Sign upLogin

rapid7/metasploit-framework

View on GitHub
Star

Showing 2,949 of 22,177 total issues

Similar blocks of code found in 5 locations. Consider refactoring.
Open

    register_options(
      [
        Opt::RPORT(8081),
        OptString.new('TARGETURI', [true, 'Application path', '/']),
        OptString.new('USERNAME', [false, 'The username to login as', 'admin']),
Severity: Minor
Found in modules/auxiliary/admin/http/nuuo_nvrmini_reset.rb and 4 other locations - About 15 mins to fix
modules/auxiliary/scanner/http/syncovery_linux_login.rb on lines 38..44
modules/auxiliary/scanner/http/wowza_streaming_engine_manager_login.rb on lines 35..41
modules/exploits/linux/http/bitbucket_git_cmd_injection.rb on lines 76..82
modules/exploits/windows/http/advantech_iview_networkservlet_cmd_inject.rb on lines 72..78

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 26.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Similar blocks of code found in 5 locations. Consider refactoring.
Open

    register_options(
      [
        Opt::RPORT(9200), # default to elastic port, kibana is 5601
        OptString.new('USERNAME', [ false, 'Elastic User to login with', '']),
        OptString.new('PASSWORD', [ false, 'Elastic Password to login with', '']),
Severity: Minor
Found in modules/exploits/linux/http/kibana_upgrade_assistant_telemetry_rce.rb and 4 other locations - About 15 mins to fix
modules/auxiliary/gather/splunk_raw_server_info.rb on lines 38..44
modules/auxiliary/scanner/http/chef_webui_login.rb on lines 34..40
modules/exploits/windows/http/hp_sitescope_dns_tool.rb on lines 55..61
modules/exploits/windows/http/pgadmin_binary_path_api.rb on lines 52..58

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 26.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Similar blocks of code found in 5 locations. Consider refactoring.
Open

    register_options(
      [
        Opt::RPORT(8999), # Default is HTTP: 8999; HTTPS: 8943
        OptString.new('USERNAME', [true, 'The username to Syncovery (default: default)', 'default']),
        OptString.new('PASSWORD', [false, 'The password to Syncovery (default: pass)', 'pass']),
Severity: Minor
Found in modules/auxiliary/scanner/http/syncovery_linux_login.rb and 4 other locations - About 15 mins to fix
modules/auxiliary/admin/http/nuuo_nvrmini_reset.rb on lines 38..44
modules/auxiliary/scanner/http/wowza_streaming_engine_manager_login.rb on lines 35..41
modules/exploits/linux/http/bitbucket_git_cmd_injection.rb on lines 76..82
modules/exploits/windows/http/advantech_iview_networkservlet_cmd_inject.rb on lines 72..78

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 26.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Similar blocks of code found in 5 locations. Consider refactoring.
Open

    register_options(
      [
        Opt::RPORT(8080),
        OptString.new('TARGETURI', [ true, 'The base path to Advantech iView', '/iView3']),
        OptString.new('USERNAME', [ false, 'The user name to authenticate with', 'admin']),
Severity: Minor
Found in modules/exploits/windows/http/advantech_iview_networkservlet_cmd_inject.rb and 4 other locations - About 15 mins to fix
modules/auxiliary/admin/http/nuuo_nvrmini_reset.rb on lines 38..44
modules/auxiliary/scanner/http/syncovery_linux_login.rb on lines 38..44
modules/auxiliary/scanner/http/wowza_streaming_engine_manager_login.rb on lines 35..41
modules/exploits/linux/http/bitbucket_git_cmd_injection.rb on lines 76..82

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 26.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Similar blocks of code found in 5 locations. Consider refactoring.
Open

    register_options(
      [
        Opt::RPORT(8000),
        OptString.new('USERNAME', [ false, 'User to login with', '']),
        OptString.new('PASSWORD', [ false, 'Password to login with', '']),
Severity: Minor
Found in modules/exploits/windows/http/pgadmin_binary_path_api.rb and 4 other locations - About 15 mins to fix
modules/auxiliary/gather/splunk_raw_server_info.rb on lines 38..44
modules/auxiliary/scanner/http/chef_webui_login.rb on lines 34..40
modules/exploits/linux/http/kibana_upgrade_assistant_telemetry_rce.rb on lines 58..64
modules/exploits/windows/http/hp_sitescope_dns_tool.rb on lines 55..61

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 26.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Similar blocks of code found in 5 locations. Consider refactoring.
Open

      # ROP chain (sayonara) courtesy of WhitePhosphorus (thanks guys!)
      # a non-sayonara ROP would be super easy too, I'm just lazy :)
      0x7C344CC1,  # pop eax;ret;
      0x7C3410C2, # pop ecx;pop ecx;ret;
      0x7C342462, # xor chain; call eax {0x7C3410C2}
Severity: Minor
Found in modules/exploits/windows/misc/avidphoneticindexer.rb and 4 other locations - About 15 mins to fix
modules/exploits/windows/browser/cisco_playerpt_setsource.rb on lines 137..161
modules/exploits/windows/emc/networker_format_string.rb on lines 80..107
modules/exploits/windows/fileformat/visiwave_vwr_type.rb on lines 73..97
modules/exploits/windows/scada/iconics_genbroker.rb on lines 299..323

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 26.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Similar blocks of code found in 7 locations. Consider refactoring.
Open

    unless header && header.length == 6 && header[0, 4] == "\x00\x43\x00\x00"
      disconnect
      fail_with(Failure::Unknown, "#{rhost}:#{rport} - Failure reading packet identifier")
    end
Severity: Minor
Found in modules/exploits/multi/misc/arkeia_agent_exec.rb and 6 other locations - About 15 mins to fix
modules/exploits/multi/misc/arkeia_agent_exec.rb on lines 364..367
modules/exploits/multi/misc/arkeia_agent_exec.rb on lines 389..392
modules/exploits/multi/misc/arkeia_agent_exec.rb on lines 417..420
modules/exploits/multi/misc/arkeia_agent_exec.rb on lines 481..484
modules/exploits/multi/misc/arkeia_agent_exec.rb on lines 504..507
modules/exploits/multi/misc/arkeia_agent_exec.rb on lines 527..530

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 26.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Similar blocks of code found in 7 locations. Consider refactoring.
Open

          [ 'Windows 2000 Pro SP0-4 French',   { 'Ret' => 0x74fa3112 } ], # call ecx ws2help.dll
          [ 'Windows 2000 Pro SP0-4 Italian',  { 'Ret' => 0x74fd3112 } ], # call ecx ws2help.dll
          [ 'Windows XP Pro SP0/1 English',    { 'Ret' => 0x71aa396d } ], # call ecx ws2help.dll
          [ 'Windows XP Pro SP2 English',         { 'Ret' => 0x71aa3de3 } ], # call ecx ws2help.dll
        ],
Severity: Minor
Found in modules/exploits/windows/http/psoproxy91_overflow.rb and 6 other locations - About 15 mins to fix
modules/exploits/windows/fileformat/ms09_067_excel_featheader.rb on lines 69..91
modules/exploits/windows/ftp/netterm_netftpd_user.rb on lines 40..68
modules/exploits/windows/http/maxdb_webdbm_get_overflow.rb on lines 45..49
modules/exploits/windows/http/savant_31_overflow.rb on lines 55..59
modules/exploits/windows/license/sentinel_lm7_udp.rb on lines 43..47
modules/exploits/windows/proxy/ccproxy_telnet_ping.rb on lines 44..48

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 26.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Similar blocks of code found in 5 locations. Consider refactoring.
Open

    if ssl_cipher.upcase.include?('DHE_EXPORT')
      print_good('Accepts DHE_EXPORT based cipher.')
      report_vuln(
        host: ip,
        port: rport,
Severity: Minor
Found in modules/auxiliary/scanner/ssl/ssl_version.rb and 4 other locations - About 15 mins to fix
modules/auxiliary/scanner/ssl/ssl_version.rb on lines 285..294
modules/auxiliary/scanner/ssl/ssl_version.rb on lines 298..307
modules/auxiliary/scanner/ssl/ssl_version.rb on lines 324..333
modules/auxiliary/scanner/ssl/ssl_version.rb on lines 399..408

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 26.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Similar blocks of code found in 5 locations. Consider refactoring.
Open

      register_options(
        [
          Opt::RPORT(8080),
          OptString.new('SITE_SCOPE_USER', [false, 'Username for authentication', '']),
          OptString.new('SITE_SCOPE_PASSWORD', [false, 'Password for authentication', '']),
Severity: Minor
Found in modules/exploits/windows/http/hp_sitescope_dns_tool.rb and 4 other locations - About 15 mins to fix
modules/auxiliary/gather/splunk_raw_server_info.rb on lines 38..44
modules/auxiliary/scanner/http/chef_webui_login.rb on lines 34..40
modules/exploits/linux/http/kibana_upgrade_assistant_telemetry_rce.rb on lines 58..64
modules/exploits/windows/http/pgadmin_binary_path_api.rb on lines 52..58

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 26.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Similar blocks of code found in 5 locations. Consider refactoring.
Open

    if alg.downcase.include? 'md5'
      print_good('Certificate signed with MD5')
      report_vuln(
        host: ip,
        port: rport,
Severity: Minor
Found in modules/auxiliary/scanner/ssl/ssl_version.rb and 4 other locations - About 15 mins to fix
modules/auxiliary/scanner/ssl/ssl_version.rb on lines 285..294
modules/auxiliary/scanner/ssl/ssl_version.rb on lines 298..307
modules/auxiliary/scanner/ssl/ssl_version.rb on lines 311..320
modules/auxiliary/scanner/ssl/ssl_version.rb on lines 324..333

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 26.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Similar blocks of code found in 5 locations. Consider refactoring.
Open

    register_options(
      [ Opt::RPORT(9090),
        OptString.new('URI', [false, "URI for Applications Manager", '/']),
        OptString.new('USER', [true, "username", 'admin']),
        OptString.new('PASS', [true, "password", 'admin']),
Severity: Minor
Found in modules/exploits/windows/http/manageengine_apps_mngr.rb and 4 other locations - About 15 mins to fix
modules/exploits/multi/http/adobe_coldfusion_rce_cve_2023_26360.rb on lines 121..127
modules/exploits/multi/misc/legend_bot_exec.rb on lines 56..62
modules/exploits/multi/misc/w3tw0rk_exec.rb on lines 46..52
modules/exploits/multi/misc/xdh_x_exec.rb on lines 58..64

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 26.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Similar blocks of code found in 5 locations. Consider refactoring.
Open

          [
            # rop chain generated with mona.py
            # The RopDb mixin isn't used because there are badchars
            # which must be avoided
            0x7c354dab,    # POP EBP # RETN [MSVCR71.dll]
Severity: Minor
Found in modules/exploits/windows/emc/networker_format_string.rb and 4 other locations - About 15 mins to fix
modules/exploits/windows/browser/cisco_playerpt_setsource.rb on lines 137..161
modules/exploits/windows/fileformat/visiwave_vwr_type.rb on lines 73..97
modules/exploits/windows/misc/avidphoneticindexer.rb on lines 64..89
modules/exploits/windows/scada/iconics_genbroker.rb on lines 299..323

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 26.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Similar blocks of code found in 5 locations. Consider refactoring.
Open

    if ssl_cipher.upcase.include?('RC4')
      print_good('Accepts RC4 cipher.')
      report_vuln(
        host: ip,
        port: rport,
Severity: Minor
Found in modules/auxiliary/scanner/ssl/ssl_version.rb and 4 other locations - About 15 mins to fix
modules/auxiliary/scanner/ssl/ssl_version.rb on lines 298..307
modules/auxiliary/scanner/ssl/ssl_version.rb on lines 311..320
modules/auxiliary/scanner/ssl/ssl_version.rb on lines 324..333
modules/auxiliary/scanner/ssl/ssl_version.rb on lines 399..408

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 26.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Similar blocks of code found in 5 locations. Consider refactoring.
Open

    [
      0x1001AFBD,  # INC EBP; PUSH ESP; POP EDI; POP ESI; POP EBP; POP EBX; RET
      0xc0fff333,  # junk
      0xc0fff333,  # junk
      0x000004cf,  # lwSize 1231 bytes
Severity: Minor
Found in modules/exploits/windows/fileformat/visiwave_vwr_type.rb and 4 other locations - About 15 mins to fix
modules/exploits/windows/browser/cisco_playerpt_setsource.rb on lines 137..161
modules/exploits/windows/emc/networker_format_string.rb on lines 80..107
modules/exploits/windows/misc/avidphoneticindexer.rb on lines 64..89
modules/exploits/windows/scada/iconics_genbroker.rb on lines 299..323

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 26.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Similar blocks of code found in 5 locations. Consider refactoring.
Open

    if ssl_cipher.upcase.include? 'NULL'
      print_good('Accepts Null cipher')
      report_vuln(
        host: ip,
        port: rport,
Severity: Minor
Found in modules/auxiliary/scanner/ssl/ssl_version.rb and 4 other locations - About 15 mins to fix
modules/auxiliary/scanner/ssl/ssl_version.rb on lines 285..294
modules/auxiliary/scanner/ssl/ssl_version.rb on lines 298..307
modules/auxiliary/scanner/ssl/ssl_version.rb on lines 311..320
modules/auxiliary/scanner/ssl/ssl_version.rb on lines 399..408

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 26.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Similar blocks of code found in 5 locations. Consider refactoring.
Open

    register_options(
      [
        Opt::RPORT(6667),
        OptString.new('IRC_PASSWORD', [false, 'IRC Connection Password', '']),
        OptString.new('NICK', [true, 'IRC Nickname', 'msfuser']), # botnet administrator name
Severity: Minor
Found in modules/exploits/multi/misc/xdh_x_exec.rb and 4 other locations - About 15 mins to fix
modules/exploits/multi/http/adobe_coldfusion_rce_cve_2023_26360.rb on lines 121..127
modules/exploits/multi/misc/legend_bot_exec.rb on lines 56..62
modules/exploits/multi/misc/w3tw0rk_exec.rb on lines 46..52
modules/exploits/windows/http/manageengine_apps_mngr.rb on lines 32..37

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 26.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Similar blocks of code found in 5 locations. Consider refactoring.
Open

    register_options(
      [
        Opt::RPORT(7990),
        OptString.new('TARGETURI', [ true, 'The base URI of Bitbucket application', '/']),
        OptString.new('USERNAME', [ false, 'The username to authenticate with', '' ]),
Severity: Minor
Found in modules/exploits/linux/http/bitbucket_git_cmd_injection.rb and 4 other locations - About 15 mins to fix
modules/auxiliary/admin/http/nuuo_nvrmini_reset.rb on lines 38..44
modules/auxiliary/scanner/http/syncovery_linux_login.rb on lines 38..44
modules/auxiliary/scanner/http/wowza_streaming_engine_manager_login.rb on lines 35..41
modules/exploits/windows/http/advantech_iview_networkservlet_cmd_inject.rb on lines 72..78

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 26.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Similar blocks of code found in 5 locations. Consider refactoring.
Open

    register_options(
      [
        Opt::RPORT(6667),
        OptString.new('IRC_PASSWORD', [false, 'IRC Connection Password', '']),
        OptString.new('NICK', [true, 'IRC Nickname', 'msf_user']),
Severity: Minor
Found in modules/exploits/multi/misc/w3tw0rk_exec.rb and 4 other locations - About 15 mins to fix
modules/exploits/multi/http/adobe_coldfusion_rce_cve_2023_26360.rb on lines 121..127
modules/exploits/multi/misc/legend_bot_exec.rb on lines 56..62
modules/exploits/multi/misc/xdh_x_exec.rb on lines 58..64
modules/exploits/windows/http/manageengine_apps_mngr.rb on lines 32..37

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 26.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Similar blocks of code found in 5 locations. Consider refactoring.
Open

    register_options([
      Opt::RPORT(8088),
      OptString.new('USERNAME', [true, 'The username for Wowza Streaming Engine Manager', '']),
      OptString.new('PASSWORD', [false, 'The password to Wowza Streaming Engine Manager', '']),
      OptString.new('TARGETURI', [false, 'The path to Wowza Streaming Engine Manager', '/'])
Severity: Minor
Found in modules/auxiliary/scanner/http/wowza_streaming_engine_manager_login.rb and 4 other locations - About 15 mins to fix
modules/auxiliary/admin/http/nuuo_nvrmini_reset.rb on lines 38..44
modules/auxiliary/scanner/http/syncovery_linux_login.rb on lines 38..44
modules/exploits/linux/http/bitbucket_git_cmd_injection.rb on lines 76..82
modules/exploits/windows/http/advantech_iview_networkservlet_cmd_inject.rb on lines 72..78

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 26.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Severity
Category
Status
Source
Language