Showing 7,361 of 22,177 total issues
Method exploit
has 60 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def exploit
name = datastore["NAME"] || Rex::Text.rand_text_alphanumeric(10)
display_name = datastore["DISPNAME"] || Rex::Text.rand_text_alphanumeric(10)
if datastore['TECHNIQUE'] == 'SMB'
# XXX Find the domain controller
Method initialize
has 60 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(
update_info(
info,
{
Method exploit
has 60 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def exploit
print_status("Access login page")
res = send_request_cgi({
'method' => 'POST',
'uri' => normalize_uri(uri, 'jsp', 'Login.do'),
Method create_exploit_channel_buffer
has 60 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def create_exploit_channel_buffer(target_addr)
overspray_addr = target_addr + 0x2000
shellcode_vtbl = target_addr + HEADER_SIZE
magic_value1 = overspray_addr + 0x810
magic_value2 = overspray_addr + 0x48
Method on_request_uri
has 60 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def on_request_uri(client, request)
return if ((p = regenerate_payload(client)) == nil)
if (request['User-Agent'] =~ /QuickTime/i or request.uri =~ /\.smil$/)
Method initialize
has 60 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize( info = {} )
super( update_info( info,
'Name' => 'Sun Java Applet2ClassLoader Remote Code Execution',
'Description' => %q{
This module exploits a vulnerability in the Java Runtime Environment
Method on_request_uri
has 60 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def on_request_uri(cli, request)
#If not IE, we don't continue
agent = request.headers['User-Agent']
if agent !~ /MSIE [6|7]\.0/
Method on_request_uri
has 60 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def on_request_uri(cli, request)
agent = request.headers['User-Agent']
my_target = get_target(agent)
# Avoid the attack if the victim doesn't have the same setup we're targeting
Method initialize
has 60 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(update_info(info,
'Name' => 'Mozilla Firefox 3.6.16 mChannel Use-After-Free Vulnerability',
'Description' => %q{
This module exploits a use after free vulnerability in Mozilla
Method initialize
has 60 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(update_info(info,
'Name' => 'ISS PAM.dll ICQ Parser Buffer Overflow',
'Description' => %q{
This module exploits a stack buffer overflow in the ISS products that use
Method initialize
has 60 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(
update_info(
info,
'Name' => 'Microsoft OMI Management Interface Authentication Bypass',
Method initialize
has 60 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(update_info(info,
'Name' => 'AF_PACKET chocobo_root Privilege Escalation',
'Description' => %q{
This module exploits a race condition and use-after-free in the
Method initialize
has 60 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(
update_info(
info,
'Name' => "Grandstream GXV31XX 'settimezone' Unauthenticated Command Execution",
Method request
has 60 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def request(cmd,user,pass,uri)
begin
res = send_request_cgi({
'uri' => uri,
'method' => 'POST',
Method initialize
has 60 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(update_info(info,
'Name' => 'D-Link DIR-645 / DIR-815 diagnostic.php Command Execution',
'Description' => %q{
Some D-Link Routers are vulnerable to OS Command injection in the web interface.
Method cleanup
has 60 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def cleanup
begin
# Clean up, retrieve token so that the policy can be removed
print_status("Cleaning up")
res = send_request_cgi({
Method cycle_possible_payloads
has 60 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def cycle_possible_payloads
template_base = ::File.join(Msf::Config.data_directory, "exploits", "CVE-2017-17562")
template_list = []
template_type = nil
template_arch = nil
Method initialize
has 60 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(
update_info(
info,
'Name' => 'Nagios XI 5.5.6 to 5.7.5 - ConfigWizards Authenticated Remote Code Exection',
Method exploit
has 60 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def exploit
print_status("#{peer} - Attempting to exploit #{target.name}")
# run step 1
set_cookies
Method initialize
has 60 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(
update_info(
info,
'Name' => 'H2 Web Interface Create Alias RCE',