Sign upLogin

rapid7/metasploit-framework

View on GitHub
Star

Showing 13,734 of 19,454 total issues

Method initialize has 390 lines of code (exceeds 25 allowed). Consider refactoring.
Open

  def initialize(info = {})
    super(merge_info(info,
      'Name'          => 'NetWare Command Shell',
      'Description'   => 'Connect to the NetWare console (staged)',
      'Author'        => 'toto',
Severity: Major
Found in modules/payloads/stages/netware/shell.rb - About 1 day to fix

    Method arp_poisoning has a Cognitive Complexity of 97 (exceeds 5 allowed). Consider refactoring.
    Open

      def arp_poisoning
    lsmac = datastore['LOCALSMAC'] || @smac
    raise 'Local Source Mac is not in correct format' unless is_mac?(lsmac)

    dhosts_range = Rex::Socket::RangeWalker.new(datastore['DHOSTS'])
    Severity: Minor
    Found in modules/auxiliary/spoof/arp/arp_poisoning.rb - About 1 day to fix

    Cognitive Complexity

    Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

    A method's cognitive complexity is based on a few simple rules:

    • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
    • Code is considered more complex for each "break in the linear flow of the code"
    • Code is considered more complex when "flow breaking structures are nested"

    Further reading

    Method check_results has a Cognitive Complexity of 97 (exceeds 5 allowed). Consider refactoring.
    Open

        def check_results(passwords, results, hash_type, hashes, method, cracker)
      passwords.each do |password_line|
        password_line.chomp!
        next if password_line.blank?
        fields = password_line.split(":")
    Severity: Minor
    Found in modules/auxiliary/analyze/crack_databases.rb - About 1 day to fix

    Cognitive Complexity

    Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

    A method's cognitive complexity is based on a few simple rules:

    • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
    • Code is considered more complex for each "break in the linear flow of the code"
    • Code is considered more complex when "flow breaking structures are nested"

    Further reading

    Method creds_search has a Cognitive Complexity of 95 (exceeds 5 allowed). Consider refactoring.
    Open

      def creds_search(*args)
    host_ranges   = []
    origin_ranges = []
    port_ranges   = []
    svcs          = []
    Severity: Minor
    Found in lib/msf/ui/console/command_dispatcher/creds.rb - About 1 day to fix

    Cognitive Complexity

    Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

    A method's cognitive complexity is based on a few simple rules:

    • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
    • Code is considered more complex for each "break in the linear flow of the code"
    • Code is considered more complex when "flow breaking structures are nested"

    Further reading

    Method import_libpcap has a Cognitive Complexity of 95 (exceeds 5 allowed). Consider refactoring.
    Open

      def import_libpcap(args={}, &block)
    data = args[:data]
    wspace = Msf::Util::DBManager.process_opts_workspace(args, framework).name
    bl = validate_ips(args[:blacklist]) ? args[:blacklist].split : []
    # seen_hosts is only used for determining when to yield an address. Once we get
    Severity: Minor
    Found in lib/msf/core/db_manager/import/libpcap.rb - About 1 day to fix

    Cognitive Complexity

    Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

    A method's cognitive complexity is based on a few simple rules:

    • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
    • Code is considered more complex for each "break in the linear flow of the code"
    • Code is considered more complex when "flow breaking structures are nested"

    Further reading

    File cve_2019_0708_bluekeep_rce.rb has 798 lines of code (exceeds 250 allowed). Consider refactoring.
    Open

    class MetasploitModule < Msf::Exploit::Remote
  prepend Msf::Exploit::Remote::AutoCheck

  Rank = ManualRanking
    Severity: Major
    Found in modules/exploits/windows/rdp/cve_2019_0708_bluekeep_rce.rb - About 1 day to fix

      Method run_host has a Cognitive Complexity of 93 (exceeds 5 allowed). Consider refactoring.
      Open

        def run_host(ip)
    begin

    res = send_request_raw({
      'uri'     => '/oradb/PUBLIC/GLOBAL_NAME',
      Severity: Minor
      Found in modules/auxiliary/scanner/oracle/xdb_sid_brute.rb - About 1 day to fix

      Cognitive Complexity

      Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

      A method's cognitive complexity is based on a few simple rules:

      • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
      • Code is considered more complex for each "break in the linear flow of the code"
      • Code is considered more complex when "flow breaking structures are nested"

      Further reading

      File exploit.rb has 785 lines of code (exceeds 250 allowed). Consider refactoring.
      Open

      module Msf



###
      Severity: Major
      Found in lib/msf/core/exploit.rb - About 1 day to fix

        Method run_host has a Cognitive Complexity of 91 (exceeds 5 allowed). Consider refactoring.
        Open

          def run_host(target_host)
    conn = true
    ecode = nil
    emesg = nil
        Severity: Minor
        Found in modules/auxiliary/scanner/http/svn_scanner.rb - About 1 day to fix

        Cognitive Complexity

        Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

        A method's cognitive complexity is based on a few simple rules:

        • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
        • Code is considered more complex for each "break in the linear flow of the code"
        • Code is considered more complex when "flow breaking structures are nested"

        Further reading

        Method run has a Cognitive Complexity of 90 (exceeds 5 allowed). Consider refactoring.
        Open

          def run
    cracker = new_password_cracker(action.name)

    lookups = []
        Severity: Minor
        Found in modules/auxiliary/analyze/apply_pot.rb - About 1 day to fix

        Cognitive Complexity

        Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

        A method's cognitive complexity is based on a few simple rules:

        • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
        • Code is considered more complex for each "break in the linear flow of the code"
        • Code is considered more complex when "flow breaking structures are nested"

        Further reading

        Method run_host has a Cognitive Complexity of 89 (exceeds 5 allowed). Consider refactoring.
        Open

          def run_host(ip)

    path = datastore['PATH']
    check1 = [
      'iNotes/Forms5.nsf',
        Severity: Minor
        Found in modules/auxiliary/scanner/lotus/lotus_domino_version.rb - About 1 day to fix

        Cognitive Complexity

        Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

        A method's cognitive complexity is based on a few simple rules:

        • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
        • Code is considered more complex for each "break in the linear flow of the code"
        • Code is considered more complex when "flow breaking structures are nested"

        Further reading

        Method cmd_services has a Cognitive Complexity of 89 (exceeds 5 allowed). Consider refactoring.
        Open

          def cmd_services(*args)
    return unless active?
    mode = :search
    onlyup = false
    output_file = nil
        Severity: Minor
        Found in lib/msf/ui/console/command_dispatcher/db.rb - About 1 day to fix

        Cognitive Complexity

        Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

        A method's cognitive complexity is based on a few simple rules:

        • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
        • Code is considered more complex for each "break in the linear flow of the code"
        • Code is considered more complex when "flow breaking structures are nested"

        Further reading

        File browser_autopwn.rb has 756 lines of code (exceeds 250 allowed). Consider refactoring.
        Open

        require 'rex/exploitation/js/detect'
require 'rex/exploitation/jsobfu'

class MetasploitModule < Msf::Auxiliary
  include Msf::Exploit::Remote::HttpServer::HTML
        Severity: Major
        Found in modules/auxiliary/server/browser_autopwn.rb - About 1 day to fix

          File navigation.rb has 749 lines of code (exceeds 250 allowed). Consider refactoring.
          Open

          def without_prefix(prefix)
  proc { |value| value.sub(/^#{prefix}/, '') }
end

NAVIGATION_CONFIG = [
          Severity: Major
          Found in docs/navigation.rb - About 1 day to fix

            File snmp_enum.rb has 745 lines of code (exceeds 250 allowed). Consider refactoring.
            Open

            class MetasploitModule < Msf::Auxiliary
  include Msf::Exploit::Remote::SNMPClient
  include Msf::Auxiliary::Report
  include Msf::Auxiliary::Scanner
            Severity: Major
            Found in modules/auxiliary/scanner/snmp/snmp_enum.rb - About 1 day to fix

              Method run has a Cognitive Complexity of 85 (exceeds 5 allowed). Consider refactoring.
              Open

                def run
    return if not check_dependencies

    begin
      # Get all values from v$parameter
              Severity: Minor
              Found in modules/auxiliary/admin/oracle/oraenum.rb - About 1 day to fix

              Cognitive Complexity

              Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

              A method's cognitive complexity is based on a few simple rules:

              • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
              • Code is considered more complex for each "break in the linear flow of the code"
              • Code is considered more complex when "flow breaking structures are nested"

              Further reading

              File ssllabs_scan.rb has 732 lines of code (exceeds 250 allowed). Consider refactoring.
              Open

              require 'active_support/inflector'
require 'json'
require 'active_support/core_ext/hash'

class MetasploitModule < Msf::Auxiliary
              Severity: Major
              Found in modules/auxiliary/gather/ssllabs_scan.rb - About 1 day to fix

                File mssql_enum.rb has 729 lines of code (exceeds 250 allowed). Consider refactoring.
                Open

                class MetasploitModule < Msf::Auxiliary
  include Msf::Exploit::Remote::MSSQL
  include Msf::Auxiliary::Report

  def initialize(info = {})
                Severity: Major
                Found in modules/auxiliary/admin/mssql/mssql_enum.rb - About 1 day to fix

                  Method end_element has a Cognitive Complexity of 84 (exceeds 5 allowed). Consider refactoring.
                  Open

                    def end_element(name=nil)
    block = @block
    case name
    when 'name'
      if in_tag('result')
                  Severity: Minor
                  Found in lib/rex/parser/openvas_document.rb - About 1 day to fix

                  Cognitive Complexity

                  Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                  A method's cognitive complexity is based on a few simple rules:

                  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                  • Code is considered more complex for each "break in the linear flow of the code"
                  • Code is considered more complex when "flow breaking structures are nested"

                  Further reading

                  Method cmd_workspace has a Cognitive Complexity of 84 (exceeds 5 allowed). Consider refactoring.
                  Open

                    def cmd_workspace(*args)
    return unless active?

    state = :nil
                  Severity: Minor
                  Found in lib/msf/ui/console/command_dispatcher/db.rb - About 1 day to fix

                  Cognitive Complexity

                  Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                  A method's cognitive complexity is based on a few simple rules:

                  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                  • Code is considered more complex for each "break in the linear flow of the code"
                  • Code is considered more complex when "flow breaking structures are nested"

                  Further reading

                  Severity
                  Category
                  Status
                  Source
                  Language