modules/exploits/multi/http/traq_plugin_exec.rb
Method initialize
has 39 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info={})
super(update_info(info,
'Name' => 'Traq admincp/common.php Remote Code Execution',
'Description' => %q{
This module exploits an arbitrary command execution vulnerability in
Method exploit
has 26 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def exploit
p = Rex::Text.encode_base64(payload.encoded)
uri = normalize_uri(datastore['URI'], "admincp", "plugins.php") + "?newhook"