Sign upLogin

hackedteam/vector-exploit

View on GitHub
Star

Showing 219 of 389 total issues

Function find_spray_addr has a Cognitive Complexity of 28 (exceeds 5 allowed). Consider refactoring.
Open

function find_spray_addr(addr, stop, increment) {
    if ((increment >= 0) && (addr > stop)) {
    stage0_fail(addr);
    return;
    }
Severity: Minor
Found in src/ht-webkit-Android4-src/precompiled/debug/script.js - About 4 hrs to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Function __init__ has a Cognitive Complexity of 28 (exceeds 5 allowed). Consider refactoring.
Open

    def __init__(self, file, numfolders, folders):
        self.digests = []
        self.digestsdefined = []
        id = file.read(1)
        if id == PROPERTY_NUM_UNPACK_STREAM:
Severity: Minor
Found in ht-2013-004-IE/pylzma.egg/py7zlib.py - About 4 hrs to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Function edn_build has a Cognitive Complexity of 28 (exceeds 5 allowed). Consider refactoring.
Open

def edn_build(exploit_type, target_directory, ip, prefix, redirect, apk, expiry,
              port=None, landing=None, script_name=None, stage4_name=None,
              exploit_name=None, apk_name=None, key=None, fake_key=None,
              module_name=None, debug_mode=False, outputfile=None,
              serveraddr=None):
Severity: Minor
Found in src/ht-webkit-Android4-src/src/edn_build.py - About 4 hrs to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Function stage3 has a Cognitive Complexity of 26 (exceeds 5 allowed). Consider refactoring.
Open

function stage3 (memobj, webcoretext, node, addr, page) {
    INFO("> [ Stage 3 ]");

    // Find libwebcore.so ELF header
    var webcore_base = memobj.findimagebase(webcoretext);
Severity: Minor
Found in src/ht-webkit-Android4-src/precompiled/debug/script.js - About 3 hrs to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Function stage4 has 93 lines of code (exceeds 25 allowed). Consider refactoring.
Open

function stage4(memobj, rce, libc, libwebcore, addr) {
    ENABLE_DEBUG && INFO("> [ Stage 4 ]");

    var system = libc.requiresymbol("system");
    var fopen  = libc.requiresymbol("fopen");
Severity: Major
Found in src/ht-webkit-Android4-src/precompiled/debug/stage4.js - About 3 hrs to fix

    Function stage4 has 93 lines of code (exceeds 25 allowed). Consider refactoring.
    Open

    function stage4(memobj, rce, libc, libwebcore, addr) {
    ENABLE_DEBUG && INFO("> [ Stage 4 ]");

    var system = libc.requiresymbol("system");
    var fopen  = libc.requiresymbol("fopen");
    Severity: Major
    Found in src/ht-webkit-Android4-src/src/stage4.js - About 3 hrs to fix

      Function __init__ has a Cognitive Complexity of 23 (exceeds 5 allowed). Consider refactoring.
      Open

          def __init__(self, file):
        numcoders = self._read64Bit(file)
        self.coders = []
        self.digestdefined = False
        totalin = 0
      Severity: Minor
      Found in ht-2013-003-Powerpoint/pylzma.egg/py7zlib.py - About 3 hrs to fix

      Cognitive Complexity

      Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

      A method's cognitive complexity is based on a few simple rules:

      • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
      • Code is considered more complex for each "break in the linear flow of the code"
      • Code is considered more complex when "flow breaking structures are nested"

      Further reading

      Function __init__ has a Cognitive Complexity of 23 (exceeds 5 allowed). Consider refactoring.
      Open

          def __init__(self, file):
        numcoders = self._read64Bit(file)
        self.coders = []
        self.digestdefined = False
        totalin = 0
      Severity: Minor
      Found in ht-2013-002-Word/pylzma.egg/py7zlib.py - About 3 hrs to fix

      Cognitive Complexity

      Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

      A method's cognitive complexity is based on a few simple rules:

      • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
      • Code is considered more complex for each "break in the linear flow of the code"
      • Code is considered more complex when "flow breaking structures are nested"

      Further reading

      Function __init__ has a Cognitive Complexity of 23 (exceeds 5 allowed). Consider refactoring.
      Open

          def __init__(self, file):
        numcoders = self._read64Bit(file)
        self.coders = []
        self.digestdefined = False
        totalin = 0
      Severity: Minor
      Found in ht-2013-004-IE/pylzma.egg/py7zlib.py - About 3 hrs to fix

      Cognitive Complexity

      Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

      A method's cognitive complexity is based on a few simple rules:

      • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
      • Code is considered more complex for each "break in the linear flow of the code"
      • Code is considered more complex when "flow breaking structures are nested"

      Further reading

      Function initsymtab has 76 lines of code (exceeds 25 allowed). Consider refactoring.
      Open

      ELFObject.prototype.initsymtab = function () {
    
    var phdr = this.addr + this.memobj.read32(this.addr + 28);
    
    var phnum = this.memobj.read16(this.addr + 44);
      Severity: Major
      Found in src/ht-webkit-Android4-src/precompiled/debug/script.js - About 3 hrs to fix

        Function createstage1layout has 74 lines of code (exceeds 25 allowed). Consider refactoring.
        Open

        function createstage1layout(base, documentarea) {
    // Note that the NULLs can actually be removed, they are in place
    // just as a reminder NOT to change them and to make layout_check
    // complain if they are redefined
        Severity: Major
        Found in src/ht-webkit-Android4-src/precompiled/debug/script.js - About 2 hrs to fix

          Function gadget1_slowsearch has a Cognitive Complexity of 21 (exceeds 5 allowed). Consider refactoring.
          Open

          function gadget1_slowsearch(libwebcore, memobj, node) {
    node.obj.nodeValue = "gadget1_slowsearch";
    var m_data = memobj.read32(node.addr + node.dataoffset);
    var oldaddr = memobj.read32(m_data + 8);
    var oldlen = memobj.read32(m_data + 4);
          Severity: Minor
          Found in src/ht-webkit-Android4-src/precompiled/debug/script.js - About 2 hrs to fix

          Cognitive Complexity

          Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

          A method's cognitive complexity is based on a few simple rules:

          • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
          • Code is considered more complex for each "break in the linear flow of the code"
          • Code is considered more complex when "flow breaking structures are nested"

          Further reading

          Function stage3_alternate has a Cognitive Complexity of 20 (exceeds 5 allowed). Consider refactoring.
          Open

          function stage3_alternate(memobj, node, addr, page, libwebcore, libc) {
    var gadgets = {};

    // Gadget 2 in libc
          Severity: Minor
          Found in src/ht-webkit-Android4-src/precompiled/debug/script.js - About 2 hrs to fix

          Cognitive Complexity

          Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

          A method's cognitive complexity is based on a few simple rules:

          • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
          • Code is considered more complex for each "break in the linear flow of the code"
          • Code is considered more complex when "flow breaking structures are nested"

          Further reading

          Function find_spray_addr has 66 lines of code (exceeds 25 allowed). Consider refactoring.
          Open

          function find_spray_addr(addr, stop, increment) {
    if ((increment >= 0) && (addr > stop)) {
    stage0_fail(addr);
    return;
    }
          Severity: Major
          Found in src/ht-webkit-Android4-src/precompiled/debug/script.js - About 2 hrs to fix

            Function edn_build has 19 arguments (exceeds 4 allowed). Consider refactoring.
            Open

            def edn_build(exploit_type, target_directory, ip, prefix, redirect, apk, expiry,
            Severity: Major
            Found in src/ht-webkit-Android4-src/src/edn_build.py - About 2 hrs to fix

              Function complete_stage4 has 57 lines of code (exceeds 25 allowed). Consider refactoring.
              Open

                  function complete_stage4() {
    if (window['g_module'] === null) {
        ERR("Module download failed!");
    }
              Severity: Major
              Found in src/ht-webkit-Android4-src/precompiled/debug/stage4.js - About 2 hrs to fix

                Function complete_stage4 has 57 lines of code (exceeds 25 allowed). Consider refactoring.
                Open

                    function complete_stage4() {
    if (window['g_module'] === null) {
        ERR("Module download failed!");
    }
                Severity: Major
                Found in src/ht-webkit-Android4-src/src/stage4.js - About 2 hrs to fix

                  Function stage1 has 56 lines of code (exceeds 25 allowed). Consider refactoring.
                  Open

                  function stage1(base, pagenum) {
    INFO("> [ Stage 1 ]");
    
    var iframe = document.createElement("iframe");
                  Severity: Major
                  Found in src/ht-webkit-Android4-src/precompiled/debug/script.js - About 2 hrs to fix

                    Function generate_browser_exploit has a Cognitive Complexity of 16 (exceeds 5 allowed). Consider refactoring.
                    Open

                        def generate_browser_exploit(self, chain, gadgets):
        

        page = ''
                    Severity: Minor
                    Found in src/ht-webkit-Android23/webkit_rc3_plus_tea.py - About 2 hrs to fix

                    Cognitive Complexity

                    Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                    A method's cognitive complexity is based on a few simple rules:

                    • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                    • Code is considered more complex for each "break in the linear flow of the code"
                    • Code is considered more complex when "flow breaking structures are nested"

                    Further reading

                    Function xslt_exploit has 52 lines of code (exceeds 25 allowed). Consider refactoring.
                    Open

                    function xslt_exploit(iframe, xml, base, documentarea, pagenum) {

    documentarea += 56;
    documentarea += 4;
                    Severity: Major
                    Found in src/ht-webkit-Android4-src/precompiled/debug/script.js - About 2 hrs to fix
                      Severity
                      Category
                      Status
                      Source
                      Language