Add more ranks, remove module warnings

../vmware_mount.rb Rank = Excellent Exploit uses check code for target availability, and the vulnerability does not require user action, and uses privilege escalation to run arbitrary executables ../movabletype_upgrade_exec.rb Rank = ExcellentRanking Exploit utilizes code injection, has a check for availability ../uptime_file_upload_2.rb Rank = ExcellentRanking Exploit allows execution of arbitrary commands, has a check for availability ../zpanel_information_disclosure_rce.rb Rank = ExcellentRanking Exploit allows remote code execution, implements version check for pChart ../spip_connect_exec.rb Rank = ExcellentRanking Exploit utilizes code injection, has a check for availability ../wp_optimizepress_upload.rb Rank = ExcellentRanking Exploit allows execution of arbitrary code, has a check for availability ../wing_ftp_admin_exec.rb Rank = ExcellentRanking Exploit allows execution of arbitrary commands, has a check for availability ../novell_mdm_lfi.rb Rank = ExcellentRanking Exploit allows execution of arbitrary code, has a check for availability ../run_as.rb Rank = ExcellentRanking Exploit utilizes command injection, checks system type, and does not require user action
rapid7 · May 7, 2017 · 58220d9 · 58220d9
1 parent 494711e
commit 58220d9
Show file tree

Hide file tree

Showing 9 changed files with 18 additions and 26 deletions.
diff --git a/modules/exploits/linux/local/vmware_mount.rb b/modules/exploits/linux/local/vmware_mount.rb
@@ -3,10 +3,8 @@
 # Current source: https://github.com/rapid7/metasploit-framework
 ##
 
-require 'msf/core'
-require 'rex'
-
 class MetasploitModule < Msf::Exploit::Local
+  Rank = GreatRanking
 
   include Msf::Exploit::EXE
   include Msf::Post::File
@@ -55,7 +53,7 @@ def initialize(info={})
       ))
     register_options([
         OptString.new("WRITABLEDIR", [ true, "A directory where you can write files.", "/tmp" ]),
-      ], self.class)
+      ])
   end
 
   def check

diff --git a/modules/exploits/multi/http/movabletype_upgrade_exec.rb b/modules/exploits/multi/http/movabletype_upgrade_exec.rb
@@ -3,9 +3,8 @@
 # Current source: https://github.com/rapid7/metasploit-framework
 ##
 
-require 'msf/core'
-
 class MetasploitModule < Msf::Exploit::Remote
+  Rank = ExcellentRanking
 
   include Exploit::Remote::HttpClient
 
@@ -65,7 +64,7 @@ def initialize(info = {})
     register_options(
       [
         OptString.new('TARGETURI', [true, 'The URI path of the Movable Type installation', '/mt'])
-      ], self.class)
+      ])
   end
 
   def check

diff --git a/modules/exploits/multi/http/uptime_file_upload_2.rb b/modules/exploits/multi/http/uptime_file_upload_2.rb
@@ -3,10 +3,10 @@
 # Current source: https://github.com/rapid7/metasploit-framework
 ##
 
-require 'msf/core'
 require 'nokogiri'
 
 class MetasploitModule < Msf::Exploit::Remote
+  Rank = ExcellentRanking
 
   include Msf::Exploit::Remote::HttpClient
   include Msf::Exploit::PhpEXE
@@ -52,14 +52,14 @@ def initialize(info = {})
         Opt::RPORT(9999),
         OptString.new('USERNAME', [true, 'The username to authenticate as', 'sample']),
         OptString.new('PASSWORD', [true, 'The password to authenticate with', 'sample'])
-      ], self.class)
+      ])
 
     register_advanced_options(
       [
         OptString.new('UptimeWindowsDirectory', [true, 'Uptime installation path for Windows', 'C:\\Program Files\\uptime software\\']),
         OptString.new('UptimeLinuxDirectory', [true, 'Uptime installation path for Linux', '/usr/local/uptime/']),
         OptString.new('CmdPath', [true, 'Path to cmd.exe', 'c:\\windows\\system32\\cmd.exe'])
-      ], self.class)
+      ])
   end
 
   def print_status(msg='')

diff --git a/modules/exploits/multi/http/zpanel_information_disclosure_rce.rb b/modules/exploits/multi/http/zpanel_information_disclosure_rce.rb
@@ -3,12 +3,12 @@
 # Current source: https://github.com/rapid7/metasploit-framework
 ##
 
-require 'msf/core'
 require 'msf/core/exploit/php_exe'
 require 'nokogiri'
 require 'uri'
 
 class MetasploitModule < Msf::Exploit::Remote
+  Rank = ExcellentRanking
 
   include Msf::Exploit::Remote::HttpClient
   include Msf::Exploit::FileDropper
@@ -62,7 +62,7 @@ def initialize(info = {})
     register_options(
       [
         OptString.new('TARGETURI', [true, 'The base path to Zpanel', '/zpanel'])
-      ], self.class)
+      ])
   end
 
   def get_setting(res, setting_name)

diff --git a/modules/exploits/unix/webapp/spip_connect_exec.rb b/modules/exploits/unix/webapp/spip_connect_exec.rb
@@ -3,9 +3,8 @@
 # Current source: https://github.com/rapid7/metasploit-framework
 ##
 
-require 'msf/core'
-
 class MetasploitModule < Msf::Exploit::Remote
+  Rank = ExcellentRanking
 
   include Msf::Exploit::Remote::HttpClient
 
@@ -46,7 +45,7 @@ def initialize(info = {})
     register_options(
       [
         OptString.new('TARGETURI', [true, 'The base path to SPIP application', '/']),
-      ], self.class)
+      ])
   end
 
   def check

diff --git a/modules/exploits/unix/webapp/wp_optimizepress_upload.rb b/modules/exploits/unix/webapp/wp_optimizepress_upload.rb
@@ -3,10 +3,10 @@
 # Current source: https://github.com/rapid7/metasploit-framework
 ##
 
-require 'msf/core'
 require 'uri'
 
 class MetasploitModule < Msf::Exploit::Remote
+  Rank = ExcellentRanking
 
   include Msf::Exploit::Remote::HTTP::Wordpress
   include Msf::Exploit::Remote::HttpClient

diff --git a/modules/exploits/windows/ftp/wing_ftp_admin_exec.rb b/modules/exploits/windows/ftp/wing_ftp_admin_exec.rb
@@ -3,9 +3,8 @@
 # Current source: https://github.com/rapid7/metasploit-framework
 ##
 
-require 'msf/core'
-
 class MetasploitModule < Msf::Exploit::Remote
+  Rank = ExcellentRanking
   include Msf::Exploit::CmdStager
   include Msf::Exploit::Remote::HttpClient
 

diff --git a/modules/exploits/windows/http/novell_mdm_lfi.rb b/modules/exploits/windows/http/novell_mdm_lfi.rb
@@ -3,9 +3,8 @@
 # Current source: https://github.com/rapid7/metasploit-framework
 ##
 
-require 'msf/core'
-
 class MetasploitModule < Msf::Exploit::Remote
+  Rank = ExcellentRanking
 
   include Msf::Exploit::Remote::HttpClient
   include Msf::Exploit::EXE
@@ -44,11 +43,11 @@ def initialize
     register_options([
       OptString.new('TARGETURI', [true, 'Path to the Novell Zenworks MDM install', '/']),
       OptInt.new('RPORT', [true, "Default remote port", 80])
-    ], self.class)
+    ])
 
     register_advanced_options([
       OptBool.new('SSL', [true, "Negotiate SSL connection", false])
-    ], self.class)
+    ])
   end
 
   def get_version

diff --git a/modules/exploits/windows/local/run_as.rb b/modules/exploits/windows/local/run_as.rb
@@ -3,10 +3,8 @@
 # Current source: https://github.com/rapid7/metasploit-framework
 ##
 
-require 'msf/core'
-require 'rex'
-
 class MetasploitModule < Msf::Exploit::Local
+  Rank = ExcellentRanking
   include Msf::Post::Windows::Runas
   include Msf::Post::Windows::Priv
 
@@ -46,7 +44,7 @@ def initialize(info = {})
         OptString.new('APPLICATION_NAME', [false, 'Application to be executed (lpApplicationName)', nil ]),
         OptString.new('COMMAND_LINE', [false, 'Command line to execute (lpCommandLine)', nil ]),
         OptBool.new('USE_CUSTOM_COMMAND', [true, 'Specify custom APPLICATION_NAME and COMMAND_LINE', false ])
-      ], self.class)
+      ])
   end
 
   def exploit