Sign upLogin

rapid7/metasploit-framework

View on GitHub
Star

Showing 7,361 of 22,177 total issues

Method make_u3d_stream has 61 lines of code (exceeds 25 allowed). Consider refactoring.
Open

  def make_u3d_stream(size, meshname)

    # build the U3D header
    hdr_data = [1,0].pack('n*') # version info
    hdr_data << [0,0x24,31337,0,0x6a].pack('VVVVV')
Severity: Major
Found in modules/exploits/windows/fileformat/adobe_u3d_meshdecl.rb - About 2 hrs to fix

    Method exploit has 61 lines of code (exceeds 25 allowed). Consider refactoring.
    Open

      def exploit
    expected_payload_size = 622

    # This is a custom ROP chain for bypassing DEP via VirtualAlloc
    rop_chain = [0x00544498].pack('V') # pop edx ; mov eax, 0x00000022 ; ret ;
    Severity: Major
    Found in modules/exploits/windows/misc/ivanti_avalanche_mdm_bof.rb - About 2 hrs to fix

      Method initialize has 61 lines of code (exceeds 25 allowed). Consider refactoring.
      Open

        def initialize(info={})
    super(update_info(info,
      'Name'           => "CyberLink LabelPrint 2.5 Stack Buffer Overflow",
      'Description'    => %q{
        This module exploits a stack buffer overflow in CyberLink LabelPrint 2.5 and below.
      Severity: Major
      Found in modules/exploits/windows/fileformat/cyberlink_lpp_bof.rb - About 2 hrs to fix

        Method initialize has 61 lines of code (exceeds 25 allowed). Consider refactoring.
        Open

          def initialize(info = {})
    super(update_info(info,
      'Name'           => 'MS06-070 Microsoft Workstation Service NetpManageIPCConnect Overflow',
      'Description'    => %q{
          This module exploits a stack buffer overflow in the NetApi32 NetpManageIPCConnect
        Severity: Major
        Found in modules/exploits/windows/smb/ms06_070_wkssvc.rb - About 2 hrs to fix

          Method initialize has 61 lines of code (exceeds 25 allowed). Consider refactoring.
          Open

            def initialize(info = {})
    super(update_info(info,
      'Name'        => 'Ahsay Backup v7.x-v8.1.1.50 (authenticated) file upload',
      'Description' => %q{
       This module exploits an authenticated insecure file upload and code
          Severity: Major
          Found in modules/exploits/windows/misc/ahsay_backup_fileupload.rb - About 2 hrs to fix

            Method exploit has 61 lines of code (exceeds 25 allowed). Consider refactoring.
            Open

              def exploit

    connect(versions: [1])
    smb_login()
            Severity: Major
            Found in modules/exploits/windows/smb/ms06_070_wkssvc.rb - About 2 hrs to fix

              Method initialize has 61 lines of code (exceeds 25 allowed). Consider refactoring.
              Open

                def initialize(info = {})
    super(
      update_info(
        info,
        'Name' => 'Lexmark Device Embedded Web Server RCE',
              Severity: Major
              Found in modules/exploits/linux/http/lexmark_faxtrace_settings.rb - About 2 hrs to fix

                Method initialize has 61 lines of code (exceeds 25 allowed). Consider refactoring.
                Open

                  def initialize(info = {})
    super(
      update_info(
        info,
        'Name' => 'Centreon Poller Authenticated Remote Command Execution',
                Severity: Major
                Found in modules/exploits/linux/http/centreon_pollers_auth_rce.rb - About 2 hrs to fix

                  Method initialize has 61 lines of code (exceeds 25 allowed). Consider refactoring.
                  Open

                    def initialize(info = {})
    super(
      update_info(
        info,
        'Name' => 'Roxy-WI Prior to 6.1.1.0 Unauthenticated Command Injection RCE',
                  Severity: Major
                  Found in modules/exploits/linux/http/roxy_wi_exec.rb - About 2 hrs to fix

                    Method initialize has 61 lines of code (exceeds 25 allowed). Consider refactoring.
                    Open

                      def initialize(info = {})
    super(
      update_info(
        info,
        'Name' => 'Zip Path Traversal in Zimbra (mboximport) (CVE-2022-27925)',
                    Severity: Major
                    Found in modules/exploits/linux/http/zimbra_mboximport_cve_2022_27925.rb - About 2 hrs to fix

                      Method initialize has 61 lines of code (exceeds 25 allowed). Consider refactoring.
                      Open

                        def initialize(info = {})
    super(
      update_info(
        info,
        'Name' => 'Trend Micro Web Security (Virtual Appliance) Remote Code Execution',
                      Severity: Major
                      Found in modules/exploits/linux/http/trendmicro_websecurity_exec.rb - About 2 hrs to fix

                        Method upload has 61 lines of code (exceeds 25 allowed). Consider refactoring.
                        Open

                          def upload
    # Extract hash and hash2 from response
    res = send_request_cgi({
      'method' => 'GET',
      'cookie' => @cookie,
                        Severity: Major
                        Found in modules/exploits/linux/http/pandora_fms_sqli.rb - About 2 hrs to fix

                          Method initialize has 61 lines of code (exceeds 25 allowed). Consider refactoring.
                          Open

                            def initialize(info = {})
    super(
      update_info(
        info,
        'Name' => 'TP-Link Cloud Cameras NCXXX Bonjour Command Injection',
                          Severity: Major
                          Found in modules/exploits/linux/http/tp_link_ncxxx_bonjour_command_injection.rb - About 2 hrs to fix

                            Method exploit has 61 lines of code (exceeds 25 allowed). Consider refactoring.
                            Open

                              def exploit
    # 1: try to see if the default admin username and password are set
    timestamp = get_auth_timestamp

    # 2: now we try two things at once:
                            Severity: Major
                            Found in modules/exploits/linux/http/netgear_wnr2000_rce.rb - About 2 hrs to fix

                              Method initialize has 61 lines of code (exceeds 25 allowed). Consider refactoring.
                              Open

                                def initialize(info={})
    super(update_info(info,
      'Name'           => "Apache James Server 2.3.2 Insecure User Creation Arbitrary File Write",
      'Description'    => %q{
        This module exploits a vulnerability that exists due to a lack of input
                              Severity: Major
                              Found in modules/exploits/linux/smtp/apache_james_exec.rb - About 2 hrs to fix

                                Method initialize has 61 lines of code (exceeds 25 allowed). Consider refactoring.
                                Open

                                  def initialize(info = {})
    super(
      update_info(
        info,
        'Name' => 'Apache Storm Nimbus getTopologyHistory Unauthenticated Command Execution',
                                Severity: Major
                                Found in modules/exploits/linux/misc/nimbus_gettopologyhistory_cmd_exec.rb - About 2 hrs to fix

                                  Method initialize has 61 lines of code (exceeds 25 allowed). Consider refactoring.
                                  Open

                                    def initialize(info = {})
    super(update_info(info,
      'Name'           => 'HP Jetdirect Path Traversal Arbitrary Code Execution',
      'Description'    => %q{
        The module exploits a path traversal via Jetdirect to gain arbitrary code execution by
                                  Severity: Major
                                  Found in modules/exploits/linux/misc/hp_jetdirect_path_traversal.rb - About 2 hrs to fix

                                    Method run has 61 lines of code (exceeds 25 allowed). Consider refactoring.
                                    Open

                                      def run
    username = cmd_exec('whoami').strip
    security_path = datastore['SECURITY_PATH'].shellescape
    sidebar_plist_path = datastore['SIDEBAR_PLIST_PATH'].gsub(/^~/, "/Users/#{username}").shellescape
    recent_plist_path = datastore['RECENT_PLIST_PATH'].gsub(/^~/, "/Users/#{username}").shellescape
                                    Severity: Major
                                    Found in modules/post/osx/manage/mount_share.rb - About 2 hrs to fix

                                      Method run has 61 lines of code (exceeds 25 allowed). Consider refactoring.
                                      Open

                                        def run
    oldversion = false

    case session.platform
    when 'linux'
                                      Severity: Major
                                      Found in modules/post/multi/gather/dbvis_enum.rb - About 2 hrs to fix

                                        Method process_backup has 61 lines of code (exceeds 25 allowed). Consider refactoring.
                                        Open

                                          def process_backup(path)
    print_status("Pulling data from #{path}...")

    mbdb_data = ''
    mbdx_data = ''
                                        Severity: Major
                                        Found in modules/post/multi/gather/apple_ios_backup.rb - About 2 hrs to fix
                                          Severity
                                          Category
                                          Status
                                          Source
                                          Language