modules/exploits/linux/http/apache_druid_js_rce.rb
Method initialize
has 66 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(
update_info(
info,
'Name' => 'Apache Druid 0.20.0 Remote Command Execution',
Method execute_command
has 43 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def execute_command(cmd, _opts = {})
gencmd = '/bin/sh`@~-c`@~' + cmd
genvar = Rex::Text.rand_text_alpha(8..12)
genname = Rex::Text.rand_text_alpha(8..12)
vprint_status("cmd= #{gencmd} var=#{genvar} name=#{genname}")