hackedteam/vector-exploit

View on GitHub

Showing 219 of 389 total issues

Avoid deeply nested control flow statements.
Open

                        if len(plaintext)-1 < i:
                            ciphertext[i] = 0 ^ output[i]
                        elif len(output)-1 < i:
                            ciphertext[i] = plaintext[i] ^ 0
                        elif len(plaintext)-1 < i and len(output) < i:
Severity: Major
Found in src/ht-webkit-Android4-src/precompiled/release/slowaes.py - About 45 mins to fix

    Avoid deeply nested control flow statements.
    Open

                            if len(plaintext)-1 < i:
                                ciphertext[i] = 0 ^ output[i]
                            elif len(output)-1 < i:
                                ciphertext[i] = plaintext[i] ^ 0
                            elif len(plaintext)-1 < i and len(output) < i:
    Severity: Major
    Found in src/ht-webkit-Android4-src/precompiled/debug/slowaes.py - About 45 mins to fix

      Avoid deeply nested control flow statements.
      Open

                              if len(output)-1 < i:
                                  plaintext[i] = 0 ^ ciphertext[i]
                              elif len(ciphertext)-1 < i:
                                  plaintext[i] = output[i] ^ 0
                              elif len(output)-1 < i and len(ciphertext) < i:
      Severity: Major
      Found in src/ht-webkit-Android4-src/precompiled/debug/slowaes.py - About 45 mins to fix

        Avoid deeply nested control flow statements.
        Open

                                if firstRound:
                                    plaintext[i] = IV[i] ^ output[i]
                                else:
                                    plaintext[i] = iput[i] ^ output[i]
                            firstRound = False
        Severity: Major
        Found in src/ht-webkit-Android4-src/precompiled/debug/slowaes.py - About 45 mins to fix

          Function decrypt has 6 arguments (exceeds 4 allowed). Consider refactoring.
          Open

              def decrypt(self, cipherIn, originalsize, mode, key, size, IV):
          Severity: Minor
          Found in src/ht-webkit-Android4-src/ext/slowaes.py - About 45 mins to fix

            Avoid deeply nested control flow statements.
            Open

                                    if len(output)-1 < i:
                                        plaintext[i] = 0 ^ ciphertext[i]
                                    elif len(ciphertext)-1 < i:
                                        plaintext[i] = output[i] ^ 0
                                    elif len(output)-1 < i and len(ciphertext) < i:
            Severity: Major
            Found in src/ht-webkit-Android4-src/ext/slowaes.py - About 45 mins to fix

              Avoid deeply nested control flow statements.
              Open

                                      for k in range(originalsize-start):
                                          stringOut += chr(plaintext[k])
                                  else:
              Severity: Major
              Found in src/ht-webkit-Android4-src/ext/slowaes.py - About 45 mins to fix

                Avoid deeply nested control flow statements.
                Open

                                        for k in range(end-start):
                                            stringOut += chr(plaintext[k])
                                    iput = ciphertext
                Severity: Major
                Found in src/ht-webkit-Android4-src/ext/slowaes.py - About 45 mins to fix

                  Avoid deeply nested control flow statements.
                  Open

                                          for k in range(originalsize-start):
                                              stringOut += chr(plaintext[k])
                                      else:
                  Severity: Major
                  Found in src/ht-webkit-Android4-src/precompiled/release/slowaes.py - About 45 mins to fix

                    Avoid deeply nested control flow statements.
                    Open

                                            for k in range(end-start):
                                                stringOut += chr(plaintext[k])
                                        iput = ciphertext
                    Severity: Major
                    Found in src/ht-webkit-Android4-src/precompiled/release/slowaes.py - About 45 mins to fix

                      Avoid deeply nested control flow statements.
                      Open

                                              if len(output)-1 < i:
                                                  plaintext[i] = 0 ^ ciphertext[i]
                                              elif len(ciphertext)-1 < i:
                                                  plaintext[i] = output[i] ^ 0
                                              elif len(output)-1 < i and len(ciphertext) < i:
                      Severity: Major
                      Found in src/ht-webkit-Android4-src/ext/slowaes.py - About 45 mins to fix

                        Function xslt_exploit has 5 arguments (exceeds 4 allowed). Consider refactoring.
                        Open

                        function xslt_exploit(iframe, xml, base, documentarea, pagenum) {
                        Severity: Minor
                        Found in src/ht-webkit-Android4-src/precompiled/debug/script.js - About 35 mins to fix

                          Function XSLTObject has 5 arguments (exceeds 4 allowed). Consider refactoring.
                          Open

                          function XSLTObject(page, childrenaddr, nameaddr, elementaddr, xml) {
                          Severity: Minor
                          Found in src/ht-webkit-Android4-src/precompiled/debug/script.js - About 35 mins to fix

                            Function stage2 has 5 arguments (exceeds 4 allowed). Consider refactoring.
                            Open

                            function stage2(page, base, iframe, xml, documentarea) {
                            Severity: Minor
                            Found in src/ht-webkit-Android4-src/precompiled/debug/script.js - About 35 mins to fix

                              Function RCE has 5 arguments (exceeds 4 allowed). Consider refactoring.
                              Open

                              function RCE(memobj, node, structfn, callstub, fakevtable) {
                              Severity: Minor
                              Found in src/ht-webkit-Android4-src/precompiled/debug/script.js - About 35 mins to fix

                                Function stage3 has 5 arguments (exceeds 4 allowed). Consider refactoring.
                                Open

                                function stage3 (memobj, webcoretext, node, addr, page) {
                                Severity: Minor
                                Found in src/ht-webkit-Android4-src/precompiled/debug/script.js - About 35 mins to fix

                                  Function stage4 has 5 arguments (exceeds 4 allowed). Consider refactoring.
                                  Open

                                  function stage4(memobj, rce, libc, libwebcore, addr) {
                                  Severity: Minor
                                  Found in src/ht-webkit-Android4-src/precompiled/debug/stage4.js - About 35 mins to fix

                                    Function encrypt has 5 arguments (exceeds 4 allowed). Consider refactoring.
                                    Open

                                        def encrypt(self, stringIn, mode, key, size, IV):
                                    Severity: Minor
                                    Found in src/edn2/2014-004-AndroidBrowser/slowaes.py - About 35 mins to fix

                                      Function stage4 has 5 arguments (exceeds 4 allowed). Consider refactoring.
                                      Open

                                      function stage4(memobj, rce, libc, libwebcore, addr) {
                                      Severity: Minor
                                      Found in src/ht-webkit-Android4-src/src/stage4.js - About 35 mins to fix

                                        Function encrypt has 5 arguments (exceeds 4 allowed). Consider refactoring.
                                        Open

                                            def encrypt(self, stringIn, mode, key, size, IV):
                                        Severity: Minor
                                        Found in src/ht-webkit-Android4-src/precompiled/release/slowaes.py - About 35 mins to fix
                                          Severity
                                          Category
                                          Status
                                          Source
                                          Language