Sign upLogin

rapid7/metasploit-framework

View on GitHub
Star

Showing 16,065 of 22,177 total issues

Method enum_perms has a Cognitive Complexity of 9 (exceeds 5 allowed). Consider refactoring.
Open

  def enum_perms(perm_filter, token, depth, paths)
    paths.each do |path|
      next if path.empty?

      path = path.strip
Severity: Minor
Found in modules/post/windows/gather/enum_dirperms.rb - About 55 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method display_report has a Cognitive Complexity of 9 (exceeds 5 allowed). Consider refactoring.
Open

  def display_report(sid, info, sync_used, sync_all, results_table)
    info.each do |key, result|
      next if result['ScopeIdToMountPointPathCache'].nil? || result['ScopeIdToMountPointPathCache'].empty?

      row = []
Severity: Minor
Found in modules/post/windows/gather/enum_onedrive.rb - About 55 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method print_device has a Cognitive Complexity of 9 (exceeds 5 allowed). Consider refactoring.
Open

  def print_device(devname)
    ioctl_disk_get_drive_geometry_ex = 0x000700A0
    ioctl_disk_get_partition_info = 0x00074004
    removable = 0x0b
    fixed = 0x0c
Severity: Minor
Found in modules/post/windows/gather/forensics/enum_drives.rb - About 55 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method run has a Cognitive Complexity of 9 (exceeds 5 allowed). Consider refactoring.
Open

  def run
    # Check if Exchange Server is installed on the target by checking the registry
    if registry_key_exist?('HKLM\Software\Microsoft\ExchangeServer')
      print_good('Exchange Server is present on target machine')
    else
Severity: Minor
Found in modules/post/windows/gather/exchange.rb - About 55 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method run has a Cognitive Complexity of 9 (exceeds 5 allowed). Consider refactoring.
Open

  def run
    max_search = datastore['MAX_SEARCH']
    user_fields = ['cn', 'manager', 'description', 'title', 'telephoneNumber', 'department', 'division', 'userPrincipalName', 'company']

    begin
Severity: Minor
Found in modules/post/windows/gather/make_csv_orgchart.rb - About 55 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method run has a Cognitive Complexity of 9 (exceeds 5 allowed). Consider refactoring.
Open

  def run
    domain ||= datastore['DOMAIN']
    domain ||= get_domain

    fields = ['cn', 'servicePrincipalName']
Severity: Minor
Found in modules/post/windows/gather/enum_ad_service_principal_names.rb - About 55 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method run has a Cognitive Complexity of 9 (exceeds 5 allowed). Consider refactoring.
Open

  def run
    steamappdata = 'SteamAppData.vdf'
    steamconfig = 'config.vdf'
    u_rx = /AutoLoginUser\W*"(.*)"/
Severity: Minor
Found in modules/post/windows/gather/credentials/steam.rb - About 55 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method run has a Cognitive Complexity of 9 (exceeds 5 allowed). Consider refactoring.
Open

  def run
    # Set instance name (if specified)
    instance = datastore['INSTANCE'].to_s

    # Display target
Severity: Minor
Found in modules/post/windows/gather/credentials/mssql_local_hashdump.rb - About 55 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method process_hashes_and_versions has a Cognitive Complexity of 9 (exceeds 5 allowed). Consider refactoring.
Open

  def process_hashes_and_versions(hashes_and_versions)
    hashes_and_versions.each do |hash, version|
      if version >= VERSION_5 && version < VERSION_6
        hashtype = 'md5u'
        version_name = 'v5'
Severity: Minor
Found in modules/post/windows/gather/credentials/mcafee_vse_hashdump.rb - About 55 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method init_wug_db has a Cognitive Complexity of 9 (exceeds 5 allowed). Consider refactoring.
Open

  def init_wug_db
    print_status('Init WhatsUp Gold SQL ...')
    if datastore['MSSQL_INSTANCE'] && datastore['MSSQL_DB']
      print_status('MSSQL_INSTANCE and MSSQL_DB advanced options set, connect to SQL using SSPI')
      db_instance_path = datastore['MSSQL_INSTANCE']
Severity: Minor
Found in modules/post/windows/gather/credentials/whatsupgold_credential_dump.rb - About 55 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method run has a Cognitive Complexity of 9 (exceeds 5 allowed). Consider refactoring.
Open

  def run
    init_module
    current_action = action.name.downcase
    if current_action == 'export' || current_action == 'dump'
      print_status('Performing export of WhatsUp Gold SQL database to CSV file')
Severity: Minor
Found in modules/post/windows/gather/credentials/whatsupgold_credential_dump.rb - About 55 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method run has a Cognitive Complexity of 9 (exceeds 5 allowed). Consider refactoring.
Open

  def run
    # Checks if the Site data is stored in a generic location  for all users
    flash_reg = 'HKLM\\SOFTWARE\\FlashFXP'
    flash_reg_ver = registry_enumkeys(flash_reg.to_s)
Severity: Minor
Found in modules/post/windows/gather/credentials/flashfxp.rb - About 55 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method plunder has a Cognitive Complexity of 9 (exceeds 5 allowed). Consider refactoring.
Open

  def plunder(rowset)
    rowset.each_with_index do |row, idx|
      next if idx == 0 # Skip header row

      next unless (loot_pass = row['Plaintext'])
Severity: Minor
Found in modules/post/windows/gather/credentials/veeam_credential_dump.rb - About 55 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method dpapi_decrypt has a Cognitive Complexity of 9 (exceeds 5 allowed). Consider refactoring.
Open

  def dpapi_decrypt(b64, entropy)
    unless b64.match?(%r{^[-A-Za-z0-9+/]*={0,3}$})
      print_error('DPAPI decrypt: invalid Base64 ciphertext')
      return nil
    end
Severity: Minor
Found in modules/post/windows/gather/credentials/solarwinds_orion_dump.rb - About 55 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method init_veeam_db has a Cognitive Complexity of 9 (exceeds 5 allowed). Consider refactoring.
Open

  def init_veeam_db
    print_status('Get Veeam SQL Parameters ...')
    if vbr?
      if datastore['VBR_MSSQL_INSTANCE'] && datastore['VBR_MSSQL_DB']
        print_status('VBR_MSSQL_INSTANCE and VBR_MSSQL_DB advanced options set, connect to VBR SQL using SSPI')
Severity: Minor
Found in modules/post/windows/gather/credentials/veeam_credential_dump.rb - About 55 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method parse_prefs has a Cognitive Complexity of 9 (exceeds 5 allowed). Consider refactoring.
Open

  def parse_prefs(username, filepath)
    prefs = ''
    File.open(filepath, 'rb') do |f|
      prefs = f.read
    end
Severity: Minor
Found in modules/post/windows/gather/enum_chrome.rb - About 55 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method modify_user_key has a Cognitive Complexity of 9 (exceeds 5 allowed). Consider refactoring.
Open

  def modify_user_key(hbootkey, rid, user, nthash, lmhash)
    hoff = user[0x9c, 4].unpack('V')[0] + 0xcc
    # Check if hashes exist (if 20, then we've got a hash)
    lm_exists = user[0x9c + 4, 4].unpack('V')[0] == 20
    nt_exists = user[0x9c + 16, 4].unpack('V')[0] == 20
Severity: Minor
Found in modules/post/windows/manage/hashcarve.rb - About 55 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method run has a Cognitive Complexity of 9 (exceeds 5 allowed). Consider refactoring.
Open

  def run
    usr_tbl = Rex::Text::Table.new(
      'Header' => 'Current User',
      'Indent' => 1,
      'Columns' => ['Is Admin', 'Is System', 'Is In Local Admin Group', 'UAC Enabled', 'Foreground ID', 'UID']
Severity: Minor
Found in modules/post/windows/gather/win_privs.rb - About 55 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method community_strings has a Cognitive Complexity of 9 (exceeds 5 allowed). Consider refactoring.
Open

  def community_strings
    print_status('Enumerating community strings')
    key = 'HKLM\\System\\CurrentControlSet\\Services\\SNMP\\Parameters\\ValidCommunities'

    unless registry_key_exist?(key)
Severity: Minor
Found in modules/post/windows/gather/enum_snmp.rb - About 55 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method run has a Cognitive Complexity of 9 (exceeds 5 allowed). Consider refactoring.
Open

  def run
    hostname = sysinfo.nil? ? cmd_exec('hostname') : sysinfo['Computer']
    print_status("Running module against #{hostname} (#{session.session_host})")

    group = datastore['GROUP']
Severity: Minor
Found in modules/post/windows/gather/enum_domain_group_users.rb - About 55 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Severity
Category
Status
Source
Language