Sign upLogin

rapid7/metasploit-framework

View on GitHub
Star

Showing 15,125 of 21,021 total issues

Method run has a Cognitive Complexity of 70 (exceeds 5 allowed). Consider refactoring.
Open

  def run
    @port = datastore['SRVPORT'].to_i

    @log_console  = false
    @log_database = false
Severity: Minor
Found in modules/auxiliary/server/fakedns.rb - About 1 day to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method get_files_info has a Cognitive Complexity of 70 (exceeds 5 allowed). Consider refactoring.
Open

  def get_files_info(ip, shares)
    # Creating a separate file for each IP address's results.
    detailed_tbl = Rex::Text::Table.new(
      'Header' => "Spidered results for #{ip}.",
      'Indent' => 1,
Severity: Minor
Found in modules/auxiliary/scanner/smb/smb_enumshares.rb - About 1 day to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Class EXE has 74 methods (exceeds 20 allowed). Consider refactoring.
Open

class EXE

require 'rex'
require 'rex/peparsey'
require 'rex/pescan'
Severity: Major
Found in lib/msf/util/exe.rb - About 1 day to fix

    Class Modules has 74 methods (exceeds 20 allowed). Consider refactoring.
    Open

            class Modules

          include Msf::Ui::Console::CommandDispatcher
          include Msf::Ui::Console::CommandDispatcher::Common
    Severity: Major
    Found in lib/msf/ui/console/command_dispatcher/modules.rb - About 1 day to fix

      File packet.rb has 624 lines of code (exceeds 250 allowed). Consider refactoring.
      Open

      require 'openssl'
require 'rex/post/meterpreter/command_mapper'

module Rex
module Post
      Severity: Major
      Found in lib/rex/post/meterpreter/packet.rb - About 1 day to fix

        Method run_host has a Cognitive Complexity of 69 (exceeds 5 allowed). Consider refactoring.
        Open

          def run_host(ip)

    begin
      snmp = connect_snmp
        Severity: Minor
        Found in modules/auxiliary/scanner/snmp/sbg6580_enum.rb - About 1 day to fix

        Cognitive Complexity

        Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

        A method's cognitive complexity is based on a few simple rules:

        • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
        • Code is considered more complex for each "break in the linear flow of the code"
        • Code is considered more complex when "flow breaking structures are nested"

        Further reading

        Method cmd_set has a Cognitive Complexity of 69 (exceeds 5 allowed). Consider refactoring.
        Open

          def cmd_set(*args)
    # Figure out if these are global variables
    global = false
    append = false
    clear = false
        Severity: Minor
        Found in lib/msf/ui/console/command_dispatcher/core.rb - About 1 day to fix

        Cognitive Complexity

        Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

        A method's cognitive complexity is based on a few simple rules:

        • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
        • Code is considered more complex for each "break in the linear flow of the code"
        • Code is considered more complex when "flow breaking structures are nested"

        Further reading

        File oraenum.rb has 621 lines of code (exceeds 250 allowed). Consider refactoring.
        Open

        class MetasploitModule < Msf::Auxiliary
  include Msf::Auxiliary::Report
  include Msf::Exploit::ORACLE

  def initialize(info = {})
        Severity: Major
        Found in modules/auxiliary/admin/oracle/oraenum.rb - About 1 day to fix

          Method exploit has 272 lines of code (exceeds 25 allowed). Consider refactoring.
          Open

            def exploit
    if !datastore['ForceExploit'] && is_root?
      fail_with(Failure::BadConfig, 'Session already has root privileges. Set ForceExploit to override.')
    end
          Severity: Major
          Found in modules/exploits/linux/local/sock_sendpage.rb - About 1 day to fix

            Method run has a Cognitive Complexity of 68 (exceeds 5 allowed). Consider refactoring.
            Open

              def run
    print_status('Gathering System info ....')
    vm = nil
    dmi_info = nil
            Severity: Minor
            Found in modules/post/linux/gather/checkvm.rb - About 1 day to fix

            Cognitive Complexity

            Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

            A method's cognitive complexity is based on a few simple rules:

            • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
            • Code is considered more complex for each "break in the linear flow of the code"
            • Code is considered more complex when "flow breaking structures are nested"

            Further reading

            Method cmd_hosts has a Cognitive Complexity of 68 (exceeds 5 allowed). Consider refactoring.
            Open

              def cmd_hosts(*args)
    return unless active?
    onlyup = false
    set_rhosts = false
    mode = []
            Severity: Minor
            Found in lib/msf/ui/console/command_dispatcher/db.rb - About 1 day to fix

            Cognitive Complexity

            Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

            A method's cognitive complexity is based on a few simple rules:

            • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
            • Code is considered more complex for each "break in the linear flow of the code"
            • Code is considered more complex when "flow breaking structures are nested"

            Further reading

            Method rpc_del_vuln has a Cognitive Complexity of 68 (exceeds 5 allowed). Consider refactoring.
            Open

              def rpc_del_vuln(xopts)
  ::ApplicationRecord.connection_pool.with_connection {
    opts, wspace = init_db_opts_workspace(xopts)
    opts[:workspace] = opts[:workspace].name
    hosts  = []
            Severity: Minor
            Found in lib/msf/core/rpc/v10/rpc_db.rb - About 1 day to fix

            Cognitive Complexity

            Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

            A method's cognitive complexity is based on a few simple rules:

            • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
            • Code is considered more complex for each "break in the linear flow of the code"
            • Code is considered more complex when "flow breaking structures are nested"

            Further reading

            File whatsupgold_credential_dump.rb has 614 lines of code (exceeds 250 allowed). Consider refactoring.
            Open

            require 'metasploit/framework/credential_collection'

class MetasploitModule < Msf::Post
  include Msf::Post::Common
  include Msf::Post::File
            Severity: Major
            Found in modules/post/windows/gather/credentials/whatsupgold_credential_dump.rb - About 1 day to fix

              Method apply_prepends has 267 lines of code (exceeds 25 allowed). Consider refactoring.
              Open

                def apply_prepends(buf)
    pre = ''
    app = ''

    test_arch = [ *(self.arch) ]
              Severity: Major
              Found in lib/msf/core/payload/linux.rb - About 1 day to fix

                Method to_executable_fmt has a Cognitive Complexity of 67 (exceeds 5 allowed). Consider refactoring.
                Open

                  def self.to_executable_fmt(framework, arch, plat, code, fmt, exeopts)
    # For backwards compatibility with the way this gets called when
    # generating from Msf::Simple::Payload.generate_simple
    if arch.kind_of? Array
      output = nil
                Severity: Minor
                Found in lib/msf/util/exe.rb - About 1 day to fix

                Cognitive Complexity

                Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                A method's cognitive complexity is based on a few simple rules:

                • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                • Code is considered more complex for each "break in the linear flow of the code"
                • Code is considered more complex when "flow breaking structures are nested"

                Further reading

                Method cmd_loot has a Cognitive Complexity of 67 (exceeds 5 allowed). Consider refactoring.
                Open

                  def cmd_loot(*args)
    return unless active?

    mode = :search
    host_ranges = []
                Severity: Minor
                Found in lib/msf/ui/console/command_dispatcher/db.rb - About 1 day to fix

                Cognitive Complexity

                Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                A method's cognitive complexity is based on a few simple rules:

                • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                • Code is considered more complex for each "break in the linear flow of the code"
                • Code is considered more complex when "flow breaking structures are nested"

                Further reading

                Method rpc_del_service has a Cognitive Complexity of 67 (exceeds 5 allowed). Consider refactoring.
                Open

                  def rpc_del_service(xopts)
  ::ApplicationRecord.connection_pool.with_connection {
    opts, wspace = init_db_opts_workspace(xopts)
    hosts  = []
    services = []
                Severity: Minor
                Found in lib/msf/core/rpc/v10/rpc_db.rb - About 1 day to fix

                Cognitive Complexity

                Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                A method's cognitive complexity is based on a few simple rules:

                • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                • Code is considered more complex for each "break in the linear flow of the code"
                • Code is considered more complex when "flow breaking structures are nested"

                Further reading

                Method crawler_process_page has a Cognitive Complexity of 66 (exceeds 5 allowed). Consider refactoring.
                Open

                  def crawler_process_page(t, page, cnt)
    return if page.nil? # Skip over pages that don't contain any info aka page is nil. We can't process these types of pages since there is no data to process.
    msg = "[#{"%.5d" % cnt}/#{"%.5d" % max_page_count}]    #{page ? page.code || "ERR" : "ERR"} - #{t[:vhost]} - #{page.url}"
    if page.error
      print_error("Error accessing page #{page.error.to_s}")
                Severity: Minor
                Found in modules/auxiliary/scanner/http/crawler.rb - About 1 day to fix

                Cognitive Complexity

                Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                A method's cognitive complexity is based on a few simple rules:

                • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                • Code is considered more complex for each "break in the linear flow of the code"
                • Code is considered more complex when "flow breaking structures are nested"

                Further reading

                File vim_soap.rb has 597 lines of code (exceeds 250 allowed). Consider refactoring.
                Open

                module Msf

module Exploit::Remote::VIMSoap
  include Msf::Exploit::Remote::HttpClient
                Severity: Major
                Found in lib/msf/core/exploit/remote/vim_soap.rb - About 1 day to fix

                  File auth_brute.rb has 592 lines of code (exceeds 250 allowed). Consider refactoring.
                  Open

                  module Msf

###
#
# This module provides methods for brute forcing authentication
                  Severity: Major
                  Found in lib/msf/core/auxiliary/auth_brute.rb - About 1 day to fix
                    Severity
                    Category
                    Status
                    Source
                    Language