Sign upLogin

rapid7/metasploit-framework

View on GitHub
Star

Showing 16,065 of 22,177 total issues

Method init_module has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def init_module
    veeam_hostname = get_env('COMPUTERNAME')
    print_status("Hostname #{veeam_hostname} IPv4 #{rhost}")
    require_sql = action.name.downcase == 'export' || action.name.downcase == 'dump'
    get_version('VBR')
Severity: Minor
Found in modules/post/windows/gather/credentials/veeam_credential_dump.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method run has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def run
    grab_user_profiles.each do |user|
      next if user['AppData'].nil?

      tmpath = user['AppData'] + '\\SmartFTP\\Client 2.0\\Favorites'
Severity: Minor
Found in modules/post/windows/gather/credentials/smartftp.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method sql_prepare has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def sql_prepare(sql_query, target)
    target_name = target.upcase
    case target_name
    when 'VBR'
      if @vbr_db_integrated_auth
Severity: Minor
Found in modules/post/windows/gather/credentials/veeam_credential_dump.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method init_thycotic_encryption has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def init_thycotic_encryption(ss_web_path)
    print_status('Decrypt encryption.config ...')
    ss_enc_config_file = ss_web_path + 'encryption.config'
    vprint_status('Encryption configuration file path:')
    vprint_status("\t#{ss_enc_config_file}")
Severity: Minor
Found in modules/post/windows/gather/credentials/thycotic_secretserver_dump.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method enum_run_unc has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def enum_run_unc(base_key)
    full_path = base_key + '\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\RunMRU'
    vals_found = registry_enumvals(full_path)

    return [] unless vals_found
Severity: Minor
Found in modules/post/windows/gather/enum_shares.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method enumerate_tomcat has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def enumerate_tomcat(val_installpath, val_version)
    results = []
    found = false
    print_good("\t\t+ Version: #{val_version}")
    print_good("\t\t+ Path: #{val_installpath}")
Severity: Minor
Found in modules/post/windows/gather/enum_tomcat.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method read_csv_file has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def read_csv_file(file_name)
    fail_with(Msf::Exploit::Failure::NoTarget, "CSV file #{file_name} not found") unless ::File.file?(file_name)

    csv_rows = ::File.binread(file_name)
    csv = ::CSV.parse(
Severity: Minor
Found in modules/post/windows/gather/credentials/veeam_credential_dump.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method get_thycotic_database_config has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def get_thycotic_database_config(db_conf_bytes)
    res = {}
    # Burned-in static keys and IV
    aes_key = ['020216980119760c0b79017097830b1d'].pack('H*')
    aes_iv = ['7a790a22020b6eb3630cdd080310d40a'].pack('H*')
Severity: Minor
Found in modules/post/windows/gather/credentials/thycotic_secretserver_dump.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method create_des_keys has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def create_des_keys(string)
    keys = []
    string = string.dup
    until (key = string.slice!(0, 7)).empty?
      # key is 56 bits
Severity: Minor
Found in modules/post/windows/manage/hashcarve.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method decrypt_data has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def decrypt_data(data)
    mem = session.railgun.kernel32.LocalAlloc(0, data.length)['return']
    return nil if mem == 0

    session.railgun.memwrite(mem, data, data.length)
Severity: Minor
Found in modules/post/windows/gather/enum_chrome.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method run has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def run
    python_folder_path = File.basename(datastore['FILE_PATH'], File.extname(datastore['FILE_PATH']))
    python_exe_path = "#{python_folder_path}\\python.exe"
    python_url = "#{datastore['PYTHON_URL']}#{datastore['PYTHON_VERSION']}/python-#{datastore['PYTHON_VERSION']}-embed-win32.zip"
Severity: Minor
Found in modules/post/windows/manage/install_python.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method run has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def run
    # Make sure we meet the requirements before running the script, note no need to return
    # unless error
    return 0 if !(session.type == 'meterpreter' || have_powershell?)
Severity: Minor
Found in modules/post/windows/manage/powershell/exec_powershell.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method run has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def run
    # Opens memory access into the host process
    mypid = client.sys.process.getpid
    @host_process = client.sys.process.open(mypid, PROCESS_ALL_ACCESS)
    @wlanapi = client.railgun.wlanapi
Severity: Minor
Found in modules/post/windows/wlan/wlan_current_connection.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method find_required_clr has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def find_required_clr(exe_path)
    filecontent = File.read(exe_path).bytes
    sign = 'v4.0.30319'.bytes
    filecontent.each_with_index do |_item, index|
      sign.each_with_index do |subitem, indexsub|
Severity: Minor
Found in modules/post/windows/manage/execute_dotnet_assembly.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method run has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def run
    unless is_root?
      fail_with(Failure::NoAccess, 'You must run this module as root!')
    end
Severity: Minor
Found in modules/post/linux/gather/enum_psk.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method run has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def run
    clamav_socket = datastore['CLAMAV_UNIX_SOCKET']
    cmd = datastore['COMMAND']

    if command_exists?('socat')
Severity: Minor
Found in modules/post/linux/manage/disable_clamav.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method get_vmca_cert has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def get_vmca_cert
    vprint_status('Extract VMCA_ROOT key')

    unless file_exist?('/var/lib/vmware/vmca/privatekey.pem') && file_exist?('/var/lib/vmware/vmca/root.cer')
      print_error('Could not locate VMCA_ROOT keypair')
Severity: Minor
Found in modules/post/linux/gather/vcenter_secrets_dump.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method link_corrector_for has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

    def link_corrector_for(config)
      link_corrector = LinkCorrector.new(config)
      errors = []
      config.each do |page|
        unless page[:path].nil?
Severity: Minor
Found in docs/build.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method update_keystore has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def update_keystore(public_key, private_key)
    if public_key.is_a? String
      cert = validate_x509_cert(public_key)
    else
      cert = public_key
Severity: Minor
Found in modules/post/linux/gather/vcenter_secrets_dump.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method run has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def run
    user = cmd_exec('/usr/bin/whoami')
    print_good("Module running as \"#{user}\" user")

    unless is_root?
Severity: Minor
Found in modules/post/linux/gather/openvpn_credentials.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Severity
Category
Status
Source
Language