Showing 7,361 of 22,177 total issues
Method make_u3d_stream
has 61 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def make_u3d_stream(size, meshname)
# build the U3D header
hdr_data = [1,0].pack('n*') # version info
hdr_data << [0,0x24,31337,0,0x6a].pack('VVVVV')
Method exploit
has 61 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def exploit
expected_payload_size = 622
# This is a custom ROP chain for bypassing DEP via VirtualAlloc
rop_chain = [0x00544498].pack('V') # pop edx ; mov eax, 0x00000022 ; ret ;
Method initialize
has 61 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info={})
super(update_info(info,
'Name' => "CyberLink LabelPrint 2.5 Stack Buffer Overflow",
'Description' => %q{
This module exploits a stack buffer overflow in CyberLink LabelPrint 2.5 and below.
Method initialize
has 61 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(update_info(info,
'Name' => 'MS06-070 Microsoft Workstation Service NetpManageIPCConnect Overflow',
'Description' => %q{
This module exploits a stack buffer overflow in the NetApi32 NetpManageIPCConnect
Method initialize
has 61 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(update_info(info,
'Name' => 'Ahsay Backup v7.x-v8.1.1.50 (authenticated) file upload',
'Description' => %q{
This module exploits an authenticated insecure file upload and code
Method exploit
has 61 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def exploit
connect(versions: [1])
smb_login()
Method initialize
has 61 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(
update_info(
info,
'Name' => 'Lexmark Device Embedded Web Server RCE',
Method initialize
has 61 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(
update_info(
info,
'Name' => 'Centreon Poller Authenticated Remote Command Execution',
Method initialize
has 61 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(
update_info(
info,
'Name' => 'Roxy-WI Prior to 6.1.1.0 Unauthenticated Command Injection RCE',
Method initialize
has 61 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(
update_info(
info,
'Name' => 'Zip Path Traversal in Zimbra (mboximport) (CVE-2022-27925)',
Method initialize
has 61 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(
update_info(
info,
'Name' => 'Trend Micro Web Security (Virtual Appliance) Remote Code Execution',
Method upload
has 61 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def upload
# Extract hash and hash2 from response
res = send_request_cgi({
'method' => 'GET',
'cookie' => @cookie,
Method initialize
has 61 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(
update_info(
info,
'Name' => 'TP-Link Cloud Cameras NCXXX Bonjour Command Injection',
Method exploit
has 61 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def exploit
# 1: try to see if the default admin username and password are set
timestamp = get_auth_timestamp
# 2: now we try two things at once:
Method initialize
has 61 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info={})
super(update_info(info,
'Name' => "Apache James Server 2.3.2 Insecure User Creation Arbitrary File Write",
'Description' => %q{
This module exploits a vulnerability that exists due to a lack of input
Method initialize
has 61 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(
update_info(
info,
'Name' => 'Apache Storm Nimbus getTopologyHistory Unauthenticated Command Execution',
Method initialize
has 61 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(update_info(info,
'Name' => 'HP Jetdirect Path Traversal Arbitrary Code Execution',
'Description' => %q{
The module exploits a path traversal via Jetdirect to gain arbitrary code execution by
Method run
has 61 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def run
username = cmd_exec('whoami').strip
security_path = datastore['SECURITY_PATH'].shellescape
sidebar_plist_path = datastore['SIDEBAR_PLIST_PATH'].gsub(/^~/, "/Users/#{username}").shellescape
recent_plist_path = datastore['RECENT_PLIST_PATH'].gsub(/^~/, "/Users/#{username}").shellescape
Method run
has 61 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def run
oldversion = false
case session.platform
when 'linux'
Method process_backup
has 61 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def process_backup(path)
print_status("Pulling data from #{path}...")
mbdb_data = ''
mbdx_data = ''