Sign upLogin

rapid7/metasploit-framework

View on GitHub
Star
modules/exploits/linux/local/desktop_privilege_escalation.rb

Summary

Maintainability
B
5 hrs
Test Coverage

Method c_code has 63 lines of code (exceeds 25 allowed). Consider refactoring.
Open

  def c_code(exe_file)
    c = %Q|
// A few constants/function definitions/structs copied from header files
#define RTLD_NEXT      ((void *) -1l)
extern uintptr_t dlsym(uintptr_t, char*);
Severity: Major
Found in modules/exploits/linux/local/desktop_privilege_escalation.rb - About 2 hrs to fix

    Method initialize has 42 lines of code (exceeds 25 allowed). Consider refactoring.
    Open

      def initialize(info={})
    super( update_info( info, {
      'Name'          => 'Desktop Linux Password Stealer and Privilege Escalation',
      'Description'   => %q{
        This module steals the user password of an administrative user on a desktop Linux system
    Severity: Minor
    Found in modules/exploits/linux/local/desktop_privilege_escalation.rb - About 1 hr to fix

      Method get_restart_commands has 30 lines of code (exceeds 25 allowed). Consider refactoring.
      Open

        def get_restart_commands
    get_cmd_lines = 'pidof xscreensaver gnome-screensaver polkit-gnome-authentication-agent-1|'
    get_cmd_lines << 'perl -ne \'while(/(\d+)/g){$pid=$1;next unless -r "/proc/$pid/environ";'
    get_cmd_lines << 'print"PID:$pid\nEXE:".readlink("/proc/$pid/exe")."\n";'
    get_cmd_lines << '$/=undef;'
      Severity: Minor
      Found in modules/exploits/linux/local/desktop_privilege_escalation.rb - About 1 hr to fix

        There are no issues that match your filters.

        Category
        Status