nil0x42/phpsploit

View on GitHub
src/core/tunnel/handler.py

Summary

Maintainability
F
5 days
Test Coverage

Showing 44 of 44 total issues

File handler.py has 637 lines of code (exceeds 250 allowed). Consider refactoring.
Open

"""Phpsploit HTTP request handler"""
__all__ = ["Request", "new_request", "get_raw_requests"]
 
import sys
import re
Severity: Major
Found in src/core/tunnel/handler.py - About 1 day to fix

    Function build_multipart_request has a Cognitive Complexity of 34 (exceeds 5 allowed). Consider refactoring.
    Open

    def build_multipart_request(self, method, php_payload):
    """build a multipart request for `php_payload` with HTTP `method`
     
    For infos about return format, read build_request() docstring.
    """
    Severity: Minor
    Found in src/core/tunnel/handler.py - About 5 hrs to fix

    Function Build has a Cognitive Complexity of 29 (exceeds 5 allowed). Consider refactoring.
    Open

    def Build(self, php_payload):
    """Main request Builder:
     
    if takes the basic php payload as argument,
    and returns the apropriate request object.
    Severity: Minor
    Found in src/core/tunnel/handler.py - About 4 hrs to fix

    Cyclomatic complexity is too high in method Build. (19)
    Open

    def Build(self, php_payload):
    """Main request Builder:
     
    if takes the basic php payload as argument,
    and returns the apropriate request object.
    Severity: Minor
    Found in src/core/tunnel/handler.py by radon

    Function Send has a Cognitive Complexity of 24 (exceeds 5 allowed). Consider refactoring.
    Open

    def Send(self, request):
    """Main request Sender:
     
    if takes the concerned request object as argument
    and returns the unparsed and decapsulated phpsploit response
    Severity: Minor
    Found in src/core/tunnel/handler.py - About 3 hrs to fix

    Cyclomatic complexity is too high in method build_multipart_request. (15)
    Open

    def build_multipart_request(self, method, php_payload):
    """build a multipart request for `php_payload` with HTTP `method`
     
    For infos about return format, read build_request() docstring.
    """
    Severity: Minor
    Found in src/core/tunnel/handler.py by radon

    Cyclomatic complexity is too high in method Read. (12)
    Open

    def Read(self, response):
    """Main request Reader
     
    if takes the http response data as argument
    and writes the __RESULT__'s php data into the self.response string,
    Severity: Minor
    Found in src/core/tunnel/handler.py by radon

    Cyclomatic complexity is too high in method Send. (11)
    Open

    def Send(self, request):
    """Main request Sender:
     
    if takes the concerned request object as argument
    and returns the unparsed and decapsulated phpsploit response
    Severity: Minor
    Found in src/core/tunnel/handler.py by radon

    Request has 22 functions (exceeds 20 allowed). Consider refactoring.
    Open

    class Request:
    """Phpsploit HTTP Request Handler
    """
    # the list of available methods
    methods = ['GET', 'POST']
    Severity: Minor
    Found in src/core/tunnel/handler.py - About 2 hrs to fix

      Cyclomatic complexity is too high in method send_single_request. (9)
      Open

      def send_single_request(self, request):
      """send a single request object element (a request object's single
      tuple, in the form mentionned in the build_request() docstring.
      A response dict() will be returned, with 'error' and 'data' keys.
       
       
      Severity: Minor
      Found in src/core/tunnel/handler.py by radon

      Cyclomatic complexity is too high in method build_forwarder. (9)
      Open

      def build_forwarder(self, method, decoder):
      """build the effective payload forwarder, which is in fact
      a header using the PASSKEY setting as name.
      The payload forwarder is called by the remote backdoor, and then
      formats the final payload if necessary before executing it.
      Severity: Minor
      Found in src/core/tunnel/handler.py by radon

      Cyclomatic complexity is too high in method get_php_errors. (7)
      Open

      @staticmethod
      def get_php_errors(data):
      """function designed to parse php errors from phpsploit response
      for better output and plugin debugging purposes.
      Its is called by the Read() function and returns the $error string
      Severity: Minor
      Found in src/core/tunnel/handler.py by radon

      Function open has a Cognitive Complexity of 15 (exceeds 5 allowed). Consider refactoring.
      Open

      def open(self, php_payload):
      """open a request to the server with the given php payload
      It respectively calls the Build(), Send() and Read() methods.
      if one of these methods returns a string, it will be considered as
      an error, so execution will stop, and self.error will be filled.
      Severity: Minor
      Found in src/core/tunnel/handler.py - About 1 hr to fix

      Cyclomatic complexity is too high in method open. (6)
      Open

      def open(self, php_payload):
      """open a request to the server with the given php payload
      It respectively calls the Build(), Send() and Read() methods.
      if one of these methods returns a string, it will be considered as
      an error, so execution will stop, and self.error will be filled.
      Severity: Minor
      Found in src/core/tunnel/handler.py by radon

      Cyclomatic complexity is too high in method load_multipart. (6)
      Open

      def load_multipart(self):
      """enable the multi-request payload capability.
      - ask user to determine a remote writeable directory if
      tunnel opener couldn't file one automatically.
      - choose appropriate multipart_file, which is a remote temporary file
      Severity: Minor
      Found in src/core/tunnel/handler.py by radon

      Function Read has a Cognitive Complexity of 13 (exceeds 5 allowed). Consider refactoring.
      Open

      def Read(self, response):
      """Main request Reader
       
      if takes the http response data as argument
      and writes the __RESULT__'s php data into the self.response string,
      Severity: Minor
      Found in src/core/tunnel/handler.py - About 1 hr to fix

      Function send_single_request has a Cognitive Complexity of 13 (exceeds 5 allowed). Consider refactoring.
      Open

      def send_single_request(self, request):
      """send a single request object element (a request object's single
      tuple, in the form mentionned in the build_request() docstring.
      A response dict() will be returned, with 'error' and 'data' keys.
       
       
      Severity: Minor
      Found in src/core/tunnel/handler.py - About 1 hr to fix

      Function __init__ has 28 lines of code (exceeds 25 allowed). Consider refactoring.
      Open

      def __init__(self):
      # customizable variables
      self.target_obj = session.Conf.TARGET(call=False)
      self.hostname = self.target_obj.host
      self.port = self.target_obj.port
      Severity: Minor
      Found in src/core/tunnel/handler.py - About 1 hr to fix

        Function load_multipart has a Cognitive Complexity of 9 (exceeds 5 allowed). Consider refactoring.
        Open

        def load_multipart(self):
        """enable the multi-request payload capability.
        - ask user to determine a remote writeable directory if
        tunnel opener couldn't file one automatically.
        - choose appropriate multipart_file, which is a remote temporary file
        Severity: Minor
        Found in src/core/tunnel/handler.py - About 55 mins to fix

        Function get_php_errors has a Cognitive Complexity of 9 (exceeds 5 allowed). Consider refactoring.
        Open

        def get_php_errors(data):
        """function designed to parse php errors from phpsploit response
        for better output and plugin debugging purposes.
        Its is called by the Read() function and returns the $error string
         
         
        Severity: Minor
        Found in src/core/tunnel/handler.py - About 55 mins to fix

        Function build_forwarder has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
        Open

        def build_forwarder(self, method, decoder):
        """build the effective payload forwarder, which is in fact
        a header using the PASSKEY setting as name.
        The payload forwarder is called by the remote backdoor, and then
        formats the final payload if necessary before executing it.
        Severity: Minor
        Found in src/core/tunnel/handler.py - About 35 mins to fix

        Avoid too many return statements within this function.
        Open

        return response
        Severity: Major
        Found in src/core/tunnel/handler.py - About 30 mins to fix

          Refactor this function to reduce its Cognitive Complexity from 34 to the 15 allowed.
          Open

          def build_multipart_request(self, method, php_payload):
          Severity: Critical
          Found in src/core/tunnel/handler.py by sonar-python

          Refactor this function to reduce its Cognitive Complexity from 24 to the 15 allowed.
          Open

          def Send(self, request):
          Severity: Critical
          Found in src/core/tunnel/handler.py by sonar-python

          Refactor this function to reduce its Cognitive Complexity from 29 to the 15 allowed.
          Open

          def Build(self, php_payload):
          Severity: Critical
          Found in src/core/tunnel/handler.py by sonar-python

          Remove this commented out code.
          Open

          # import pprint
          Severity: Major
          Found in src/core/tunnel/handler.py by sonar-python

          Remove this commented out code.
          Open

          # try:
          Severity: Major
          Found in src/core/tunnel/handler.py by sonar-python

          Rename method "Read" to prevent any misunderstanding/clash with method "read" defined on line 582
          Open

          def Read(self, response):
          Severity: Blocker
          Found in src/core/tunnel/handler.py by sonar-python

          Remove the code after this "return".
          Open

          return None
          Severity: Major
          Found in src/core/tunnel/handler.py by sonar-python

          Either merge this branch with the identical one on line "40" or change one of the implementations.
          Open

          _RAW_REQUESTS_LIST.append(data)
          Severity: Major
          Found in src/core/tunnel/handler.py by sonar-python

          Similar blocks of code found in 2 locations. Consider refactoring.
          Open

          elif "'%s'" not in hdr_payload and \
          '"%s"' not in hdr_payload:
          len_third = float(len(forwarder) / 3)
          len_third = int(round(len_third + 0.5))
          sample_sep = colorize("%Reset", "\n[*] ", "%Cyan")
          Severity: Major
          Found in src/core/tunnel/handler.py and 1 other location - About 5 hrs to fix
          src/core/tunnel/handler.py on lines 283..293

          Similar blocks of code found in 2 locations. Consider refactoring.
          Open

          if "'%s'" not in hdr_payload and \
          '"%s"' not in hdr_payload and \
          not b64_forwarder.isalnum():
          # create a visible sample of the effective b64 payload
          len_third = float(len(forwarder) / 3)
          Severity: Major
          Found in src/core/tunnel/handler.py and 1 other location - About 5 hrs to fix
          src/core/tunnel/handler.py on lines 298..306

          Expected 2 blank lines, found 1
          Open

          class _CustomHTTPHandler(urllib.request.HTTPHandler):
          Severity: Minor
          Found in src/core/tunnel/handler.py by pep8

          Do not use bare 'except'
          Open

          except:
          Severity: Minor
          Found in src/core/tunnel/handler.py by pep8

          Line too long (80 > 79 characters)
          Open

          # only if test_size if bigger than the max_flaw, else return err
          Severity: Minor
          Found in src/core/tunnel/handler.py by pep8

          Expected 2 blank lines after class or function definition, found 0
          Open

          http.client.__HTTPConnection__ = http.client.HTTPConnection
          Severity: Minor
          Found in src/core/tunnel/handler.py by pep8

          Line too long (80 > 79 characters)
          Open

          line = re.sub(r' \[<a.*?a>\]', '', line) # remove html link tag
          Severity: Minor
          Found in src/core/tunnel/handler.py by pep8

          Too many leading '#' for block comment
          Open

          ### Log raw http requests with custom HTTP Connection Handlers
          Severity: Minor
          Found in src/core/tunnel/handler.py by pep8

          Do not use bare 'except'
          Open

          except:
          Severity: Minor
          Found in src/core/tunnel/handler.py by pep8

          Expected 2 blank lines, found 1
          Open

          class _CustomHTTPConnection(http.client.HTTPConnection):
          Severity: Minor
          Found in src/core/tunnel/handler.py by pep8

          Do not use bare 'except'
          Open

          except:
          Severity: Minor
          Found in src/core/tunnel/handler.py by pep8

          Expected 2 blank lines after class or function definition, found 0
          Open

          urllib.request.__HTTPHandler__ = urllib.request.HTTPHandler
          Severity: Minor
          Found in src/core/tunnel/handler.py by pep8

          Do not use bare 'except'
          Open

          except:
          Severity: Minor
          Found in src/core/tunnel/handler.py by pep8

          Rename function "updateStatus" to match the regular expression ^[a-z_][a-z0-9_]{2,}$.
          Open

          def updateStatus(curReqNum):
          Severity: Major
          Found in src/core/tunnel/handler.py by sonar-python

          There are no issues that match your filters.

          Category
          Status