rapid7/metasploit-framework

Method get_filezilla_creds has 62 lines of code (exceeds 25 allowed). Consider refactoring.

Open

  def get_filezilla_creds(paths)
    sitedata = ''
    recentdata = ''
    creds = []

Method enum_powershell has 62 lines of code (exceeds 25 allowed). Consider refactoring.

Open

  def enum_powershell
    unless registry_enumkeys('HKLM\\SOFTWARE\\Microsoft').include?('PowerShell')
      print_error('PowerShell is not installed on this system.')
      return
    end

Method extract_lnk_info has 62 lines of code (exceeds 25 allowed). Consider refactoring.

Open

  def extract_lnk_info(path)
    session.fs.dir.foreach(path) do |file_name|
      if file_name =~ /\.lnk$/ # We have a .lnk file
        offset = 0 # TODO: Look at moving this to smaller scope
        lnk_file = session.fs.file.new(path + file_name, 'rb')

Method run has 62 lines of code (exceeds 25 allowed). Consider refactoring.

Open

  def run
    @chrome_files = [
      { raw: '', in_file: 'Web Data', sql: 'select * from autofill;' },
      { raw: '', in_file: 'Web Data', sql: 'SELECT username_value,origin_url,signon_realm FROM logins;' },
      { raw: '', in_file: 'Web Data', sql: 'select * from autofill_profiles;' },

Method initialize has 62 lines of code (exceeds 25 allowed). Consider refactoring.

Open

  def initialize(info = {})
    super(
      update_info(
        info,
        'Name' => 'Execute .net Assembly (x64 only)',

Method inspect has 62 lines of code (exceeds 25 allowed). Consider refactoring.

Open

  def inspect
    utype = type ^ TLV_META_TYPE_COMPRESSED
    group = false
    meta = case (utype & TLV_META_MASK)
      when TLV_META_TYPE_STRING; "STRING"

Method create_library has 62 lines of code (exceeds 25 allowed). Consider refactoring.

Open

  def self.create_library(constant_manager, library_path = 'iphlpapi')
    dll = Library.new(library_path, constant_manager)

    dll.add_function('CancelIPChangeNotify', 'BOOL',[
      ["PBLOB","notifyOverlapped","in"],

Method rpc_del_vuln has 62 lines of code (exceeds 25 allowed). Consider refactoring.

Open

  def rpc_del_vuln(xopts)
  ::ApplicationRecord.connection_pool.with_connection {
    opts, wspace = init_db_opts_workspace(xopts)
    opts[:workspace] = opts[:workspace].name
    hosts  = []

Method initialize has 62 lines of code (exceeds 25 allowed). Consider refactoring.

Open

  def initialize(module_instance, obj_hash = nil)
    unless obj_hash.nil?
      init_from_hash(obj_hash)
      return
    end

Method module_to_details_hash has 62 lines of code (exceeds 25 allowed). Consider refactoring.

Open

  def module_to_details_hash(m)
    res  = {}
    bits = []

    res[:mtime]    = ::File.mtime(m.file_path) rescue Time.now

Method search_modules has 62 lines of code (exceeds 25 allowed). Consider refactoring.

Open

  def search_modules(search_string)
    search_string ||= ''
    search_string += " "

    # Split search terms by space, but allow quoted strings

Method on_request_uri has 62 lines of code (exceeds 25 allowed). Consider refactoring.

Open

    def on_request_uri(cli, request)
      case request.uri
      when '/', get_resource.chomp("/")
        #
        # This is the information gathering stage

Method dot_net_compiler has 62 lines of code (exceeds 25 allowed). Consider refactoring.

Open

      def dot_net_compiler(opts = {})
        #TODO:
        # allow compilation entirely in memory with a b64 encoded product for export without disk access
        # Dynamically assign assemblies based on dot_net_code require/includes
        #   Enumerate assemblies available to session, pull requirements, assign accordingly, pass to PS

Method parse has 62 lines of code (exceeds 25 allowed). Consider refactoring.

Open

  def parse(pkt)

    # We want to return immediatly if we do not have a packet which is handled by us
    return unless pkt.is_tcp?
    return if (pkt.tcp_sport != 143 and pkt.tcp_dport != 143)

Identical blocks of code found in 2 locations. Consider refactoring.

Open

  def get_oracle_version(ip)
    begin
      res = send_request_cgi({
        'version' => '1.1',
        'uri'     => uri,

• Read up
  Read up

Identical blocks of code found in 2 locations. Consider refactoring.

Open

  def do_sqli(node, query)
    mark = Rex::Text.rand_text_alpha(5 + rand(3))
    random_and = Rex::Text.rand_text_numeric(4)
    injection = ") and(select 1 from(select count(*),concat((select (select concat('#{mark}',cast((#{query}) as char),'#{mark}')) "
    injection << "from information_schema.tables limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a) "

• Read up
  Read up

Identical blocks of code found in 2 locations. Consider refactoring.

Open

  def get_oracle_version(ip)
    begin
      res = send_request_cgi({
        'version' => '1.1',
        'uri'     => uri,

• Read up
  Read up

Identical blocks of code found in 2 locations. Consider refactoring.

Open

  def do_sqli(node, query)
    mark = Rex::Text.rand_text_alpha(5 + rand(3))
    random_and = Rex::Text.rand_text_numeric(4)
    injection = ") and(select 1 from(select count(*),concat((select (select concat('#{mark}',cast((#{query}) as char),'#{mark}')) "
    injection << "from information_schema.tables limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a) "

• Read up
  Read up

Similar blocks of code found in 2 locations. Consider refactoring.

Open

  module OptionalSession
    module MSSQL
      include Msf::OptionalSession

      RHOST_GROUP_OPTIONS = %w[RHOSTS RPORT DATABASE USERNAME PASSWORD THREADS]

• Read up
  Read up

Similar blocks of code found in 2 locations. Consider refactoring.

Open

  def rpc_encoders(module_info = nil, arch = nil)
    unless module_info.nil?
      module_info = module_info.strip.split(',').map(&:strip)
      module_info.map!(&:to_sym)
    end

• Read up
  Read up