Showing 7,361 of 22,177 total issues
Method initialize
has 66 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(
update_info(
info,
'Name' => 'Cisco IOX XE unauthenticated Command Line Interface (CLI) execution',
Method run
has 66 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def run
user = datastore['USERNAME']
pass = datastore['PASSWORD']
trust_store = datastore['TRUST_STORE']
Method run_host
has 66 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def run_host(ip)
os = datastore['OS']
data = '<?xml version="1.0" encoding="utf-8" ?>'
data << '<env:Envelope xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:env="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">'
data << '<env:Body>'
Method run_host
has 66 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def run_host(ip)
data = '<?xml version="1.0" encoding="utf-8" ?>'
data << '<env:Envelope xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:env="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">'
data << '<env:Body>'
data << '<n1:BAPI_USER_CREATE1 xmlns:n1="urn:sap-com:document:sap:rfc:functions" env:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">'
Method php_reverse_shell
has 66 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def php_reverse_shell
if (!datastore['LHOST'] or datastore['LHOST'].empty?)
# datastore is empty on msfconsole startup
ipaddr = '127.0.0.1'
Method generate
has 66 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def generate(opts={})
# 22 -> "0x00,0x16"
# 4444 -> "0x11,0x5c"
tcp_port = convert_input(datastore['LPORT'], 4)
Method initialize
has 66 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(merge_info(info,
'Name' => 'Reverse TCP Stager',
'Description' => 'Connect back to the attacker',
'Author' => 'hdm',
Method exploit
has 66 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def exploit
print_status("Getting login credentials...")
res = send_traversal_query(traversal_path("conf/localconfig.xml"))
unless res and res.code == 200
Method exploit
has 66 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def exploit
print_status("Checking for a valid node id...")
node_id = get_node
if node_id.nil?
print_error("node id not found")
Method initialize
has 66 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(update_info(info,
'Name' => 'Pure-FTPd External Authentication Bash Environment Variable Code Injection (Shellshock)',
'Description' => %q(
This module exploits the Shellshock vulnerability, a flaw in how the Bash shell
Method initialize
has 66 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(update_info(info,
'Name' => 'Apache Tomcat Manager Application Deployer Authenticated Code Execution',
'Description' => %q{
This module can be used to execute a payload on Apache Tomcat servers that
Method upload_php
has 66 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def upload_php(base, opts)
fname = opts['filename']
php_payload = opts['data']
user_id = opts['user_id']
email = opts['email']
Method exploit
has 66 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def exploit
print_status("Login with the provided credentials...")
res = send_request_cgi({
Method initialize
has 66 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize( info = {} )
super( update_info( info,
'Name' => 'Java AtomicReferenceArray Type Violation Vulnerability',
'Description' => %q{
This module exploits a vulnerability due to the fact that
Method initialize
has 66 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize( info = {} )
super( update_info( info,
'Name' => 'Java Applet Field Bytecode Verifier Cache Remote Code Execution',
'Description' => %q{
This module exploits a vulnerability in HotSpot bytecode verifier where an invalid
Method initialize
has 66 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize
super(
'Name' => 'PXE Exploit Server',
'Description' => %q{
This module provides a PXE server, running a DHCP and TFTP server.
Method check
has 66 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def check
version = get_version_info
if version.windows_server?
vprint_good('OS seems vulnerable.')
else
Method xml_payload
has 66 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def xml_payload(cmd)
%|<parameters>
<parameter name="">
<ArrayOfstring z:Id="1" z:Type="System.Collections.Generic.SortedSet`1[[System.String, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]]" z:Assembly="System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
xmlns="http://schemas.microsoft.com/2003/10/Serialization/Arrays"
Method initialize
has 66 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(
update_info(
info,
'Name' => 'ManageEngine ADManager Plus ChangePasswordAction Authenticated Command Injection',
Method initialize
has 66 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info={})
super(update_info(info,
'Name' => "VLC MMS Stream Handling Buffer Overflow",
'Description' => %q{
This module exploits a buffer overflow in VLC media player VLC media player prior