Sign upLogin

rapid7/metasploit-framework

View on GitHub
Star

Showing 16,065 of 22,177 total issues

Method unshadow has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def unshadow(pf, sf)
    unshadowed = ''
    sf.each_line do |sl|
      pass = sl.scan(/^\w*:([^:]*)/).join
      next unless pass !~ /^\*LK\*|^NP/
Severity: Minor
Found in modules/post/solaris/gather/hashdump.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method run has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def run
    @user_fields = USER_FIELDS.dup

    if datastore['ADDITIONAL_FIELDS']
      additional_fields = datastore['ADDITIONAL_FIELDS'].gsub(/\s+/, '').split(',')
Severity: Minor
Found in modules/post/windows/gather/enum_ad_users.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method find_mysql_conf has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def find_mysql_conf(val_location)
    data = nil
    if exist?(val_location + '\\my.ini')
      data = read_file(val_location + '\\my.ini')
    elsif exist?(val_location + '\\my.cnf')
Severity: Minor
Found in modules/post/windows/gather/enum_db.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method run has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def run
    grab_user_profiles.each do |userprofile|
      next if userprofile['AppData'].blank?

      history_path = userprofile['AppData'] + '\\Microsoft\\Windows\\PowerShell\\PSReadline\\ConsoleHost_history.txt'
Severity: Minor
Found in modules/post/windows/gather/psreadline_history.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method run has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def run
    artifacts =
      [
        'HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\MediaResources\"acm"',
        'HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\MediaResources\acm\ECELP4',
Severity: Minor
Found in modules/post/windows/gather/forensics/fanny_bmp_check.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method jack_wallet has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def jack_wallet(wallet_path)
    data = ''
    wallet_type = case wallet_path
                  when /\.wallet$/
                    :armory
Severity: Minor
Found in modules/post/windows/gather/bitcoin_jacker.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method get_bookmarks has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def get_bookmarks(path)
    bookmarks = []

    if !directory?(path)
      return bookmarks
Severity: Minor
Found in modules/post/windows/gather/credentials/bulletproof_ftp.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method get_profiles has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def get_profiles
    profiles = []
    grab_user_profiles.each do |user|
      next unless user['ProfileDir']
Severity: Minor
Found in modules/post/windows/gather/credentials/razorsql.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method resolve_host has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def resolve_host(host)
    vprint_status("Looking up IP for #{host}")
    return host if Rex::Socket.dotted_ip?(host)

    ip = []
Severity: Minor
Found in modules/post/windows/gather/enum_computers.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method find_user_names has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def find_user_names
    user_names = []
    user_homedir_paths = []
    user_sids = []
Severity: Minor
Found in modules/post/windows/gather/enum_muicache.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method run has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def run
    # sadly OptPath does not work, so we check manually if it exists
    if !file_exist?(datastore['FILE'])
      print_error('Remote file does not exist!')
      return
Severity: Minor
Found in modules/post/windows/gather/word_unc_injector.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method run has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def run
    hostname = sysinfo.nil? ? cmd_exec('hostname') : sysinfo['Computer']
    print_status("Running module against #{hostname} (#{session.session_host})")

    if datastore['CURRENT']
Severity: Minor
Found in modules/post/windows/gather/enum_logged_on_users.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method init_module has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def init_module
    wug_hostname = get_env('COMPUTERNAME')
    print_status("Hostname #{wug_hostname} IPv4 #{rhost}")
    current_action = action.name.downcase
    require_sql = current_action == 'export' || current_action == 'dump'
Severity: Minor
Found in modules/post/windows/gather/credentials/whatsupgold_credential_dump.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method dump_wug_db has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def dump_wug_db
    sql_query = "SET NOCOUNT ON;
      SELECT
        ct.nCredentialTypeID nCredentialTypeID,
        CONVERT(VARBINARY(1024),ct.sDisplayName) DisplayName,
Severity: Minor
Found in modules/post/windows/gather/credentials/whatsupgold_credential_dump.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method get_config_creds has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def get_config_creds(salt)
    users = []
    appdatapath = expand_path('%AppData%') + '\\Skype'
    print_status('Checking for config files in %APPDATA%')
    users = get_config_users(appdatapath)
Severity: Minor
Found in modules/post/windows/gather/credentials/skype.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method parse_bookmarks has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def parse_bookmarks(bookmarks)
    result = []
    protocol_hash = { '#109#0' => 'ssh', '#98#1' => 'telnet', '#128#5' => 'vnc', '#140#7' => 'sftp', '#130#6' => 'ftp', '#100#2' => 'rsh', '#91#4' => 'rdp' }
    bookmarks.each_key do |key|
      next if key.eql?('ImgNum') || key.eql?('SubRep') || bookmarks[key].empty?
Severity: Minor
Found in modules/post/windows/gather/credentials/moba_xterm.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method get_version has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def get_version(target)
    target_name = target.upcase
    case target_name
    when 'VBR'
      return nil unless (vbr_path = get_install_path('VBR'))
Severity: Minor
Found in modules/post/windows/gather/credentials/veeam_credential_dump.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method dump_thycotic_db has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def dump_thycotic_db
    if @ss_build <= 8.7 # REALLY old-style: ItemKey and MekIV do not exist
      sql_query = 'SET NOCOUNT ON;SELECT s.SecretID,s.Active,CONVERT(VARBINARY(256),t.SecretTypeName) SecretType,
        CONVERT(VARBINARY(256),s.SecretName) SecretName,i.IsEncrypted,i.IsSalted,i.Use256Key,
        CONVERT(VARBINARY(256),f.SecretFieldName) SecretFieldName,i.ItemValue,i.ItemValue2,i.IV
Severity: Minor
Found in modules/post/windows/gather/credentials/thycotic_secretserver_dump.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method get_vbr_database_config has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def get_vbr_database_config
    # Bog-standard MachineKey DPAPI with no additional entropy
    reg_key = 'HKLM\\SOFTWARE\\Veeam\\Veeam Backup and Replication'
    fail_with(Msf::Exploit::Failure::NoTarget, "Could not read #{reg_key}") unless registry_key_exist?(reg_key)
Severity: Minor
Found in modules/post/windows/gather/credentials/veeam_credential_dump.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method read_csv_file has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def read_csv_file(file_name)
    unless File.exist?(file_name)
      print_error("CSV file #{file_name} not found")
      return false
    end
Severity: Minor
Found in modules/post/windows/gather/credentials/thycotic_secretserver_dump.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Severity
Category
Status
Source
Language