rapid7/metasploit-framework

View on GitHub

Showing 13,811 of 19,502 total issues

Method safe_get_once has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

            def safe_get_once(nsock = sock, loop_timeout = read_loop_timeout)
              data = ''
              begin
                res = nsock.get_once
              rescue ::EOFError
Severity: Minor
Found in lib/msf/core/exploit/remote/java/rmi/client.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method dcerpc_mgmt_inq_if_ids has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

  def dcerpc_mgmt_inq_if_ids(dport=135)
    res = []

    begin

Severity: Minor
Found in lib/msf/core/exploit/remote/dcerpc_mgmt.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method mysql_get_plugin_dir has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

  def mysql_get_plugin_dir
    print_status "Checking for MySQL plugin directory..."
    plugin_res = nil
    base_res = nil
    plugin_res = mysql_get_variable("@@plugin_dir") rescue nil
Severity: Minor
Found in lib/msf/core/exploit/remote/mysql.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method execute_powershell_payload has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

  def execute_powershell_payload
    ENV['MSF_SERVICENAME'] = datastore['SERVICE_NAME']
    command = cmd_psh_payload(payload.encoded, payload_instance.arch.first)

    if datastore['PSH::persist'] and not datastore['DisablePayloadHandler']
Severity: Minor
Found in lib/msf/core/exploit/remote/smb/client/psexec.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method test_vulnerable has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

    def test_vulnerable
      random_string_len = @truncation_length ? [rand(2..10), @truncation_length].min : rand(2..10)
      random_string = Rex::Text.rand_text_alphanumeric(random_string_len)
      query_string = "'#{random_string}'"
      query_string = @encoder[:encode].sub(/\^DATA\^/, query_string) if @encoder
Severity: Minor
Found in lib/msf/core/exploit/sqli/postgresqli/common.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method inject_eth has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

      def inject_eth(args={})
        eth_daddr   = args[:eth_daddr] || "ff:ff:ff:ff:ff:ff"
        eth_saddr   = args[:eth_saddr] || "00:00:00:00:00:00"
        eth_type    = args[:eth_type] || 0x0800 # IP default
        payload     = args[:payload]
Severity: Minor
Found in lib/msf/core/exploit/capture.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method parse_raw_request has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

    def self.parse_raw_request(request)
      return nil unless request

      opts = {}
      opts[:uri] = request.raw_uri
Severity: Minor
Found in lib/msf/core/exploit/git/smart_http/request.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method get_ref_discovery_response has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

  def get_ref_discovery_response(request, refs)
    return nil unless request

    opts = {}
    unless request.type == 'ref-discovery'
Severity: Minor
Found in lib/msf/core/exploit/git/smart_http.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method blind_detect_length has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

    def blind_detect_length(query, timebased)
      if_function = ''
      sleep_part = ''
      if timebased
        if_function = 'if(' + if_function
Severity: Minor
Found in lib/msf/core/exploit/sqli/mysqli/common.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method send_ref_discovery_request has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

  def send_ref_discovery_request(git_uri)
    puts 'sending ref discovery request'
    request_params =
    {
      'method' => 'GET',
Severity: Minor
Found in lib/msf/core/exploit/git/smart_http.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method blind_detect_length has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

    def blind_detect_length(query, timebased)
      if_function = ''
      sleep_part = ''
      if timebased
        if_function = '1=(case when ' + if_function
Severity: Minor
Found in lib/msf/core/exploit/sqli/postgresqli/common.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method test_vulnerable has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

    def test_vulnerable
      random_string_len = @truncation_length ? [rand(2..10), @truncation_length].min : rand(2..10)
      random_string = Rex::Text.rand_text_alphanumeric(random_string_len)
      query_string = "'#{random_string}'"
      query_string = @encoder[:encode].sub(/\^DATA\^/, query_string) if @encoder
Severity: Minor
Found in lib/msf/core/exploit/sqli/sqlitei/common.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method test_vulnerable has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

    def test_vulnerable
      random_string_len = @truncation_length ? [rand(2..10), @truncation_length].min : rand(2..10)
      random_string = Rex::Text.rand_text_alphanumeric(random_string_len)
      query_string = "'#{random_string}'"
      query_string = @encoder[:encode].sub(/\^DATA\^/, query_string) if @encoder
Severity: Minor
Found in lib/msf/core/exploit/sqli/mssqli/common.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method generate_omelet has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

  def generate_omelet(payload, badchars = nil, opts = {})
    # Prefer the target's platform/architecture information, but use
    # the module's if no target specific information exists
    los   = target_platform
    larch = target_arch || ARCH_X86
Severity: Minor
Found in lib/msf/core/exploit/omelet.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method blind_detect_length has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

    def blind_detect_length(query, timebased)
      sleep_part = ''
      if timebased
        sleep_part = " and randomblob(#{@heavyquery_parameter})"
      end
Severity: Minor
Found in lib/msf/core/exploit/sqli/sqlitei/common.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method backend_url has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

  def backend_url
    proto = (datastore["SSL"] ? "https" : "http")
    myhost = (datastore['SRVHOST'] == '0.0.0.0') ? Rex::Socket.source_address : datastore['SRVHOST']
    port_str = (datastore['HTTPPORT'].to_i == 80) ? '' : ":#{datastore['HTTPPORT']}"
    "#{proto}://#{myhost}#{port_str}"
Severity: Minor
Found in lib/msf/core/exploit/format/webarchive.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method install_extension has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

  def install_extension
    return '' unless datastore['INSTALL_EXTENSION']
    raise "EXTENSION_URL datastore option missing" unless datastore['EXTENSION_URL'].present?
    raise "EXTENSION_ID datastore option missing" unless datastore['EXTENSION_ID'].present?
    wrap_with_script do
Severity: Minor
Found in lib/msf/core/exploit/format/webarchive.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method inject_pcap has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

      def inject_pcap(pcap_file, filter=nil, delay = 0, pcap=self.capture)
        check_pcaprub_loaded
        unless pcap
          raise RuntimeError, "Could not access the capture process (remember to open_pcap first!)"
        end
Severity: Minor
Found in lib/msf/core/exploit/capture.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method test_vulnerable has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

    def test_vulnerable
      random_string_len = @truncation_length ? [rand(2..10), @truncation_length].min : rand(2..10)
      random_string = Rex::Text.rand_text_alphanumeric(random_string_len)
      query_string = "'#{random_string}'"
      query_string = @encoder[:encode].sub(/\^DATA\^/, query_string) if @encoder
Severity: Minor
Found in lib/msf/core/exploit/sqli/mysqli/common.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method build_pkt_line_receive_pack has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

  def build_pkt_line_receive_pack(ref, objects, branch_tip = '')
    data = ''
    commits = []
    branch_sha = '0' * 40

Severity: Minor
Found in lib/msf/core/exploit/git/smart_http.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Severity
Category
Status
Source
Language