Issues - rapid7/metasploit-framework

Method `initialize` has 68 lines of code (exceeds 25 allowed). Consider refactoring.
Open

  def initialize(info = {})
    super(
      update_info(
        info,
        'Name' => 'Apache Struts 2 Forced Multi OGNL Evaluation',

Found in modules/exploits/multi/http/struts2_multi_eval_ognl.rb - About 2 hrs to fix

Method `exploit` has 68 lines of code (exceeds 25 allowed). Consider refactoring.
Open

  def exploit
    if !datastore['ForceExploit'] && is_root?
      fail_with Failure::BadConfig, 'Session already has root privileges. Set ForceExploit to override.'
    end

Found in modules/exploits/openbsd/local/dynamic_loader_chpass_privesc.rb - About 2 hrs to fix

Method `initialize` has 68 lines of code (exceeds 25 allowed). Consider refactoring.
Open

  def initialize(info = {})
    super(
      update_info(
        info,
        'Name' => 'CVE-2022-21999 SpoolFool Privesc',

Found in modules/exploits/windows/local/cve_2022_21999_spoolfool_privesc.rb - About 2 hrs to fix

Method `exploit` has 68 lines of code (exceeds 25 allowed). Consider refactoring.
Open

  def exploit
    @reg_keys = []
    check_permissions!
    case get_uac_level
    when UAC_PROMPT_CREDS_IF_SECURE_DESKTOP,

Found in modules/exploits/windows/local/bypassuac_dotnet_profiler.rb - About 2 hrs to fix

Method `initialize` has 68 lines of code (exceeds 25 allowed). Consider refactoring.
Open

  def initialize(info = {})
    super(
      update_info(
        info,
        'Name' => 'SharePoint DataSet / DataTable Deserialization',

Found in modules/exploits/windows/http/sharepoint_data_deserialization.rb - About 2 hrs to fix

Method `exploit` has 68 lines of code (exceeds 25 allowed). Consider refactoring.
Open

  def exploit
    tmp_target = target
    case get_target_name
    when targets[1]
      target = targets[1]

Found in modules/exploits/windows/http/syncbreeze_bof.rb - About 2 hrs to fix

Method `initialize` has 68 lines of code (exceeds 25 allowed). Consider refactoring.
Open

  def initialize(info = {})
    super(
      update_info(
        info,
        'Name' => 'Zoho Password Manager Pro XML-RPC Java Deserialization',

Found in modules/exploits/windows/http/zoho_password_manager_pro_xml_rpc_rce.rb - About 2 hrs to fix

Method `leak_web_config` has 68 lines of code (exceeds 25 allowed). Consider refactoring.
Open

  def leak_web_config
    print_status('Leaking the ViewState validation key...')

    web_id = sharepoint_get_site_web_id('cookie' => cookie)
    fail_with(Failure::UnexpectedReply, 'Failed to retrieve the site web ID') unless web_id

Found in modules/exploits/windows/http/sharepoint_unsafe_control.rb - About 2 hrs to fix

Method `initialize` has 68 lines of code (exceeds 25 allowed). Consider refactoring.
Open

  def initialize(info = {})
    super(
      update_info(
        info,
        'Name' => 'AddressSanitizer (ASan) SUID Executable Privilege Escalation',

Found in modules/exploits/linux/local/asan_suid_executable_priv_esc.rb - About 2 hrs to fix

Method `initialize` has 68 lines of code (exceeds 25 allowed). Consider refactoring.
Open

  def initialize(info = {})
    super(
      update_info(
        info,
        'Name' => 'Kemp LoadMaster Local sudo privilege escalation',

Found in modules/exploits/linux/local/progress_kemp_loadmaster_sudo_privesc_2024.rb - About 2 hrs to fix

Method `initialize` has 68 lines of code (exceeds 25 allowed). Consider refactoring.
Open

  def initialize(info = {})
    super(
      update_info(
        info,
        'Name' => 'Serv-U FTP Server prepareinstallation Privilege Escalation',

Found in modules/exploits/linux/local/servu_ftp_server_prepareinstallation_priv_esc.rb - About 2 hrs to fix

Method `initialize` has 68 lines of code (exceeds 25 allowed). Consider refactoring.
Open

  def initialize(info = {})
    super(
      update_info(
        info,
        'Name' => 'Lucee Administrator imgProcess.cfm Arbitrary File Write',

Found in modules/exploits/linux/http/lucee_admin_imgprocess_file_write.rb - About 2 hrs to fix

Method `exploit` has 68 lines of code (exceeds 25 allowed). Consider refactoring.
Open

  def exploit
    downfile = datastore['DOWNFILE'] || rand_text_alpha(8+rand(4))
    uri = '/apply.cgi'
    user = datastore['HttpUsername']
    pass = datastore['HttpPassword']

Found in modules/exploits/linux/http/linksys_wrt160nv2_apply_exec.rb - About 2 hrs to fix

Method `initialize` has 68 lines of code (exceeds 25 allowed). Consider refactoring.
Open

  def initialize(info = {})
    super(
      update_info(
        info,
        'Name' => 'Zyxel Firewall ZTP Unauthenticated Command Injection',

Found in modules/exploits/linux/http/zyxel_ztp_rce.rb - About 2 hrs to fix

Method `initialize` has 68 lines of code (exceeds 25 allowed). Consider refactoring.
Open

  def initialize(info = {})
    super(
      update_info(
        info,
        'Name' => 'OpenTSDB 2.4.0 unauthenticated command injection',

Found in modules/exploits/linux/http/opentsdb_yrange_cmd_injection.rb - About 2 hrs to fix

Method `initialize` has 68 lines of code (exceeds 25 allowed). Consider refactoring.
Open

  def initialize(info = {})
    super(
      update_info(
        info,
        'Name' => 'Bitbucket Git Command Injection',

Found in modules/exploits/linux/http/bitbucket_git_cmd_injection.rb - About 2 hrs to fix

Method `get_creds` has 68 lines of code (exceeds 25 allowed). Consider refactoring.
Open

  def get_creds
    credentials = []
    # call credenumerate to get the ptr needed
    adv32 = session.railgun.advapi32
    begin

Found in modules/post/windows/gather/credentials/enum_cred_store.rb - About 2 hrs to fix

Method `cmd_execute` has 68 lines of code (exceeds 25 allowed). Consider refactoring.
Open

  def cmd_execute(*args)
    if (args.length == 0)
      args.unshift("-h")
    end

Found in lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/sys.rb - About 2 hrs to fix

Method `mikrotik_swos_config_eater` has 68 lines of code (exceeds 25 allowed). Consider refactoring.
Open

    def mikrotik_swos_config_eater(thost, tport, config)
      if framework.db.active
        credential_data = {
          address: thost,
          port: tport,

Found in lib/msf/core/auxiliary/mikrotik.rb - About 2 hrs to fix

Method `initialize` has 68 lines of code (exceeds 25 allowed). Consider refactoring.
Open

  def initialize(info = {})
    ret = super(info)

    register_advanced_options(
      [

Found in lib/msf/core/payload/linux.rb - About 2 hrs to fix

rapid7/metasploit-framework

Showing 7,361 of 22,177 total issues

Method `initialize` has 68 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `exploit` has 68 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `initialize` has 68 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `exploit` has 68 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `initialize` has 68 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `exploit` has 68 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `initialize` has 68 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `leak_web_config` has 68 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `initialize` has 68 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `initialize` has 68 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `initialize` has 68 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `initialize` has 68 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `exploit` has 68 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `initialize` has 68 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `initialize` has 68 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `initialize` has 68 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `get_creds` has 68 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `cmd_execute` has 68 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `mikrotik_swos_config_eater` has 68 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `initialize` has 68 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Severity

Category

Status

Source

Language

rapid7/metasploit-framework

Showing 7,361 of 22,177 total issues

Method initialize has 68 lines of code (exceeds 25 allowed). Consider refactoring. Open

Method exploit has 68 lines of code (exceeds 25 allowed). Consider refactoring. Open

Method initialize has 68 lines of code (exceeds 25 allowed). Consider refactoring. Open

Method exploit has 68 lines of code (exceeds 25 allowed). Consider refactoring. Open

Method initialize has 68 lines of code (exceeds 25 allowed). Consider refactoring. Open

Method exploit has 68 lines of code (exceeds 25 allowed). Consider refactoring. Open

Method initialize has 68 lines of code (exceeds 25 allowed). Consider refactoring. Open

Method leak_web_config has 68 lines of code (exceeds 25 allowed). Consider refactoring. Open

Method initialize has 68 lines of code (exceeds 25 allowed). Consider refactoring. Open

Method initialize has 68 lines of code (exceeds 25 allowed). Consider refactoring. Open

Method initialize has 68 lines of code (exceeds 25 allowed). Consider refactoring. Open

Method initialize has 68 lines of code (exceeds 25 allowed). Consider refactoring. Open

Method exploit has 68 lines of code (exceeds 25 allowed). Consider refactoring. Open

Method initialize has 68 lines of code (exceeds 25 allowed). Consider refactoring. Open

Method initialize has 68 lines of code (exceeds 25 allowed). Consider refactoring. Open

Method initialize has 68 lines of code (exceeds 25 allowed). Consider refactoring. Open

Method get_creds has 68 lines of code (exceeds 25 allowed). Consider refactoring. Open

Method cmd_execute has 68 lines of code (exceeds 25 allowed). Consider refactoring. Open

Method mikrotik_swos_config_eater has 68 lines of code (exceeds 25 allowed). Consider refactoring. Open

Method initialize has 68 lines of code (exceeds 25 allowed). Consider refactoring. Open

Severity

Category

Status

Source

Language

Method `initialize` has 68 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `exploit` has 68 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `initialize` has 68 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `exploit` has 68 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `initialize` has 68 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `exploit` has 68 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `initialize` has 68 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `leak_web_config` has 68 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `initialize` has 68 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `initialize` has 68 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `initialize` has 68 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `initialize` has 68 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `exploit` has 68 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `initialize` has 68 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `initialize` has 68 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `initialize` has 68 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `get_creds` has 68 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `cmd_execute` has 68 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `mikrotik_swos_config_eater` has 68 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `initialize` has 68 lines of code (exceeds 25 allowed). Consider refactoring.
Open