Sign upLogin

rapid7/metasploit-framework

View on GitHub
Star

Showing 15,888 of 21,960 total issues

Method dcerpc_mgmt_inq_if_ids has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

  def dcerpc_mgmt_inq_if_ids(dport=135)
    res = []

    begin
Severity: Minor
Found in lib/msf/core/exploit/remote/dcerpc_mgmt.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method postgres_logout has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

  def postgres_logout
    ip = self.postgres_conn.peerhost
    port = self.postgres_conn.peerport
    verbose = datastore['VERBOSE']
Severity: Minor
Found in lib/msf/core/exploit/remote/postgres.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method rdp_parse_connect_response has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

  def rdp_parse_connect_response(pkt)
    ptr = 0
    rdp_pkt = pkt[0x49..pkt.length]

    while ptr < rdp_pkt.length
Severity: Minor
Found in lib/msf/core/exploit/remote/rdp.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method validate_bind_success! has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

    def validate_bind_success!(ldap)
      if defined?(:session) && session
        vprint_good('Successfully bound to the LDAP server via existing SESSION!')
        return
      end
Severity: Minor
Found in lib/msf/core/exploit/remote/ldap.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method extract_string has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

            def extract_string(io)
              raw_length = io.read(2)
              unless raw_length && raw_length.length == 2
                return nil
              end
Severity: Minor
Found in lib/msf/core/exploit/remote/java/rmi/util.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method execute_powershell_payload has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

  def execute_powershell_payload
    ENV['MSF_SERVICENAME'] = datastore['SERVICE_NAME']
    command = cmd_psh_payload(payload.encoded, payload_instance.arch.first)

    if datastore['PSH::persist'] and not datastore['DisablePayloadHandler']
Severity: Minor
Found in lib/msf/core/exploit/remote/smb/client/psexec.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method k_truncate has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

            def k_truncate(data, etype)
              if etype == Rex::Proto::Kerberos::Crypto::Encryption::AES256
                keysize = 32
              elsif etype == Rex::Proto::Kerberos::Crypto::Encryption::AES128
                keysize = 16
Severity: Minor
Found in lib/msf/core/exploit/remote/kerberos/client/pkinit.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method send_registry_lookup has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

              def send_registry_lookup(opts = {})
                send_call(
                  sock: opts[:sock] || sock,
                  call: build_registry_lookup(opts)
                )
Severity: Minor
Found in lib/msf/core/exploit/remote/java/rmi/client/registry.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method smb_enumprintproviders has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

      def smb_enumprintproviders
        resp = smb_enumprinters(8, nil, 1, 0)
        return nil if not resp
        rptr, tmp, blen = resp.unpack("V*")
Severity: Minor
Found in lib/msf/core/exploit/remote/smb/client.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method safe_get_once has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

            def safe_get_once(nsock = sock, loop_timeout = read_loop_timeout)
              data = ''
              begin
                res = nsock.get_once
              rescue ::EOFError
Severity: Minor
Found in lib/msf/core/exploit/remote/java/rmi/client.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method smb_srvsvc_netsharegetinfo has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

      def smb_srvsvc_netsharegetinfo(share)
        shares = []
        simple.connect("\\\\#{rhost}\\IPC$")
        handle = dcerpc_handle('4b324fc8-1670-01d3-1278-5a47bf6ee188', '3.0', 'ncacn_np', ["\\srvsvc"])
        begin
Severity: Minor
Found in lib/msf/core/exploit/remote/smb/client.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method send_jmx_get_object_instance has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

                def send_jmx_get_object_instance(opts = {})
                  send_call(
                    sock: opts[:sock] || sock,
                    call: build_jmx_get_object_instance(opts)
                  )
Severity: Minor
Found in lib/msf/core/exploit/remote/java/rmi/client/jmx/connection.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method test_vulnerable has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

    def test_vulnerable
      random_string_len = @truncation_length ? [rand(2..10), @truncation_length].min : rand(2..10)
      random_string = Rex::Text.rand_text_alphanumeric(random_string_len)
      query_string = "'#{random_string}'"
      query_string = @encoder[:encode].sub(/\^DATA\^/, query_string) if @encoder
Severity: Minor
Found in lib/msf/core/exploit/sqli/mssqli/common.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method install_extension has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

  def install_extension
    return '' unless datastore['INSTALL_EXTENSION']
    raise "EXTENSION_URL datastore option missing" unless datastore['EXTENSION_URL'].present?
    raise "EXTENSION_ID datastore option missing" unless datastore['EXTENSION_ID'].present?
    wrap_with_script do
Severity: Minor
Found in lib/msf/core/exploit/format/webarchive.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method file_dropper_delete_file has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

  def file_dropper_delete_file(session, file)
    win_file = file_dropper_win_path(file)

    if session.type == 'meterpreter'
      begin
Severity: Minor
Found in lib/msf/core/exploit/file_dropper.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method blind_detect_length has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

    def blind_detect_length(query, timebased)
      if_function = ''
      sleep_part = ''
      if timebased
        if_function = 'if(' + if_function
Severity: Minor
Found in lib/msf/core/exploit/sqli/mysqli/common.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method generate_ruby_deserialization_for_payload has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

    def generate_ruby_deserialization_for_payload(payload, name)
      command = nil

      if payload.platform.platforms == [Msf::Module::Platform::Windows]
        if [ Rex::Arch::ARCH_X86, Rex::Arch::ARCH_X64 ].include? payload.arch.first
Severity: Minor
Found in lib/msf/core/exploit/ruby_deserialization.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method test_vulnerable has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

    def test_vulnerable
      random_string_len = @truncation_length ? [rand(2..10), @truncation_length].min : rand(2..10)
      random_string = Rex::Text.rand_text_alphanumeric(random_string_len)
      query_string = "'#{random_string}'"
      query_string = @encoder[:encode].sub(/\^DATA\^/, query_string) if @encoder
Severity: Minor
Found in lib/msf/core/exploit/sqli/mysqli/common.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method blind_detect_length has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

    def blind_detect_length(query, timebased)
      sleep_part = ''
      if timebased
        sleep_part = " and randomblob(#{@heavyquery_parameter})"
      end
Severity: Minor
Found in lib/msf/core/exploit/sqli/sqlitei/common.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method errors has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

    def errors(&block)
      return unless @value
      return unless block_given?

      parse(@value, @datastore).each do |result|
Severity: Minor
Found in lib/msf/core/rhosts_walker.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Severity
Category
Status
Source
Language