Sign upLogin

rapid7/metasploit-framework

View on GitHub
Star

Showing 15,831 of 21,886 total issues

Method run_host has a Cognitive Complexity of 10 (exceeds 5 allowed). Consider refactoring.
Open

  def run_host(_ip)
    soapenv = 'http://schemas.xmlsoap.org/soap/envelope/'
    soapenvenc = 'http://schemas.xmlsoap.org/soap/encoding/'
    xsi = 'http://www.w3.org/1999/XMLSchema-instance'
    xsd = 'http://www.w3.org/1999/XMLSchema'
Severity: Minor
Found in modules/auxiliary/admin/networking/cisco_secure_acs_bypass.rb - About 1 hr to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method reset_one has a Cognitive Complexity of 10 (exceeds 5 allowed). Consider refactoring.
Open

  def reset_one(password, report = false)
    (0..datastore['MAXINT']).each do |int_to_try|
      encode_pass = REXML::Text.new(password).to_s

      xml = ''
Severity: Minor
Found in modules/auxiliary/admin/http/rails_devise_pass_reset.rb - About 1 hr to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method run_host has a Cognitive Complexity of 10 (exceeds 5 allowed). Consider refactoring.
Open

  def run_host(_ip)
    tmpfile = Rex::Text.rand_text_alphanumeric(20) # Store the base64 encoded traversal data in a hard-to-brute filename, just in case.

    print_status("Attempting to connect to #{rhost}:#{rport}")
    res = send_request_raw(
Severity: Minor
Found in modules/auxiliary/admin/http/contentkeeper_fileaccess.rb - About 1 hr to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method run has a Cognitive Complexity of 10 (exceeds 5 allowed). Consider refactoring.
Open

  def run
    validate_command
    if check != Exploit::CheckCode::Appears
      fail_with(Failure::NotVulnerable, 'Target is not vulnerable')
    end
Severity: Minor
Found in modules/auxiliary/admin/http/pihole_domains_api_exec.rb - About 1 hr to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method run has a Cognitive Complexity of 10 (exceeds 5 allowed). Consider refactoring.
Open

  def run
    print_status('Establishing a connection to the target...')

    error_uri = datastore['URI'] + '/index.php?jumpurl=' + datastore['RFILE'] + '&juSecure=1&type=0&locationData=1:'
    ju_hash = nil
Severity: Minor
Found in modules/auxiliary/admin/http/typo3_sa_2009_002.rb - About 1 hr to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method run has a Cognitive Complexity of 10 (exceeds 5 allowed). Consider refactoring.
Open

  def run
    res = send_request_cgi({
      'uri' => normalize_uri(datastore['TARGETURI'], 'cgi-bin', 'cgi_system'),
      'vars_get' => { 'cmd' => 'loaddefconfig' }
    })
Severity: Minor
Found in modules/auxiliary/admin/http/nuuo_nvrmini_reset.rb - About 1 hr to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method run has a Cognitive Complexity of 10 (exceeds 5 allowed). Consider refactoring.
Open

  def run
    vprint_status("#{peer} - Attempting to connect...")
    vprint_status("#{peer} - Trying to retrieve the first user id...")
    first_id = send_sql_request('id from wp_users order by id asc limit 1 ; --')
    if first_id.nil?
Severity: Minor
Found in modules/auxiliary/admin/http/wp_symposium_sql_injection.rb - About 1 hr to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method run has a Cognitive Complexity of 10 (exceeds 5 allowed). Consider refactoring.
Open

  def run
    res = send_request_cgi({
      'uri' => normalize_uri(target_uri.path, '/verify.php'),
      'method' => 'GET',
      'vars_get' => {
Severity: Minor
Found in modules/auxiliary/admin/http/mantisbt_password_reset.rb - About 1 hr to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method check has a Cognitive Complexity of 10 (exceeds 5 allowed). Consider refactoring.
Open

  def check
    res = send_request_cgi({ 'uri' => postfixadmin_url_login, 'method' => 'GET' })

    return Exploit::CheckCode::Unknown unless res
Severity: Minor
Found in modules/auxiliary/admin/http/pfadmin_set_protected_alias.rb - About 1 hr to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method launch_instance has a Cognitive Complexity of 10 (exceeds 5 allowed). Consider refactoring.
Open

  def launch_instance(creds, subnet, sg)
    action = 'RunInstances'
    print_status("Launching instance(s) in #{datastore['Region']}, AMI: #{datastore['AMI_ID']}, key pair name: #{datastore['KEY_NAME']}, security group: #{sg}, subnet ID: #{subnet}")
    doc = call_ec2(creds, opts(action, subnet, sg))
    doc = print_results(doc, action)
Severity: Minor
Found in modules/auxiliary/admin/aws/aws_launch_instances.rb - About 1 hr to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method run has a Cognitive Complexity of 10 (exceeds 5 allowed). Consider refactoring.
Open

  def run
    print_status("Validating options...")

    unless datastore['USER_SID'] =~ /^S-(\d+-){6}\d+$/
      print_error("Invalid USER_SID. Ex: S-1-5-21-1755879683-3641577184-3486455962-1000")
Severity: Minor
Found in modules/auxiliary/admin/kerberos/ms14_068_kerberos_checksum.rb - About 1 hr to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method run has a Cognitive Complexity of 10 (exceeds 5 allowed). Consider refactoring.
Open

  def run
    offset = datastore['OFFSET'].to_i
    print_status("Attempting to dump system memory, starting at offset 0x%02x" % offset)

    wdbrpc_client_connect
Severity: Minor
Found in modules/auxiliary/admin/vxworks/wdbrpc_memory_dump.rb - About 1 hr to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method run has a Cognitive Complexity of 10 (exceeds 5 allowed). Consider refactoring.
Open

  def run

    peer = "#{rhost}:#{rport}"

    print_status("Attempting to login...")
Severity: Minor
Found in modules/auxiliary/admin/webmin/edit_html_fileaccess.rb - About 1 hr to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method load_protocols has a Cognitive Complexity of 10 (exceeds 5 allowed). Consider refactoring.
Open

  def load_protocols
    base = datastore['ProtocolBase']
    unless File.directory? base
      raise RuntimeError, 'The ProtocolBase parameter is set to an invalid directory'
    end
Severity: Minor
Found in modules/auxiliary/sniffer/psnuffle.rb - About 1 hr to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method describe_s3_bucket has a Cognitive Complexity of 10 (exceeds 5 allowed). Consider refactoring.
Open

  def describe_s3_bucket(i)
    print_good "  Name:           #{i.name}"
    print_good "  Creation Date:  #{i.creation_date}"
    print_good "  # of Objects:   #{@s3.list_objects_v2(bucket: i.name).contents.length}"
    print_good "  Region:         #{@s3.get_bucket_location(bucket: i.name).location_constraint}"
Severity: Minor
Found in modules/auxiliary/cloud/aws/enum_s3.rb - About 1 hr to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method generate_gzip has a Cognitive Complexity of 10 (exceeds 5 allowed). Consider refactoring.
Open

  def generate_gzip(size=default_size, blocks=nil, reps=nil)
    reps ||= datastore['ROUNDS']
    return blocks if reps < 1

    print_status "Generating gzip bomb..."
Severity: Minor
Found in modules/auxiliary/dos/http/gzip_bomb_dos.rb - About 1 hr to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method run has a Cognitive Complexity of 10 (exceeds 5 allowed). Consider refactoring.
Open

  def run
    credentials = ::Aws::Credentials.new(datastore['ACCESS_KEY_ID'], datastore['SECRET_ACCESS_KEY'])
    vprint_status "Checking #{datastore['REGION']}..."
    client = ::Aws::SSM::Client.new(
      region: datastore['REGION'],
Severity: Minor
Found in modules/auxiliary/cloud/aws/enum_ssm.rb - About 1 hr to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method fetch_json has a Cognitive Complexity of 10 (exceeds 5 allowed). Consider refactoring.
Open

  def fetch_json(uri)
    tpath = normalize_uri("#{datastore['TARGETURI']}/#{uri}")
    res = send_request_cgi({
      'uri' => tpath,
      'method' => 'GET'
Severity: Minor
Found in modules/auxiliary/client/hwbridge/connect.rb - About 1 hr to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method run has a Cognitive Complexity of 10 (exceeds 5 allowed). Consider refactoring.
Open

  def run
    #
    #dos = "\x00\x04\x01\x00\x34\x12\x0D\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00"
    #dos << Rex::Text.rand_text_alpha(5014)
    #
Severity: Minor
Found in modules/auxiliary/dos/scada/igss9_dataserver.rb - About 1 hr to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method get_username_from_config has a Cognitive Complexity of 10 (exceeds 5 allowed). Consider refactoring.
Open

  def get_username_from_config(un_list,ip)
    ["config", "running-config"].each do |command|
      print_status(" Attempting username gathering from #{command} on #{ip}")
      sock.puts("\r\n") # ensure that the buffer is clear
      config = sock.recv(1024)
Severity: Minor
Found in modules/auxiliary/scanner/telnet/brocade_enable_login.rb - About 1 hr to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Severity
Category
Status
Source
Language