Showing 7,361 of 22,177 total issues
Method exploit
has 86 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def exploit
# Generate the ASPX containing the EXE containing the payload
exe = generate_payload_exe
aspx = Msf::Util::EXE.to_exe_aspx(exe)
Method get_directory_listing
has 86 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def get_directory_listing(folder)
print_status("Getting directory listing for #{folder} via XXE and FTP")
# Generate a unique callback URL
path = "/#{rand_text_alpha(rand(8..15))}.dtd"
Method primer
has 86 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def primer
payload_url = get_uri
print_status("Downloading configuration from #{peer}")
if(datastore['USE_SSL'])
print_status("Using SSL connection to router.")
Method cleanup
has 86 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def cleanup
super
# We didn't know the previous values, so just blank out XXX
unless @client_id.nil? || @csrf_token.nil? || @db_id.nil? || @values_to_reset.nil?
Method parse
has 86 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def parse(body = '')
self.raw = self.raw + body
self.type = self.raw[2,1].unpack('C')[0]
uuid = Rex::Proto::DCERPC::UUID
Method login_2
has 86 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def login_2(user, pass, epmp_ver)
res = send_request_cgi(
{
'uri' => '/cgi-bin/luci',
'method' => 'POST',
Method asm_bind_tcp
has 86 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def asm_bind_tcp(opts={})
reliable = opts[:reliable]
addr_fam = 2
sockaddr_size = 16
stack_alloc = 408+8+8*6+32*7
Method cmd_alias
has 85 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def cmd_alias(*args)
# we parse args manually instead of using @@alias.opts.parse to handle special cases
case args.length
when 0 # print the list of current aliases
if @aliases.empty?
Method run
has 85 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def run
print_status("#{rhost}:#{rport} - Fingerprinting...")
res = send_request_cgi({
'uri' => normalize_uri(target_uri.to_s, "login"),
Method run
has 85 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def run
uri = datastore['TARGETURI']
res = send_request_cgi({
'uri' => uri.sub('[NoSQLi]', '')
Method getacesspoints
has 85 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def getacesspoints(rhost)
print_status("[SAP] Connecting to SAP Management Console SOAP Interface on #{rhost}:#{rport}")
success = false
soapenv = 'http://schemas.xmlsoap.org/soap/envelope/'
xsi = 'http://www.w3.org/2001/XMLSchema-instance'
Method run_host
has 85 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def run_host(ip)
if vim_do_login(datastore['USERNAME'], datastore['PASSWORD']) == :success
# Get local Users and Groups
user_list = vim_get_user_list(nil)
tmp_users = Rex::Text::Table.new(
Method generate
has 85 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def generate(opts={})
# tcp port conversion
port_order = ([1,0]) # byte ordering
tcp_port = [datastore['LPORT'].to_i].pack('n*').unpack('H*').to_s.scan(/../) # converts user input into integer and unpacked into a string array
tcp_port.pop # removes the first useless / from the array
Method initialize
has 85 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(merge_info(info,
'Name' => 'Reverse TCP Stager',
'Description' => 'Connect back to the attacker',
'Author' => ['nemo <nemo[at]felinemenace.org>', 'tkmru'],
Method create_exec_service
has 85 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def create_exec_service(*args)
cookie_split, rhost, uploadpath, phppath, phpfile_name, cmd, cmdargs = *args
res_service = send_request_cgi(
'method' => 'POST',
'uri' => normalize_uri(target_uri.path, 'main.php'),
Method initialize
has 85 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(
update_info(
info,
'Name' => 'Junos OS PHPRC Environment Variable Manipulation RCE',
Method initialize
has 85 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(update_info(info,
'Name' => 'HTTPDX tolog() Function Format String Vulnerability',
'Description' => %q{
This module exploits a format string vulnerability in HTTPDX HTTP server.
Method initialize
has 85 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(
update_info(
info,
'Name' => 'Microsoft Exchange Server ChainedSerializationBinder RCE',
Method on_request_uri
has 85 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def on_request_uri(client, request)
return if ((p = regenerate_payload(client)) == nil)
print_status("Sending exploit HTML...")
Method initialize
has 85 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(
update_info(
info,
'Name' => 'Veeam ONE Agent .NET Deserialization',