Issues - rapid7/metasploit-framework

File `firefox_creds.rb` has 580 lines of code (exceeds 250 allowed). Consider refactoring.
Open

require 'tmpdir'

#
# Gems
#

Found in modules/post/multi/gather/firefox_creds.rb - About 1 day to fix

Method `command_string` has 247 lines of code (exceeds 25 allowed). Consider refactoring.
Open

  def command_string
    if (datastore['JOBNAME'] == "DUMMY") && !datastore['FTPUSER'].nil?
      datastore['JOBNAME'] = (datastore['FTPUSER'] + "1").strip.upcase
    end
    lhost = Rex::Socket.resolv_nbo(datastore['LHOST'])

Found in modules/payloads/singles/cmd/mainframe/bind_shell_jcl.rb - About 1 day to fix

Method `osx_capture_media` has 247 lines of code (exceeds 25 allowed). Consider refactoring.
Open

  def osx_capture_media(opts)
    capture_code = <<-EOS
#{osx_ruby_dl_header}

options = {

Found in lib/msf/core/post/osx/ruby_dl.rb - About 1 day to fix

Method `mssql_login` has 246 lines of code (exceeds 25 allowed). Consider refactoring.
Open

        def mssql_login(user='sa', pass='', db='', domain_name='')
          prelogin_data = mssql_prelogin
          if auth == Msf::Exploit::Remote::AuthOption::KERBEROS
            idx = 0
            pkt = ''

Found in lib/rex/proto/mssql/client.rb - About 1 day to fix

Method `get_registry` has 245 lines of code (exceeds 25 allowed). Consider refactoring.
Open

  def get_registry(outlook_ver)
    # Determine if saved accounts exist within Outlook.  Ignore the Address Book and Personal Folder registry entries.
    outlook_exists = 0
    saved_accounts = 0

Found in modules/post/windows/gather/credentials/outlook.rb - About 1 day to fix

File `protocol.rb` has 575 lines of code (exceeds 250 allowed). Consider refactoring.
Open

require "socket"
require "timeout"
require "digest/sha1"
require "stringio"

Found in lib/rbmysql/protocol.rb - About 1 day to fix

Method `run` has 241 lines of code (exceeds 25 allowed). Consider refactoring.
Open

  def run
    vprint_status("#{peer} - Checking ")
    # since we will check res to see if auth was a success, make sure to capture the return
    res = send_request_cgi(
      'uri' => normalize_uri(target_uri.path),

Found in modules/auxiliary/gather/prometheus_node_exporter_gather.rb - About 1 day to fix

Method `run_host` has 240 lines of code (exceeds 25 allowed). Consider refactoring.
Open

  def run_host(ip)
    # Force http verb to be upper-case, because otherwise some web servers such as
    # Apache might throw you a 501
    http_method = datastore['METHOD'].upcase

Found in modules/auxiliary/scanner/http/blind_sql_query.rb - About 1 day to fix

File `message.rb` has 566 lines of code (exceeds 250 allowed). Consider refactoring.
Open

require 'postgres_msf'
require 'postgres/buffer'
require 'rex/io/stream'

# Monkeypatch to preserve original code intent

Found in lib/postgres/postgres-pr/message.rb - About 1 day to fix

File `userspec_generic.py` has 564 lines of code (exceeds 250 allowed). Consider refactoring.
Open

#!/usr/bin/python
'''
Exploit for CVE-2021-3156 with struct userspec overwrite by sleepya

From https://github.com/worawit/CVE-2021-3156

Found in data/exploits/CVE-2021-3156/userspec_generic.py - About 1 day to fix

Method `initialize` has 238 lines of code (exceeds 25 allowed). Consider refactoring.
Open

  def initialize(info = {})
    super(
      update_info(
        info,
        'Name' => 'Cisco RV110W/RV130(W)/RV215W Routers Management Interface Remote Command Execution',

Found in modules/exploits/linux/http/cve_2019_1663_cisco_rmi_rce.rb - About 1 day to fix

File `client_core.rb` has 562 lines of code (exceeds 250 allowed). Consider refactoring.
Open

require 'rex/post/meterpreter/packet'
require 'rex/post/meterpreter/core_ids'
require 'rex/post/meterpreter/extension'
require 'rex/post/meterpreter/extension_mapper'
require 'rex/post/meterpreter/client'

Found in lib/rex/post/meterpreter/client_core.rb - About 1 day to fix

Method `run` has 237 lines of code (exceeds 25 allowed). Consider refactoring.
Open

  def run
    if ! @telephony_loaded
      print_error("The Telephony module is not available: #{@telephony_error}")
      raise RuntimeError, "Telephony not available"
    end

Found in modules/auxiliary/scanner/telephony/wardial.rb - About 1 day to fix

File `Program.cs` has 559 lines of code (exceeds 250 allowed). Consider refactoring.
Open

using System;
using System.IO;
using System.Runtime.InteropServices;
using System.Text;

Found in external/source/exploits/CVE-2020-17136/POC_CloudFilter_ArbitraryFile_EoP/Program.cs - About 1 day to fix

File `weblogic_deserialize_unicastref.rb` has 558 lines of code (exceeds 250 allowed). Consider refactoring.
Open

class MetasploitModule < Msf::Exploit::Remote
  Rank = ExcellentRanking

  include Msf::Exploit::Remote::Tcp
  include Msf::Exploit::Remote::TcpServer

Found in modules/exploits/multi/misc/weblogic_deserialize_unicastref.rb - About 1 day to fix

Method `exploit` has 234 lines of code (exceeds 25 allowed). Consider refactoring.
Open

  def exploit
    main = %q^
/*
* Exploit Title: pkexec Race condition (CVE-2011-1485) exploit
* Author: xi4oyu

Found in modules/exploits/linux/local/pkexec.rb - About 1 day to fix

Class `Core` has 64 methods (exceeds 20 allowed). Consider refactoring.
Open

class Console::CommandDispatcher::Core

  include Console::CommandDispatcher

  #

Found in lib/rex/post/meterpreter/ui/console/command_dispatcher/core.rb - About 1 day to fix

File `nexpose.rb` has 553 lines of code (exceeds 250 allowed). Consider refactoring.
Open

require 'English'
require 'nexpose'

module Msf
  Nexpose_yaml = "#{Msf::Config.config_directory}/nexpose.yaml".freeze # location of the nexpose.yml containing saved nexpose creds

Found in plugins/nexpose.rb - About 1 day to fix

File `nexpose_raw_document.rb` has 553 lines of code (exceeds 250 allowed). Consider refactoring.
Open

require "rex/parser/nokogiri_doc_mixin"
require "date"

module Rex
  module Parser

Found in lib/rex/parser/nexpose_raw_document.rb - About 1 day to fix

File `weblogic_deserialize_badattr_extcomp.rb` has 551 lines of code (exceeds 250 allowed). Consider refactoring.
Open

class MetasploitModule < Msf::Exploit::Remote
  Rank = NormalRanking

  include Msf::Exploit::Remote::Tcp
  include Msf::Exploit::CmdStager

Found in modules/exploits/multi/misc/weblogic_deserialize_badattr_extcomp.rb - About 1 day to fix

rapid7/metasploit-framework

Showing 4,139 of 21,886 total issues

File `firefox_creds.rb` has 580 lines of code (exceeds 250 allowed). Consider refactoring.
Open

Method `command_string` has 247 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `osx_capture_media` has 247 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `mssql_login` has 246 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `get_registry` has 245 lines of code (exceeds 25 allowed). Consider refactoring.
Open

File `protocol.rb` has 575 lines of code (exceeds 250 allowed). Consider refactoring.
Open

Method `run` has 241 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `run_host` has 240 lines of code (exceeds 25 allowed). Consider refactoring.
Open

File `message.rb` has 566 lines of code (exceeds 250 allowed). Consider refactoring.
Open

File `userspec_generic.py` has 564 lines of code (exceeds 250 allowed). Consider refactoring.
Open

Method `initialize` has 238 lines of code (exceeds 25 allowed). Consider refactoring.
Open

File `client_core.rb` has 562 lines of code (exceeds 250 allowed). Consider refactoring.
Open

Method `run` has 237 lines of code (exceeds 25 allowed). Consider refactoring.
Open

File `Program.cs` has 559 lines of code (exceeds 250 allowed). Consider refactoring.
Open

File `weblogic_deserialize_unicastref.rb` has 558 lines of code (exceeds 250 allowed). Consider refactoring.
Open

Method `exploit` has 234 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Class `Core` has 64 methods (exceeds 20 allowed). Consider refactoring.
Open

File `nexpose.rb` has 553 lines of code (exceeds 250 allowed). Consider refactoring.
Open

File `nexpose_raw_document.rb` has 553 lines of code (exceeds 250 allowed). Consider refactoring.
Open

File `weblogic_deserialize_badattr_extcomp.rb` has 551 lines of code (exceeds 250 allowed). Consider refactoring.
Open

Severity

Category

Status

Source

Language

rapid7/metasploit-framework

Showing 4,139 of 21,886 total issues

File firefox_creds.rb has 580 lines of code (exceeds 250 allowed). Consider refactoring. Open

Method command_string has 247 lines of code (exceeds 25 allowed). Consider refactoring. Open

Method osx_capture_media has 247 lines of code (exceeds 25 allowed). Consider refactoring. Open

Method mssql_login has 246 lines of code (exceeds 25 allowed). Consider refactoring. Open

Method get_registry has 245 lines of code (exceeds 25 allowed). Consider refactoring. Open

File protocol.rb has 575 lines of code (exceeds 250 allowed). Consider refactoring. Open

Method run has 241 lines of code (exceeds 25 allowed). Consider refactoring. Open

Method run_host has 240 lines of code (exceeds 25 allowed). Consider refactoring. Open

File message.rb has 566 lines of code (exceeds 250 allowed). Consider refactoring. Open

File userspec_generic.py has 564 lines of code (exceeds 250 allowed). Consider refactoring. Open

Method initialize has 238 lines of code (exceeds 25 allowed). Consider refactoring. Open

File client_core.rb has 562 lines of code (exceeds 250 allowed). Consider refactoring. Open

Method run has 237 lines of code (exceeds 25 allowed). Consider refactoring. Open

File Program.cs has 559 lines of code (exceeds 250 allowed). Consider refactoring. Open

File weblogic_deserialize_unicastref.rb has 558 lines of code (exceeds 250 allowed). Consider refactoring. Open

Method exploit has 234 lines of code (exceeds 25 allowed). Consider refactoring. Open

Class Core has 64 methods (exceeds 20 allowed). Consider refactoring. Open

File nexpose.rb has 553 lines of code (exceeds 250 allowed). Consider refactoring. Open

File nexpose_raw_document.rb has 553 lines of code (exceeds 250 allowed). Consider refactoring. Open

File weblogic_deserialize_badattr_extcomp.rb has 551 lines of code (exceeds 250 allowed). Consider refactoring. Open

Severity

Category

Status

Source

Language

File `firefox_creds.rb` has 580 lines of code (exceeds 250 allowed). Consider refactoring.
Open

Method `command_string` has 247 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `osx_capture_media` has 247 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `mssql_login` has 246 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `get_registry` has 245 lines of code (exceeds 25 allowed). Consider refactoring.
Open

File `protocol.rb` has 575 lines of code (exceeds 250 allowed). Consider refactoring.
Open

Method `run` has 241 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Method `run_host` has 240 lines of code (exceeds 25 allowed). Consider refactoring.
Open

File `message.rb` has 566 lines of code (exceeds 250 allowed). Consider refactoring.
Open

File `userspec_generic.py` has 564 lines of code (exceeds 250 allowed). Consider refactoring.
Open

Method `initialize` has 238 lines of code (exceeds 25 allowed). Consider refactoring.
Open

File `client_core.rb` has 562 lines of code (exceeds 250 allowed). Consider refactoring.
Open

Method `run` has 237 lines of code (exceeds 25 allowed). Consider refactoring.
Open

File `Program.cs` has 559 lines of code (exceeds 250 allowed). Consider refactoring.
Open

File `weblogic_deserialize_unicastref.rb` has 558 lines of code (exceeds 250 allowed). Consider refactoring.
Open

Method `exploit` has 234 lines of code (exceeds 25 allowed). Consider refactoring.
Open

Class `Core` has 64 methods (exceeds 20 allowed). Consider refactoring.
Open

File `nexpose.rb` has 553 lines of code (exceeds 250 allowed). Consider refactoring.
Open

File `nexpose_raw_document.rb` has 553 lines of code (exceeds 250 allowed). Consider refactoring.
Open

File `weblogic_deserialize_badattr_extcomp.rb` has 551 lines of code (exceeds 250 allowed). Consider refactoring.
Open