Showing 7,361 of 22,177 total issues
Method initialize
has 64 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(update_info(info,
'Name' => 'Microsoft SQL Server Payload Execution via SQL Injection',
'Description' => %q{
This module will execute an arbitrary payload on a Microsoft SQL
Method enable_xp_cmdshell
has 64 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def enable_xp_cmdshell(path,name,shelled)
# Enables "show advanced options" and xp_cmdshell if needed and possible
# They cannot be enabled in user transactions (i.e. via openquery)
# Only enabled if RPC_Out is enabled for linked server
# All changes are reverted after payload delivery and execution
Method initialize
has 64 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(update_info(info,
'Name' => 'GAMSoft TelSrv 1.5 Username Buffer Overflow',
'Description' => %q{
This module exploits a username sprintf stack buffer overflow in GAMSoft TelSrv 1.5.
Method initialize
has 64 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(
update_info(
info,
'Name' => 'MS01-026 Microsoft IIS/PWS CGI Filename Double Decode Command Execution',
Method initialize
has 64 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(
update_info(
info,
'Name' => 'ZenTao Pro 8.8.2 Remote Code Execution',
Method initialize
has 64 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(
update_info(
info,
'Name' => 'MOVEit SQL Injection vulnerability',
Method initialize
has 64 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(
update_info(
info,
'Name' => 'Advantech iView NetworkServlet Command Injection',
Method on_request_uri
has 64 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def on_request_uri(cli, request)
if request.headers['User-Agent'] !~ /Maxthon\/3/ or request.headers['User-Agent'] !~ /AppleWebKit\/534.12/
print_status("Sending 404 for User-Agent #{request.headers['User-Agent']}")
send_not_found(cli)
return
Method initialize
has 64 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(
update_info(
info,
'Name' => 'ptrace Sudo Token Privilege Escalation',
Method initialize
has 64 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(
update_info(
info,
'Name' => 'Zyxel Firewall SUID Binary Privilege Escalation',
Method initialize
has 64 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(
update_info(
info,
'Name' => 'Cisco HyperFlex HX Data Platform Command Execution',
Method initialize
has 64 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(
update_info(
info,
'Name' => 'pyLoad js2py Python Execution',
Method initialize
has 64 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(
update_info(
info,
'Name' => 'Apache OFBiz SOAP Java Deserialization',
Method initialize
has 64 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(
update_info(
info,
'Name' => 'Palo Alto Networks Authenticated Remote Code Execution',
Method exploit
has 64 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def exploit
print_status('Encoding the payload as .jsp')
payload = Msf::Util::EXE.to_jsp(generate_payload_exe)
# Small sanity-check
Method initialize
has 64 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(
update_info(
info,
'Name' => 'IGEL OS Secure VNC/Terminal Command Injection RCE',
Method run
has 64 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def run
fail_with(Failure::BadConfig, 'Invalid session ID selected.') if client.nil?
fail_with(Failure::BadConfig, 'Invalid action') if action.nil?
num_chunks = (datastore['RECORD_LEN'].to_f / datastore['SYNC_WAIT'].to_f).ceil
Method run
has 64 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def run
# A table to store the found credentials.
cred_table = Rex::Text::Table.new(
'Header' => '.fetchmailrc credentials',
'Indent' => 1,
Method decrypt_local_vault_key
has 64 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def decrypt_local_vault_key(account, browser_map)
data = nil
session_cookie_value = nil
browser_map.each_pair do |browser, lp_data|
Method exist_and_supported
has 64 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def exist_and_supported
case session.platform
when 'linux'
user = session.shell_command('whoami')
print_status("Current user is #{user}")