Sign upLogin

rapid7/metasploit-framework

View on GitHub
Star

Showing 15,730 of 21,757 total issues

Method on_request_uri has 280 lines of code (exceeds 25 allowed). Consider refactoring.
Open

  def on_request_uri(cli, request)
    print_status("Request from #{request['User-Agent']}")
    if request.uri =~ %r{/loader32$}
      print_good("armle target is vulnerable.")
      local_file = File.join( Msf::Config.data_directory, "exploits", "CVE-2016-4655", "exploit32" )
Severity: Major
Found in modules/exploits/apple_ios/browser/webkit_trident.rb - About 1 day to fix

    Method run has a Cognitive Complexity of 70 (exceeds 5 allowed). Consider refactoring.
    Open

      def run
    @port = datastore['SRVPORT'].to_i

    @log_console  = false
    @log_database = false
    Severity: Minor
    Found in modules/auxiliary/server/fakedns.rb - About 1 day to fix

    Cognitive Complexity

    Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

    A method's cognitive complexity is based on a few simple rules:

    • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
    • Code is considered more complex for each "break in the linear flow of the code"
    • Code is considered more complex when "flow breaking structures are nested"

    Further reading

    Method get_files_info has a Cognitive Complexity of 70 (exceeds 5 allowed). Consider refactoring.
    Open

      def get_files_info(ip, shares)
    # Creating a separate file for each IP address's results.
    detailed_tbl = Rex::Text::Table.new(
      'Header' => "Spidered results for #{ip}.",
      'Indent' => 1,
    Severity: Minor
    Found in modules/auxiliary/scanner/smb/smb_enumshares.rb - About 1 day to fix

    Cognitive Complexity

    Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

    A method's cognitive complexity is based on a few simple rules:

    • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
    • Code is considered more complex for each "break in the linear flow of the code"
    • Code is considered more complex when "flow breaking structures are nested"

    Further reading

    Class EXE has 74 methods (exceeds 20 allowed). Consider refactoring.
    Open

    class EXE

require 'rex'
require 'rex/peparsey'
require 'rex/pescan'
    Severity: Major
    Found in lib/msf/util/exe.rb - About 1 day to fix

      Class Modules has 74 methods (exceeds 20 allowed). Consider refactoring.
      Open

              class Modules

          include Msf::Ui::Console::CommandDispatcher
          include Msf::Ui::Console::CommandDispatcher::Common
      Severity: Major
      Found in lib/msf/ui/console/command_dispatcher/modules.rb - About 1 day to fix

        File packet.rb has 624 lines of code (exceeds 250 allowed). Consider refactoring.
        Open

        require 'openssl'
require 'rex/post/meterpreter/command_mapper'

module Rex
module Post
        Severity: Major
        Found in lib/rex/post/meterpreter/packet.rb - About 1 day to fix

          Method run_host has a Cognitive Complexity of 69 (exceeds 5 allowed). Consider refactoring.
          Open

            def run_host(ip)

    begin
      snmp = connect_snmp
          Severity: Minor
          Found in modules/auxiliary/scanner/snmp/sbg6580_enum.rb - About 1 day to fix

          Cognitive Complexity

          Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

          A method's cognitive complexity is based on a few simple rules:

          • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
          • Code is considered more complex for each "break in the linear flow of the code"
          • Code is considered more complex when "flow breaking structures are nested"

          Further reading

          Method cmd_set has a Cognitive Complexity of 69 (exceeds 5 allowed). Consider refactoring.
          Open

            def cmd_set(*args)
    # Figure out if these are global variables
    global = false
    append = false
    clear = false
          Severity: Minor
          Found in lib/msf/ui/console/command_dispatcher/core.rb - About 1 day to fix

          Cognitive Complexity

          Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

          A method's cognitive complexity is based on a few simple rules:

          • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
          • Code is considered more complex for each "break in the linear flow of the code"
          • Code is considered more complex when "flow breaking structures are nested"

          Further reading

          File oraenum.rb has 621 lines of code (exceeds 250 allowed). Consider refactoring.
          Open

          class MetasploitModule < Msf::Auxiliary
  include Msf::Auxiliary::Report
  include Msf::Exploit::ORACLE

  def initialize(info = {})
          Severity: Major
          Found in modules/auxiliary/admin/oracle/oraenum.rb - About 1 day to fix

            Method exploit has 272 lines of code (exceeds 25 allowed). Consider refactoring.
            Open

              def exploit
    if !datastore['ForceExploit'] && is_root?
      fail_with(Failure::BadConfig, 'Session already has root privileges. Set ForceExploit to override.')
    end
            Severity: Major
            Found in modules/exploits/linux/local/sock_sendpage.rb - About 1 day to fix

              Method run has a Cognitive Complexity of 68 (exceeds 5 allowed). Consider refactoring.
              Open

                def run
    def check_results(passwords, results, hash_type, method)
      passwords.each do |password_line|
        password_line.chomp!
        next if password_line.blank?
              Severity: Minor
              Found in modules/auxiliary/analyze/crack_databases.rb - About 1 day to fix

              Cognitive Complexity

              Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

              A method's cognitive complexity is based on a few simple rules:

              • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
              • Code is considered more complex for each "break in the linear flow of the code"
              • Code is considered more complex when "flow breaking structures are nested"

              Further reading

              Method run has a Cognitive Complexity of 68 (exceeds 5 allowed). Consider refactoring.
              Open

                def run
    print_status('Gathering System info ....')
    vm = nil
    dmi_info = nil
              Severity: Minor
              Found in modules/post/linux/gather/checkvm.rb - About 1 day to fix

              Cognitive Complexity

              Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

              A method's cognitive complexity is based on a few simple rules:

              • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
              • Code is considered more complex for each "break in the linear flow of the code"
              • Code is considered more complex when "flow breaking structures are nested"

              Further reading

              Method cmd_hosts has a Cognitive Complexity of 68 (exceeds 5 allowed). Consider refactoring.
              Open

                def cmd_hosts(*args)
    return unless active?
    onlyup = false
    set_rhosts = false
    mode = []
              Severity: Minor
              Found in lib/msf/ui/console/command_dispatcher/db.rb - About 1 day to fix

              Cognitive Complexity

              Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

              A method's cognitive complexity is based on a few simple rules:

              • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
              • Code is considered more complex for each "break in the linear flow of the code"
              • Code is considered more complex when "flow breaking structures are nested"

              Further reading

              Method rpc_del_vuln has a Cognitive Complexity of 68 (exceeds 5 allowed). Consider refactoring.
              Open

                def rpc_del_vuln(xopts)
  ::ApplicationRecord.connection_pool.with_connection {
    opts, wspace = init_db_opts_workspace(xopts)
    opts[:workspace] = opts[:workspace].name
    hosts  = []
              Severity: Minor
              Found in lib/msf/core/rpc/v10/rpc_db.rb - About 1 day to fix

              Cognitive Complexity

              Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

              A method's cognitive complexity is based on a few simple rules:

              • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
              • Code is considered more complex for each "break in the linear flow of the code"
              • Code is considered more complex when "flow breaking structures are nested"

              Further reading

              File whatsupgold_credential_dump.rb has 614 lines of code (exceeds 250 allowed). Consider refactoring.
              Open

              require 'metasploit/framework/credential_collection'

class MetasploitModule < Msf::Post
  include Msf::Post::Common
  include Msf::Post::File
              Severity: Major
              Found in modules/post/windows/gather/credentials/whatsupgold_credential_dump.rb - About 1 day to fix

                Method apply_prepends has 267 lines of code (exceeds 25 allowed). Consider refactoring.
                Open

                  def apply_prepends(buf)
    pre = ''
    app = ''

    test_arch = [ *(self.arch) ]
                Severity: Major
                Found in lib/msf/core/payload/linux.rb - About 1 day to fix

                  File dns.rb has 611 lines of code (exceeds 250 allowed). Consider refactoring.
                  Open

                  module Msf
module Ui
module Console
module CommandDispatcher
                  Severity: Major
                  Found in lib/msf/ui/console/command_dispatcher/dns.rb - About 1 day to fix

                    Method run has a Cognitive Complexity of 67 (exceeds 5 allowed). Consider refactoring.
                    Open

                      def run
    def check_results(passwords, results, hash_type, method)
      passwords.each do |password_line|
        password_line.chomp!
        next if password_line.blank?
                    Severity: Minor
                    Found in modules/auxiliary/analyze/crack_linux.rb - About 1 day to fix

                    Cognitive Complexity

                    Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                    A method's cognitive complexity is based on a few simple rules:

                    • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                    • Code is considered more complex for each "break in the linear flow of the code"
                    • Code is considered more complex when "flow breaking structures are nested"

                    Further reading

                    Method to_executable_fmt has a Cognitive Complexity of 67 (exceeds 5 allowed). Consider refactoring.
                    Open

                      def self.to_executable_fmt(framework, arch, plat, code, fmt, exeopts)
    # For backwards compatibility with the way this gets called when
    # generating from Msf::Simple::Payload.generate_simple
    if arch.kind_of? Array
      output = nil
                    Severity: Minor
                    Found in lib/msf/util/exe.rb - About 1 day to fix

                    Cognitive Complexity

                    Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                    A method's cognitive complexity is based on a few simple rules:

                    • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                    • Code is considered more complex for each "break in the linear flow of the code"
                    • Code is considered more complex when "flow breaking structures are nested"

                    Further reading

                    Method cmd_loot has a Cognitive Complexity of 67 (exceeds 5 allowed). Consider refactoring.
                    Open

                      def cmd_loot(*args)
    return unless active?

    mode = :search
    host_ranges = []
                    Severity: Minor
                    Found in lib/msf/ui/console/command_dispatcher/db.rb - About 1 day to fix

                    Cognitive Complexity

                    Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                    A method's cognitive complexity is based on a few simple rules:

                    • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                    • Code is considered more complex for each "break in the linear flow of the code"
                    • Code is considered more complex when "flow breaking structures are nested"

                    Further reading

                    Severity
                    Category
                    Status
                    Source
                    Language