Issues - rapid7/metasploit-framework

Method `on_request_uri` has 52 lines of code (exceeds 25 allowed). Consider refactoring.
Open

  def on_request_uri(cli, request)
    agent = request.headers['User-Agent']
    my_target = get_target(agent)

    # Avoid the attack if the victim doesn't have the same setup we're targeting

Found in modules/exploits/windows/browser/ultramjcam_openfiledig_bof.rb - About 2 hrs to fix

Method `on_request_uri` has 52 lines of code (exceeds 25 allowed). Consider refactoring.
Open

  def on_request_uri(cli, request)

    agent = request.headers['User-Agent']
    print_status("User-agent: #{agent}")

Found in modules/exploits/windows/browser/cisco_playerpt_setsource_surl.rb - About 2 hrs to fix

Method `initialize` has 52 lines of code (exceeds 25 allowed). Consider refactoring.
Open

  def initialize(info={})
    super(update_info(info,
      'Name'                => 'Adobe Flash Player copyPixelsToByteArray Method Integer Overflow',
      'Description'         => %q{
        This module exploits an integer overflow in Adobe Flash Player. The vulnerability occurs

Found in modules/exploits/windows/browser/adobe_flash_copy_pixels_to_byte_array.rb - About 2 hrs to fix

Method `on_request_uri` has 52 lines of code (exceeds 25 allowed). Consider refactoring.
Open

  def on_request_uri(cli, request)
    agent = request.headers['User-Agent']
    my_target = get_target(agent)

    # Avoid the attack if the victim doesn't have the same setup we're targeting

Found in modules/exploits/windows/browser/msxml_get_definition_code_exec.rb - About 2 hrs to fix

Method `initialize` has 52 lines of code (exceeds 25 allowed). Consider refactoring.
Open

  def initialize(info = {})
    super(update_info(info,
      'Name'           => 'KingScada kxClientDownload.ocx ActiveX Remote Code Execution',
      'Description'    => %q{
        This module abuses the kxClientDownload.ocx ActiveX control distributed with WellingTech KingScada.

Found in modules/exploits/windows/browser/wellintech_kingscada_kxclientdownload.rb - About 2 hrs to fix

Method `on_request_uri` has 52 lines of code (exceeds 25 allowed). Consider refactoring.
Open

  def on_request_uri(cli, request)

    url_base =  "http://"
    url_base += (datastore['SRVHOST'] == '0.0.0.0') ? Rex::Socket.source_address(cli.peerhost) : datastore['SRVHOST']
    url_base += ":" + datastore['SRVPORT'].to_s + get_resource()

Found in modules/exploits/windows/browser/dxstudio_player_exec.rb - About 2 hrs to fix

Method `initialize` has 52 lines of code (exceeds 25 allowed). Consider refactoring.
Open

  def initialize(info = {})
    super(update_info(info,
      'Name'           => 'Adobe Flash Player "Button" Remote Code Execution',
      'Description'    => %q{
          This module exploits a vulnerability in the handling of certain SWF movies

Found in modules/exploits/windows/fileformat/adobe_flashplayer_button.rb - About 2 hrs to fix

Method `initialize` has 52 lines of code (exceeds 25 allowed). Consider refactoring.
Open

  def initialize(info = {})
    super(update_info(info,
      'Name'           => 'ABRT sosreport Privilege Escalation',
      'Description'    => %q{
        This module attempts to gain root privileges on RHEL systems with

Found in modules/exploits/linux/local/abrt_sosreport_priv_esc.rb - About 2 hrs to fix

Method `exploit` has 52 lines of code (exceeds 25 allowed). Consider refactoring.
Open

  def exploit
    krelease = kernel_release
    # Check if kernel header folders exist
    kernel_headers_path = [
      "/lib/modules/#{krelease}/build",

Found in modules/exploits/linux/local/docker_privileged_container_kernel_escape.rb - About 2 hrs to fix

Method `initialize` has 52 lines of code (exceeds 25 allowed). Consider refactoring.
Open

  def initialize(info = {})
    super(
      update_info(
        info,
        'Name' => 'HP Performance Monitoring xglance Priv Esc',

Found in modules/exploits/linux/local/hp_xglance_priv_esc.rb - About 2 hrs to fix

Method `initialize` has 52 lines of code (exceeds 25 allowed). Consider refactoring.
Open

  def initialize(info = {})
    super(
      update_info(
        info,
        'Name' => 'Sudoedit Extra Arguments Priv Esc',

Found in modules/exploits/linux/local/sudoedit_bypass_priv_esc.rb - About 2 hrs to fix

Method `initialize` has 52 lines of code (exceeds 25 allowed). Consider refactoring.
Open

  def initialize(info = {})
    super(update_info(info,
        'Name'           => 'Linux Kernel 4.6.3 Netfilter Privilege Escalation',
        'Description'    => %q{
          This module attempts to exploit a netfilter bug on Linux Kernels before 4.6.3, and currently

Found in modules/exploits/linux/local/netfilter_priv_esc_ipv4.rb - About 2 hrs to fix

Method `initialize` has 52 lines of code (exceeds 25 allowed). Consider refactoring.
Open

  def initialize(info = {})
    super(
      update_info(
        info,
        'Name' => 'io_uring Same Type Object Reuse Priv Esc',

Found in modules/exploits/linux/local/cve_2022_1043_io_uring_priv_esc.rb - About 2 hrs to fix

Method `check` has 52 lines of code (exceeds 25 allowed). Consider refactoring.
Open

  def check
    res = send_request_cgi(
      'method'  => 'GET',
      'uri'     => normalize_uri(target_uri.path),
      'ctype'   => 'application/json',

Found in modules/exploits/linux/http/rancher_server.rb - About 2 hrs to fix

Method `exploit` has 52 lines of code (exceeds 25 allowed). Consider refactoring.
Open

  def exploit
    all_files_uploaded = false

    # Upload PHP web shell and meterpreter to writable directory on target
    for i in 0...@WRITABLE_PATHS.size

Found in modules/exploits/linux/http/nagios_xi_magpie_debug.rb - About 2 hrs to fix

Method `initialize` has 52 lines of code (exceeds 25 allowed). Consider refactoring.
Open

  def initialize(info = {})
    super(update_info(info,
      'Name'        => 'Zyxel/Eir D1000 DSL Modem NewNTPServer Command Injection Over TR-064',
      'Description' => %q{
        Broadband DSL modems manufactured by Zyxel and distributed by some

Found in modules/exploits/linux/http/tr064_ntpserver_cmdinject.rb - About 2 hrs to fix

Method `initialize` has 52 lines of code (exceeds 25 allowed). Consider refactoring.
Open

  def initialize(info = {})
    super(update_info(info,
      'Name'           => 'Berlios GPSD Format String Vulnerability',
      'Description'    => %q{
          This module exploits a format string vulnerability in the Berlios GPSD server.

Found in modules/exploits/linux/http/gpsd_format_string.rb - About 2 hrs to fix

Method `initialize` has 52 lines of code (exceeds 25 allowed). Consider refactoring.
Open

  def initialize(info = {})
    super(update_info(info,
      'Name'           => 'D-Link/TRENDnet NCC Service Command Injection',
      'Description'    => %q{
        This module exploits a remote command injection vulnerability on several routers. The

Found in modules/exploits/linux/http/multi_ncc_ping_exec.rb - About 2 hrs to fix

Method `initialize` has 52 lines of code (exceeds 25 allowed). Consider refactoring.
Open

  def initialize(info = {})
    super(
      update_info(
        info,
        'Name' => 'Apache NiFi H2 Connection String Remote Code Execution',

Found in modules/exploits/linux/http/apache_nifi_h2_rce.rb - About 2 hrs to fix

Method `initialize` has 52 lines of code (exceeds 25 allowed). Consider refactoring.
Open

  def initialize(info = {})
    super(
      update_info(
        info,
        'Name' => 'IPFire 2.25 Core Update 156 and Prior pakfire.cgi Authenticated RCE',

Found in modules/exploits/linux/http/ipfire_pakfire_exec.rb - About 2 hrs to fix

rapid7/metasploit-framework

Showing 7,361 of 22,177 total issues

Method `on_request_uri` has 52 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `on_request_uri` has 52 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `initialize` has 52 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `on_request_uri` has 52 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `initialize` has 52 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `on_request_uri` has 52 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `initialize` has 52 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `initialize` has 52 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `exploit` has 52 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `initialize` has 52 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `initialize` has 52 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `initialize` has 52 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `initialize` has 52 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `check` has 52 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `exploit` has 52 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `initialize` has 52 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `initialize` has 52 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `initialize` has 52 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `initialize` has 52 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `initialize` has 52 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Severity

Category

Status

Source

Language

rapid7/metasploit-framework

Showing 7,361 of 22,177 total issues

Method on_request_uri has 52 lines of code (exceeds 25 allowed). Consider refactoring. Open

Method on_request_uri has 52 lines of code (exceeds 25 allowed). Consider refactoring. Open

Method initialize has 52 lines of code (exceeds 25 allowed). Consider refactoring. Open

Method on_request_uri has 52 lines of code (exceeds 25 allowed). Consider refactoring. Open

Method initialize has 52 lines of code (exceeds 25 allowed). Consider refactoring. Open

Method on_request_uri has 52 lines of code (exceeds 25 allowed). Consider refactoring. Open

Method initialize has 52 lines of code (exceeds 25 allowed). Consider refactoring. Open

Method initialize has 52 lines of code (exceeds 25 allowed). Consider refactoring. Open

Method exploit has 52 lines of code (exceeds 25 allowed). Consider refactoring. Open

Method initialize has 52 lines of code (exceeds 25 allowed). Consider refactoring. Open

Method initialize has 52 lines of code (exceeds 25 allowed). Consider refactoring. Open

Method initialize has 52 lines of code (exceeds 25 allowed). Consider refactoring. Open

Method initialize has 52 lines of code (exceeds 25 allowed). Consider refactoring. Open

Method check has 52 lines of code (exceeds 25 allowed). Consider refactoring. Open

Method exploit has 52 lines of code (exceeds 25 allowed). Consider refactoring. Open

Method initialize has 52 lines of code (exceeds 25 allowed). Consider refactoring. Open

Method initialize has 52 lines of code (exceeds 25 allowed). Consider refactoring. Open

Method initialize has 52 lines of code (exceeds 25 allowed). Consider refactoring. Open

Method initialize has 52 lines of code (exceeds 25 allowed). Consider refactoring. Open

Method initialize has 52 lines of code (exceeds 25 allowed). Consider refactoring. Open

Severity

Category

Status

Source

Language

Method `on_request_uri` has 52 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `on_request_uri` has 52 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `initialize` has 52 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `on_request_uri` has 52 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `initialize` has 52 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `on_request_uri` has 52 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `initialize` has 52 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `initialize` has 52 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `exploit` has 52 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `initialize` has 52 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `initialize` has 52 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `initialize` has 52 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `initialize` has 52 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `check` has 52 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `exploit` has 52 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `initialize` has 52 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `initialize` has 52 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `initialize` has 52 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `initialize` has 52 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `initialize` has 52 lines of code (exceeds 25 allowed). Consider refactoring.
Open