Showing 7,361 of 22,177 total issues
Method initialize
has 63 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize( info = {} )
super( update_info( info,
'Name' => 'Java 7 Applet Remote Code Execution',
'Description' => %q{
The exploit takes advantage of two issues in JDK 7: The ClassFinder and
Method load_payload_from_url
has 63 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def load_payload_from_url(conn_stub)
vprint_status("Creating javax.management.loading.MLet MBean...")
begin
res = send_jmx_create_mbean(
Method initialize
has 63 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(update_info(info,
'Name' => 'FreeSWITCH Event Socket Command Execution',
'Description' => %q{
This module uses the FreeSWITCH event socket interface
Method req_teamcity_6_5
has 63 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def req_teamcity_6_5(script_content)
build_id = Rex::Text.rand_text_numeric(8)
xml_payload = %(
<?xml version="1.0" encoding="UTF-8"?>
<methodCall>
Method initialize
has 63 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(
update_info(
info,
'Name' => 'Service Tracing Privilege Elevation Vulnerability',
Method initialize
has 63 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(
update_info(
info,
'Name' => 'DnsAdmin ServerLevelPluginDll Feature Abuse Privilege Escalation',
Method run_host
has 63 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def run_host(server)
if session.extapi
psh_options = { :remove_comspec => true,
:encode_final_payload => true }
else
Method exploit
has 63 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def exploit
csrf_tok = authenticate
# Grab the list of configured policies
policy_list_uri = normalize_uri(target_uri.path, '/ServletAPI/configuration/policyConfig/getPolicyConfigDetails')
Method exploit
has 63 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def exploit
print_status("Trying target #{target.name}...")
install_path = get_install_path
install_path << "help\\English_United States.1252"
Method initialize
has 63 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(
update_info(
info,
'Name' => 'FlexDotnetCMS Arbitrary ASP File Upload',
Method on_request_uri
has 63 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def on_request_uri(cli, request)
agent = request.headers['User-Agent']
my_target = get_target(agent)
if my_target.nil?
Method exploit
has 63 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def exploit
bufflen = target['BuffLen']
print_status("Trying to exploit #{target.name} with address 0x%.8x..." % target['Ret'])
count = 1 # broke
Method initialize
has 63 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(
update_info(
info,
'Name' => 'Symantec Altiris DS SQL Injection',
Method exploit
has 63 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def exploit
rop_gadgets = [
# rop chain generated with mona.py
0x7c346c0a, # POP EAX # RETN (MSVCR71.dll)
Method c_code
has 63 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def c_code(exe_file)
c = %Q|
// A few constants/function definitions/structs copied from header files
#define RTLD_NEXT ((void *) -1l)
extern uintptr_t dlsym(uintptr_t, char*);
Method initialize
has 63 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(
update_info(
info,
{
Method initialize
has 63 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(
update_info(
info,
'Name' => 'Sophos UTM WebAdmin SID Command Injection',
Method initialize
has 63 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(
update_info(
info,
'Name' => 'Cisco HyperFlex HX Data Platform unauthenticated file upload to RCE (CVE-2021-1499)',
Method initialize
has 63 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(
update_info(
info,
'Name' => 'Apache Superset Signed Cookie RCE',
Method initialize
has 63 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(
update_info(
info,
'Name' => 'VyOS restricted-shell Escape and Privilege Escalation',