  def run
    init_railgun_defs
    @hostname_cache = {}
    libgnome_keyring = session.railgun.libgnome_keyring
                                Severity: Major
                                Found in modules/post/linux/gather/gnome_keyring_dump.rb - About 2 hrs to fix

                                  Method cmd_sniffer_dump has 55 lines of code (exceeds 25 allowed). Consider refactoring.
                                  Open

                                    def cmd_sniffer_dump(*args)
    intf = args[0].to_i
    if (intf == 0 or not args[1])
      print_error("Usage: sniffer_dump [interface-id] [pcap-file]")
      return
                                  Severity: Major
                                  Found in lib/rex/post/meterpreter/ui/console/command_dispatcher/sniffer.rb - About 2 hrs to fix

                                    Method create_library has 55 lines of code (exceeds 25 allowed). Consider refactoring.
                                    Open

                                      def self.create_library(constant_manager, library_path = 'wlanapi')
    dll = Library.new(library_path, constant_manager)


    dll.add_function( 'WlanOpenHandle', 'DWORD',[
                                    Severity: Major
                                    Found in lib/rex/post/meterpreter/extensions/stdapi/railgun/def/windows/def_wlanapi.rb - About 2 hrs to fix

                                      Method job_run_proc has 55 lines of code (exceeds 25 allowed). Consider refactoring.
                                      Open

                                        def self.job_run_proc(ctx, &block)
    mod = ctx[0]
    run_uuid = ctx[1]
    job_listener = ctx[2]
    begin
                                      Severity: Major
                                      Found in lib/msf/base/simple/auxiliary.rb - About 2 hrs to fix

                                        Method import_nuclei_jsonl has 55 lines of code (exceeds 25 allowed). Consider refactoring.
                                        Open

                                          def import_nuclei_jsonl(args = {}, &block)
    wspace = Msf::Util::DBManager.process_opts_workspace(args, framework).name
    bl = validate_ips(args[:blacklist]) ? args[:blacklist].split : []

    args[:data].each_line do |line|
                                        Severity: Major
                                        Found in lib/msf/core/db_manager/import/nuclei.rb - About 2 hrs to fix
                                          Severity
                                          Category
                                          Status
                                          Source
                                          Language