rapid7/metasploit-framework

View on GitHub

Showing 19,939 of 19,939 total issues

Method create_library has 3116 lines of code (exceeds 25 allowed). Consider refactoring.
Open

  def self.create_library(constant_manager, library_path = 'kernel32')
    dll = Library.new(library_path, constant_manager)

    dll.add_function( 'GetConsoleWindow', 'LPVOID',[])

    Method create_library has 2604 lines of code (exceeds 25 allowed). Consider refactoring.
    Open

      def self.create_library(constant_manager, library_path = 'user32')
        dll = Library.new(library_path, constant_manager)
    
        dll.add_function('ActivateKeyboardLayout', 'DWORD',[
          ["DWORD","hkl","in"],

      Method cmd_wmap_run has a Cognitive Complexity of 488 (exceeds 5 allowed). Consider refactoring.
      Open

          def cmd_wmap_run(*args)
            # Stop everything
            self.masstop = false
            self.killwhenstop  = true
      
      
      Severity: Minor
      Found in plugins/wmap.rb - About 1 wk to fix

      Cognitive Complexity

      Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

      A method's cognitive complexity is based on a few simple rules:

      • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
      • Code is considered more complex for each "break in the linear flow of the code"
      • Code is considered more complex when "flow breaking structures are nested"

      Further reading

      Method create_library has 1838 lines of code (exceeds 25 allowed). Consider refactoring.
      Open

        def self.create_library(constant_manager, library_path = 'advapi32')
          dll = Library.new(library_path, constant_manager)
      
          dll.add_function('QueryServiceStatus', 'DWORD', [
              ['LPVOID', 'hService', 'in'],

        File def_kernel32.rb has 3128 lines of code (exceeds 250 allowed). Consider refactoring.
        Open

        module Rex
        module Post
        module Meterpreter
        module Extensions
        module Stdapi

          Method run has a Cognitive Complexity of 419 (exceeds 5 allowed). Consider refactoring.
          Open

            def run
              max_search = datastore['MAX_SEARCH']
          
              db, dbfile = create_sqlite_db
              print_status "Temporary database created: #{dbfile.path}"
          Severity: Minor
          Found in modules/post/windows/gather/ad_to_sqlite.rb - About 1 wk to fix

          Cognitive Complexity

          Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

          A method's cognitive complexity is based on a few simple rules:

          • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
          • Code is considered more complex for each "break in the linear flow of the code"
          • Code is considered more complex when "flow breaking structures are nested"

          Further reading

          File def_user32.rb has 2616 lines of code (exceeds 250 allowed). Consider refactoring.
          Open

          module Rex
          module Post
          module Meterpreter
          module Extensions
          module Stdapi

            File error.rb has 2530 lines of code (exceeds 250 allowed). Consider refactoring.
            Open

            module Msf::Post::Windows::Error
              SUCCESS = 0x0000
              INVALID_FUNCTION = 0x0001
              FILE_NOT_FOUND = 0x0002
              PATH_NOT_FOUND = 0x0003
            Severity: Major
            Found in lib/msf/core/post/windows/error.rb - About 1 wk to fix

              File g711.rb has 2166 lines of code (exceeds 250 allowed). Consider refactoring.
              Open

              module Rex
              module Proto
              module IAX2
              module Codecs
              class G711
              Severity: Major
              Found in lib/rex/proto/iax2/codecs/g711.rb - About 6 days to fix

                File dtc.rb has 2078 lines of code (exceeds 250 allowed). Consider refactoring.
                Open

                module Msf
                class Post
                module Hardware
                module Automotive
                
                
                Severity: Major
                Found in lib/msf/core/post/hardware/automotive/dtc.rb - About 5 days to fix

                  File core.rb has 1924 lines of code (exceeds 250 allowed). Consider refactoring.
                  Open

                  require 'msf/core/opt_condition'
                  
                  require 'optparse'
                  
                  module Msf
                  Severity: Major
                  Found in lib/msf/ui/console/command_dispatcher/core.rb - About 5 days to fix

                    File db.rb has 1870 lines of code (exceeds 250 allowed). Consider refactoring.
                    Open

                    require 'json'
                    require 'rexml/document'
                    require 'metasploit/framework/data_service'
                    require 'metasploit/framework/data_service/remote/http/core'
                    
                    
                    Severity: Major
                    Found in lib/msf/ui/console/command_dispatcher/db.rb - About 5 days to fix

                      File def_advapi32.rb has 1864 lines of code (exceeds 250 allowed). Consider refactoring.
                      Open

                      module Rex
                      module Post
                      module Meterpreter
                      module Extensions
                      module Stdapi

                        File nessus.rb has 1787 lines of code (exceeds 250 allowed). Consider refactoring.
                        Open

                        require 'nessus_rest'
                        
                        module Msf
                        
                          PLUGIN_NAME        = 'Nessus'
                        Severity: Major
                        Found in plugins/nessus.rb - About 4 days to fix

                          Method mikrotik_routeros_config_eater has a Cognitive Complexity of 228 (exceeds 5 allowed). Consider refactoring.
                          Open

                              def mikrotik_routeros_config_eater(thost, tport, config)
                                if framework.db.active
                                  credential_data = {
                                    address: thost,
                                    port: tport,
                          Severity: Minor
                          Found in lib/msf/core/auxiliary/mikrotik.rb - About 4 days to fix

                          Cognitive Complexity

                          Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                          A method's cognitive complexity is based on a few simple rules:

                          • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                          • Code is considered more complex for each "break in the linear flow of the code"
                          • Code is considered more complex when "flow breaking structures are nested"

                          Further reading

                          File wmap.rb has 1664 lines of code (exceeds 250 allowed). Consider refactoring.
                          Open

                          require 'rabal/tree'
                          
                          module Msf
                          
                          class Plugin::Wmap < Msf::Plugin
                          Severity: Major
                          Found in plugins/wmap.rb - About 4 days to fix

                            Method on_request_uri has 867 lines of code (exceeds 25 allowed). Consider refactoring.
                            Open

                              def on_request_uri(cli, request)
                                if request.uri =~ %r{/apple-touch-icon*}
                                  return
                                elsif request.uri =~ %r{/favicon*}
                                  return
                            Severity: Major
                            Found in modules/exploits/apple_ios/browser/webkit_createthis.rb - About 4 days to fix

                              Method cmd_sessions has a Cognitive Complexity of 211 (exceeds 5 allowed). Consider refactoring.
                              Open

                                def cmd_sessions(*args)
                                  begin
                                  method   = nil
                                  quiet    = false
                                  show_active = false
                              Severity: Minor
                              Found in lib/msf/ui/console/command_dispatcher/core.rb - About 4 days to fix

                              Cognitive Complexity

                              Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                              A method's cognitive complexity is based on a few simple rules:

                              • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                              • Code is considered more complex for each "break in the linear flow of the code"
                              • Code is considered more complex when "flow breaking structures are nested"

                              Further reading

                              Similar blocks of code found in 2 locations. Consider refactoring.
                              Open

                                  0x20022000, 0x20000000, 0x0, 0x20022000, 0x0, 0x20022000, 0x20000000, 0x0, 0x20022000,
                                  0x20022000, 0x20000000, 0x22000, 0x22000, 0x0, 0x0, 0x20000000, 0x20000000, 0x0,
                                  0x22000, 0x20022000, 0x20022000, 0x20000000, 0x22000, 0x22000, 0x0, 0x22000,
                                  0x20022000, 0x20000000, 0x22000, 0x22000, 0x20000000, 0x0, 0x0, 0x20022000, 0x22000,
                                  0x20000000, 0x20022000, 0x20000000, 0x22000, 0x22000, 0x20000000, 0x22000,
                              Severity: Major
                              Found in modules/exploits/multi/misc/bmc_patrol_cmd_exec.rb and 1 other location - About 4 days to fix
                              modules/exploits/linux/misc/tplink_archer_a7_c7_lan_rce.rb on lines 129..202

                              Duplicated Code

                              Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

                              Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

                              When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

                              Tuning

                              This issue has a mass of 1025.

                              We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

                              The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

                              If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

                              See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

                              Refactorings

                              Further Reading

                              Similar blocks of code found in 2 locations. Consider refactoring.
                              Open

                                    0x00, 0x00, 0x00, 0x00, 0x77, 0x07, 0x30, 0x96, 0xee,
                                    0x0e, 0x61, 0x2c, 0x99, 0x09, 0x51, 0xba, 0x07, 0x6d, 0xc4, 0x19, 0x70, 0x6a, 0xf4,
                                    0x8f, 0xe9, 0x63, 0xa5, 0x35, 0x9e, 0x64, 0x95, 0xa3, 0x0e, 0xdb, 0x88, 0x32, 0x79,
                                    0xdc, 0xb8, 0xa4, 0xe0, 0xd5, 0xe9, 0x1e, 0x97, 0xd2, 0xd9, 0x88, 0x09, 0xb6, 0x4c,
                                    0x2b, 0x7e, 0xb1, 0x7c, 0xbd, 0xe7, 0xb8, 0x2d, 0x07, 0x90, 0xbf, 0x1d, 0x91, 0x1d,
                              Severity: Major
                              Found in modules/exploits/linux/misc/tplink_archer_a7_c7_lan_rce.rb and 1 other location - About 4 days to fix
                              modules/exploits/multi/misc/bmc_patrol_cmd_exec.rb on lines 16..116

                              Duplicated Code

                              Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

                              Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

                              When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

                              Tuning

                              This issue has a mass of 1025.

                              We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

                              The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

                              If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

                              See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

                              Refactorings

                              Further Reading

                              Severity
                              Category
                              Status
                              Source
                              Language