Sign upLogin

rapid7/metasploit-framework

View on GitHub
Star

Showing 16,065 of 22,177 total issues

Method add_admin has a Cognitive Complexity of 9 (exceeds 5 allowed). Consider refactoring.
Open

  def add_admin(ldap)
    user_info = {
      'objectClass' => %w[top person organizationalPerson user],
      'cn' => new_username,
      'sn' => 'vsphere.local',
Severity: Minor
Found in modules/auxiliary/admin/ldap/vmware_vcenter_vmdir_auth_bypass.rb - About 55 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method run has a Cognitive Complexity of 9 (exceeds 5 allowed). Consider refactoring.
Open

  def run
    res = send_request_cgi(
      'uri'           => normalize_uri(target_uri.path),
      'method'        => 'POST',
      'content-type'  => 'text/xml;charset="utf-8"',
Severity: Minor
Found in modules/auxiliary/admin/upnp/soap_portmapping.rb - About 55 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method run has a Cognitive Complexity of 9 (exceeds 5 allowed). Consider refactoring.
Open

  def run
    if ['LIST'].include?(action.name)
      print_status('Retrieving Users')
      get_users
    elsif ['LIST_REPOS'].include?(action.name)
Severity: Minor
Found in modules/auxiliary/admin/http/gitstack_rest.rb - About 55 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method run has a Cognitive Complexity of 9 (exceeds 5 allowed). Consider refactoring.
Open

  def run
    if session
      set_mssql_session(session.client)
    else
      unless mssql_login_datastore
Severity: Minor
Found in modules/auxiliary/admin/mssql/mssql_exec.rb - About 55 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method get_creds has a Cognitive Complexity of 9 (exceeds 5 allowed). Consider refactoring.
Open

  def get_creds
    res = send_request_cgi({
      'uri' => '/BRS_netgear_success.html',
      'method' => 'GET'
    })
Severity: Minor
Found in modules/auxiliary/admin/http/netgear_wnr2000_pass_recovery.rb - About 55 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method run has a Cognitive Complexity of 9 (exceeds 5 allowed). Consider refactoring.
Open

  def run
    # No point to continue if directory is not specified
    if datastore['DIRECTORY'].empty?
      print_error('Please supply the path of the directory you want to list.')
      return
Severity: Minor
Found in modules/auxiliary/admin/http/manageengine_dir_listing.rb - About 55 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method run has a Cognitive Complexity of 9 (exceeds 5 allowed). Consider refactoring.
Open

  def run
    if check == Exploit::CheckCode::Safe
      print_error('Target seems safe, so we will not continue!')
      return
    end
Severity: Minor
Found in modules/auxiliary/admin/http/joomla_registration_privesc.rb - About 55 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method run has a Cognitive Complexity of 9 (exceeds 5 allowed). Consider refactoring.
Open

  def run
    return if not check_dependencies

    list = datastore['CSVFILE']
Severity: Minor
Found in modules/auxiliary/admin/oracle/oracle_login.rb - About 55 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method run has a Cognitive Complexity of 9 (exceeds 5 allowed). Consider refactoring.
Open

  def run
    begin
      if check_login('admin')
        print_good('login with user admin and no password possible. There is no need to use this module.')
        return
Severity: Minor
Found in modules/auxiliary/admin/http/linksys_tmunblock_admin_reset_bof.rb - About 55 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method exececute_os_command has a Cognitive Complexity of 9 (exceeds 5 allowed). Consider refactoring.
Open

  def exececute_os_command(admin_username, admin_password)
    out_file = Rex::Text.rand_text_alpha(8)

    cmd = "$(openssl enc -base64 -d <<< #{Base64.strict_encode64(datastore['CMD'])}) &> /var/www/#{out_file}"
Severity: Minor
Found in modules/auxiliary/admin/http/cisco_ios_xe_os_exec_cve_2023_20273.rb - About 55 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method run has a Cognitive Complexity of 9 (exceeds 5 allowed). Consider refactoring.
Open

  def run
    # If the user has supplied a username/password, we can use these creds to leverage CVE-2023-20273 and execute an OS
    # command. If a username/password have not been supplied, we can leverage CVE-2023-20198 to create a new admin
    # account, and then leverage CVE-2023-20273 to execute an OS command. This opens up the ability to leverage the
    # auxiliary module for CVE-2023-20198 to create a new admin account once, then use those new admin creds in this
Severity: Minor
Found in modules/auxiliary/admin/http/cisco_ios_xe_os_exec_cve_2023_20273.rb - About 55 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method run has a Cognitive Complexity of 9 (exceeds 5 allowed). Consider refactoring.
Open

  def run
    target  = nil
    targets = {
      # Original firmware for the North America DVC1000
      "Sorenson VP100 - ARM9TDMI"   => [[0x00229a05, 0x00000000, 0x00000001]],
Severity: Minor
Found in modules/auxiliary/admin/vxworks/dlink_i2eye_autoanswer.rb - About 55 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method validate_options has a Cognitive Complexity of 9 (exceeds 5 allowed). Consider refactoring.
Open

  def validate_options
    if datastore['USERNAME'].blank?
      fail_with(Failure::BadConfig, 'USERNAME not set')
    end
    if datastore['PASSWORD'].blank?
Severity: Minor
Found in modules/auxiliary/admin/dcerpc/cve_2022_26923_certifried.rb - About 55 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method parse_configuration has a Cognitive Complexity of 9 (exceeds 5 allowed). Consider refactoring.
Open

  def parse_configuration(data)
    configs = data.split(?\x00)

    if datastore['VERBOSE']
      vprint_status('All configuration values:')
Severity: Minor
Found in modules/auxiliary/admin/misc/sercomm_dump_config.rb - About 55 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method dump_all has a Cognitive Complexity of 9 (exceeds 5 allowed). Consider refactoring.
Open

  def dump_all
    sqli_opts = {
      truncation_length: 31, # slices of 31 bytes of the query response are returned
      encoder: :base64, # the web application messes up multibyte characters, better encode
      verbose: datastore['VERBOSE']
Severity: Minor
Found in modules/auxiliary/sqli/openemr/openemr_sqli_dump.rb - About 55 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method run_host has a Cognitive Complexity of 9 (exceeds 5 allowed). Consider refactoring.
Open

  def run_host(ip)
    open_pcap

    to = (datastore['TIMEOUT'] || 500).to_f / 1000.0
Severity: Minor
Found in modules/auxiliary/bnat/bnat_scan.rb - About 55 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method run has a Cognitive Complexity of 9 (exceeds 5 allowed). Consider refactoring.
Open

  def run
    all_regions = enumerate_regions
    if datastore['REGION'].blank?
      regions = all_regions
    elsif !all_regions.include?(datastore['REGION'])
Severity: Minor
Found in modules/auxiliary/cloud/aws/enum_ec2.rb - About 55 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method run has a Cognitive Complexity of 9 (exceeds 5 allowed). Consider refactoring.
Open

  def run
    # Attempt to crash IIS FTP
    begin
      return unless connect_login
      print_status('Checking if there is at least one directory ...')
Severity: Minor
Found in modules/auxiliary/dos/windows/ftp/iis_list_exhaustion.rb - About 55 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method scanner_postscan has a Cognitive Complexity of 9 (exceeds 5 allowed). Consider refactoring.
Open

  def scanner_postscan(batch)
    batch.each do |shost|
      next unless @results.key?(shost)
      @results[shost].each_pair do |sport, responses|
        report_service(host: shost, port: sport, proto: 'udp', info: responses.inspect, state: 'open')
Severity: Minor
Found in modules/auxiliary/scanner/udp/udp_amplification.rb - About 55 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method run has a Cognitive Complexity of 9 (exceeds 5 allowed). Consider refactoring.
Open

  def run
    @res = Net::DNS::Resolver.new()

    domain = [
    "lalundelau.sinip.es","bf2back.sinip.es","thejacksonfive.mobi",
Severity: Minor
Found in modules/auxiliary/vsploit/malware/dns/dns_mariposa.rb - About 55 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Severity
Category
Status
Source
Language