Showing 7,361 of 22,177 total issues
Method check
has 51 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def check
sys_info = get_sysinfo
# Check the app is installed and the version
if sys_info[:distro] == 'ubuntu' || sys_info[:distro] == 'debian'
Method initialize
has 51 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info={})
super(update_info(info,
'Name' => "Symantec Web Gateway 5 restore.php Post Authentication Command Injection",
'Description' => %q{
This module exploits a command injection vulnerability found in Symantec Web
Method initialize
has 51 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(
update_info(
info,
{
Method initialize
has 51 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(
update_info(
info,
'Name' => 'WeBid converter.php Remote PHP Code Injection',
Method initialize
has 51 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(
update_info(
info,
'Name' => 'Oracle E-Business Suite (EBS) Unauthenticated Arbitrary File Upload',
Method exploit
has 51 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def exploit
# run if AutoCheck is false (@config = nil), otherwise use the information in @config gathered during the check method
unless @config
res = get_configuration
fail_with(Failure::NotVulnerable, 'Target is not vulnerable.') if res.nil? || res.code != 200
Method initialize
has 51 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(
update_info(
info,
'Name' => 'Kibana Timelion Prototype Pollution RCE',
Method payload2
has 51 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def payload2
rand_cmd1 = Rex::Text.rand_text_alpha_lower(4..12)
rand_cmd2 = Rex::Text.rand_text_alpha_lower(4..12)
rand_db = Rex::Text.rand_text_alpha_lower(4..12)
rand_doc = Rex::Text.rand_text_alpha_lower(4..12)
Method initialize
has 51 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(update_info(info,
'Name' => 'Kloxo SQL Injection and Remote Code Execution',
'Description' => %q{
This module exploits an unauthenticated SQL injection vulnerability affecting Kloxo, as
Method initialize
has 51 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(update_info(info,
'Name' => 'Nagios XI Chained Remote Code Execution',
'Description' => %q{
This module exploits a few different vulnerabilities in Nagios XI 5.2.6-5.4.12 to gain remote root access.
Method initialize
has 51 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(update_info(info,
'Name' => 'HP VAN SDN Controller Root Command Injection',
'Description' => %q{
This module exploits a hardcoded service token or default credentials
Method initialize
has 51 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(update_info(info,
'Name' => 'Zimbra Collaboration Autodiscover Servlet XXE and ProxyServlet SSRF',
'Description' => %q{
This module exploits an XML external entity vulnerability and a
Method initialize
has 51 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(update_info(info,
'Name' => 'Fritz!Box Webcm Unauthenticated Command Injection',
'Description' => %q{
Different Fritz!Box devices are vulnerable to an unauthenticated OS command injection.
Method enum_configs
has 51 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def enum_configs(prompt)
host = session.session_host
port = session.session_port
# https://support.f5.com/csp/article/K26582310
exec_commands = [
Method initialize
has 51 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(update_info(info,
'Name' => 'Accellion FTA MPIPE2 Command Execution',
'Description' => %q{
This module exploits a chain of vulnerabilities in the Accellion
Method run
has 51 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def run
iprange = datastore['RHOSTS']
print_status("Performing ping sweep for IP range #{iprange}")
iplst = []
begin
Method print_result
has 51 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def print_result(result: nil)
return unless result
process_info = "#{result[:process]['name']} (pid: #{result[:process]['pid']})"
unless result[:status] == :success
Method run
has 51 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def run
unless (datastore['DISCLAIMER'] == true)
print_error('This module will delete HSTS data from all browsers on the target. You must set the DISCLAIMER option to True to acknowledge that you understand this warning.')
return
end
Method init_thycotic_db
has 51 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def init_thycotic_db(ss_web_path)
print_status('Decrypt database.config ...')
ss_db_config_file = ss_web_path + 'database.config'
vprint_status('Database configuration file path:')
vprint_status("\t#{ss_db_config_file}")
Method cmd_window_enum
has 51 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def cmd_window_enum(*args)
parent_window = nil
include_unknown = false
window_class_name = nil