Sign upLogin

rapid7/metasploit-framework

View on GitHub
Star

Showing 16,065 of 22,177 total issues

Method run has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.
Open

  def run
    unless session.commands.include?(Rex::Post::Meterpreter::Extensions::Extapi::COMMAND_ID_EXTAPI_WMI_QUERY)
      fail_with(Failure::NoTarget, 'Session does not support Meterpreter ExtAPI WMI queries')
    end
Severity: Minor
Found in modules/post/windows/gather/enum_patches.rb - About 45 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method run has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.
Open

  def run
    unless check
      fail_with Failure::NotVulnerable, 'Target is not vulnerable'
    end
Severity: Minor
Found in modules/post/solaris/escalate/srsexec_readline.rb - About 45 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Avoid deeply nested control flow statements.
Open

            if version.build_number.between?(Msf::WindowsVersion::Server2008_SP0, Msf::WindowsVersion::Server2012_R2) && version.windows_server?
              move_to_sys
              file_local_write(pwdfile, inject_hashdump)
            else
              print_error('Could not get NTDS hashes!')
Severity: Major
Found in modules/post/windows/gather/smart_hashdump.rb - About 45 mins to fix

    Method virtualbox? has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.
    Open

      def virtualbox?
    vboxprocs = [
      'vboxservice.exe',
      'vboxtray.exe'
    ]
    Severity: Minor
    Found in modules/post/windows/gather/checkvm.rb - About 45 mins to fix

    Cognitive Complexity

    Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

    A method's cognitive complexity is based on a few simple rules:

    • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
    • Code is considered more complex for each "break in the linear flow of the code"
    • Code is considered more complex when "flow breaking structures are nested"

    Further reading

    Avoid deeply nested control flow statements.
    Open

              if migrate_system
            print_status('Trying to get SYSTEM privilege')
            results = session.priv.getsystem
            if results[0]
              print_good('Got SYSTEM privilege')
    Severity: Major
    Found in modules/post/windows/gather/smart_hashdump.rb - About 45 mins to fix

      Method decrypt_user_keys has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.
      Open

        def decrypt_user_keys(hbootkey, users)
    users.each_key do |rid|
      user = users[rid]

      hashlm_enc = ''
      Severity: Minor
      Found in modules/post/windows/gather/smart_hashdump.rb - About 45 mins to fix

      Cognitive Complexity

      Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

      A method's cognitive complexity is based on a few simple rules:

      • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
      • Code is considered more complex for each "break in the linear flow of the code"
      • Code is considered more complex when "flow breaking structures are nested"

      Further reading

      Avoid deeply nested control flow statements.
      Open

            elsif migrate_system
        print_status('Trying to get SYSTEM privilege')
        results = session.priv.getsystem
        if results[0]
          print_good('Got SYSTEM privilege')
      Severity: Major
      Found in modules/post/windows/gather/smart_hashdump.rb - About 45 mins to fix

        Method connect has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.
        Open

          def connect(host)
    if @adv.nil?
      return
    end
        Severity: Minor
        Found in modules/post/windows/gather/local_admin_search_enum.rb - About 45 mins to fix

        Cognitive Complexity

        Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

        A method's cognitive complexity is based on a few simple rules:

        • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
        • Code is considered more complex for each "break in the linear flow of the code"
        • Code is considered more complex when "flow breaking structures are nested"

        Further reading

        Avoid deeply nested control flow statements.
        Open

                      if (loc['flags'] & 0x01) > 0

                @data_out += "\tShortcut file is on a local volume.\n"

                lnk_file.sysseek(offset + loc['vol_ofs'], ::IO::SEEK_SET)
        Severity: Major
        Found in modules/post/windows/gather/dumplinks.rb - About 45 mins to fix

          Method run has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.
          Open

            def run
    domain = get_domain_name

    fail_with(Failure::Unknown, 'Could not retrieve domain name. Is the host part of a domain?') unless domain && !domain.empty?
          Severity: Minor
          Found in modules/post/windows/gather/enum_domain.rb - About 45 mins to fix

          Cognitive Complexity

          Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

          A method's cognitive complexity is based on a few simple rules:

          • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
          • Code is considered more complex for each "break in the linear flow of the code"
          • Code is considered more complex when "flow breaking structures are nested"

          Further reading

          Avoid deeply nested control flow statements.
          Open

                    next if ['.', '..'].include?(file)
          Severity: Major
          Found in modules/post/windows/gather/get_bookmarks.rb - About 45 mins to fix

            Avoid deeply nested control flow statements.
            Open

                      if !imap_use_spa.nil? # Account for SPA (NTLM auth)
            print_status('     Secure Password Authentication (SPA): Enabled')
          end
            Severity: Major
            Found in modules/post/windows/gather/credentials/outlook.rb - About 45 mins to fix

              Method enum_users has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.
              Open

                def enum_users
    users = []
    userinfo = {}
    session.sys.config.getuid
    userpath = nil
              Severity: Minor
              Found in modules/post/windows/gather/dumplinks.rb - About 45 mins to fix

              Cognitive Complexity

              Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

              A method's cognitive complexity is based on a few simple rules:

              • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
              • Code is considered more complex for each "break in the linear flow of the code"
              • Code is considered more complex when "flow breaking structures are nested"

              Further reading

              Method run has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.
              Open

                def run
    fields = datastore['FIELDS'].gsub(/\s+/, '').split(',')
    search_filter = datastore['FILTER']
    max_search = datastore['MAX_SEARCH']
              Severity: Minor
              Found in modules/post/windows/gather/enum_ad_bitlocker.rb - About 45 mins to fix

              Cognitive Complexity

              Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

              A method's cognitive complexity is based on a few simple rules:

              • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
              • Code is considered more complex for each "break in the linear flow of the code"
              • Code is considered more complex when "flow breaking structures are nested"

              Further reading

              Method run has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.
              Open

                def run
    @user_fields = USER_FIELDS.dup

    if datastore['ADDITIONAL_FIELDS']
      additional_fields = datastore['ADDITIONAL_FIELDS'].gsub(/\s+/, '').split(',')
              Severity: Minor
              Found in modules/post/windows/gather/enum_ad_managedby_groups.rb - About 45 mins to fix

              Cognitive Complexity

              Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

              A method's cognitive complexity is based on a few simple rules:

              • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
              • Code is considered more complex for each "break in the linear flow of the code"
              • Code is considered more complex when "flow breaking structures are nested"

              Further reading

              Method get_onedrive_accounts has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.
              Open

                def get_onedrive_accounts(reg, accounts, syncdata)
    all_oda = {}
    synctargets_used = []
    ret = {}
    reg.each do |ses|
              Severity: Minor
              Found in modules/post/windows/gather/enum_onedrive.rb - About 45 mins to fix

              Cognitive Complexity

              Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

              A method's cognitive complexity is based on a few simple rules:

              • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
              • Code is considered more complex for each "break in the linear flow of the code"
              • Code is considered more complex when "flow breaking structures are nested"

              Further reading

              Avoid deeply nested control flow statements.
              Open

                          if http_server_url.include? "h\x00t\x00t\x00p\x00s"
              portnum = 443
            else
              portnum = 80
            end
              Severity: Major
              Found in modules/post/windows/gather/credentials/outlook.rb - About 45 mins to fix

                Method enum_users has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.
                Open

                  def enum_users
    users = []

    system_drive = get_env('SystemDrive').to_s.strip
                Severity: Minor
                Found in modules/post/windows/gather/enum_powershell_env.rb - About 45 mins to fix

                Cognitive Complexity

                Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                A method's cognitive complexity is based on a few simple rules:

                • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                • Code is considered more complex for each "break in the linear flow of the code"
                • Code is considered more complex when "flow breaking structures are nested"

                Further reading

                Avoid deeply nested control flow statements.
                Open

                              if loc['base_ofs'] > 0
                @data_out += get_target_path(loc['base_ofs'] + offset, lnk_file)
              elsif loc['path_ofs'] > 0
                @data_out += get_target_path(loc['path_ofs'] + offset, lnk_file)
              end
                Severity: Major
                Found in modules/post/windows/gather/dumplinks.rb - About 45 mins to fix

                  Avoid deeply nested control flow statements.
                  Open

                                if (loc['flags'] & 0x02) > 0

                @data_out += "\tFile is on a network share.\n"

                lnk_file.sysseek(offset + loc['network_ofs'], ::IO::SEEK_SET)
                  Severity: Major
                  Found in modules/post/windows/gather/dumplinks.rb - About 45 mins to fix
                    Severity
                    Category
                    Status
                    Source
                    Language