Method check has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.

Open

  def check
    kernel_version = cmd_exec('uname -v').to_s

    unless kernel_version.include?('FreeBSD')
      return CheckCode::Safe('Target system is not FreeBSD')

• Read up
  Read up

Method check has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.

Open

  def check
    [dtappgather_path, suid_bin_path].each do |path|
      unless setuid? path
        vprint_error "#{path} is not setuid"
        return CheckCode::Safe

• Read up
  Read up

Method read_until_prompt has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.

Open

  def read_until_prompt
    ::Timeout.timeout(10) do
      loop do
        res = sock.get_once
        break if res.nil?

• Read up
  Read up

Method exploit has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.

Open

  def exploit
    case target['Type']
    when :nix_stream
      print_status("Attempting to break out of FreeBSD jail by changing the root user's password, establishing an SSH session and then rewriting the original root user's password hash to /etc/master.passwd.")
      print_warning("This requires a user is authenticated to the J-Web application in order to steal a session token or successfully create one, also 'ssh root-login' has to be set to 'allow' on the device. The option 'SET_ALLOW_ROOT_LOGIN' can be set to true to attempt to set this option.")

• Read up
  Read up

Avoid deeply nested control flow statements.

Open

                  if masterList[x]["name"] == name
                    masterList[x]["path"] << server["path"].first.dup
                    masterList[x]["path"].last << name
                    unless shelled.include?(name)
                      if parse_results[0][2]==1

Method on_request_uri has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.

Open

  def on_request_uri(cli, request)

    my_target = ''
    agent = request.headers['User-Agent']

• Read up
  Read up

Method exploit has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.

Open

  def exploit
    connect
    res = sock.get_once(-1, 10)

    fail_with(Failure::Unreachable, 'Connection failed') unless res

• Read up
  Read up

Method authenticate has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.

Open

  def authenticate(username, password)
    res = send_request_cgi(
      'uri'       => '/admin_loginok.html',
      'method'    => 'POST',
      'vars_post' => {

• Read up
  Read up

Method read_output has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.

Open

  def read_output(process)
    print_status('Start reading output')
    old_timeout = client.response_timeout
    client.response_timeout = 5

• Read up
  Read up

Method check_permissions! has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.

Open

  def check_permissions!
    unless check == Exploit::CheckCode::Appears
      fail_with(Failure::NotVulnerable, 'Target is not vulnerable.')
    end
    fail_with(Failure::None, 'Already in elevated state') if is_admin? || is_system?

• Read up
  Read up

Method check_permissions! has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.

Open

  def check_permissions!
    fail_with(Failure::None, 'Already in elevated state') if is_admin? || is_system?

    # Check if you are an admin
    vprint_status('Checking admin status...')

• Read up
  Read up

Method assign_target has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.

Open

  def assign_target
    if is_system?
      fail_with(Failure::None, 'Session is already elevated')
    end

• Read up
  Read up

Method exploit has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.

Open

  def exploit
    # Make sure we have a sane payload configuration
    if sysinfo['Architecture'] != payload_instance.arch.first
      fail_with(Failure::BadConfig, "#{payload_instance.arch.first} payload selected for #{sysinfo['Architecture']} system")
    end

• Read up
  Read up

Method check_permissions! has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.

Open

  def check_permissions!
    unless check == Exploit::CheckCode::Appears
      fail_with(Failure::NotVulnerable, 'Target is not vulnerable.')
    end
    fail_with(Failure::None, 'Already in elevated state') if is_admin? || is_system?

• Read up
  Read up

Method exploit has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.

Open

  def exploit
    if is_system?
      fail_with(Failure::None, 'Session is already elevated')
    end

• Read up
  Read up

Method exploit has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.

Open

  def exploit
    vuln_status = check
    fail_with(Failure::NotVulnerable, 'Failed to detect Windows 10') if vuln_status == CheckCode::Unknown

    fail_with(Failure::None, 'Already running with SYSTEM privileges') if is_system?

• Read up
  Read up

Avoid deeply nested control flow statements.

Open

            break if session_created?

Method monitor_tiworker has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.

Open

  def monitor_tiworker
    print_warning("TiWorker.exe is already running on the target. The module will monitor the process every 10 seconds for up to #{wait_for_tiworker} minute(s)...")
    wait_time_left = wait_for_tiworker
    sleep_time = 0
    while wait_time_left > 0

• Read up
  Read up

Method exploit has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.

Open

  def exploit
    if is_system?
      fail_with(Failure::None, 'Session is already elevated')
    end

• Read up
  Read up

Method exploit has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.

Open

  def exploit
    temp_dir = ""

    print_status("Opening named pipe...")
    handle = open_named_pipe("\\\\.\\pipe\\acsipc_server")

• Read up
  Read up