Sign upLogin

rapid7/metasploit-framework

View on GitHub
Star

Showing 16,065 of 22,177 total issues

Method parse_username_from_config has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

  def parse_username_from_config(line)
    # Ugly but effective way to extract the principal name from a config line for loot storage
    # The whitespace prefixed to ' user' is intentional so that it does not clobber other parameters with 'user' in the pattern
    [' user', 'userName', '-clientID', '-bindDN', '-ldapBindDn'].each do |user_param|
      next unless line.match?(/#{user_param} (.+)/)
Severity: Minor
Found in modules/auxiliary/admin/citrix/citrix_netscaler_config_decrypt.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method backend_url has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

  def backend_url
    proto = (datastore["SSL"] ? "https" : "http")
    myhost = (datastore['SRVHOST'] == '0.0.0.0') ? Rex::Socket.source_address : datastore['SRVHOST']
    port_str = (datastore['SRVPORT'].to_i == 80) ? '' : ":#{datastore['SRVPORT']}"
    "#{proto}://#{myhost}#{port_str}/#{datastore['URIPATH']}/catch"
Severity: Minor
Found in modules/auxiliary/admin/android/google_play_store_uxss_xframe_rce.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method run has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

  def run
    res = send_request_cgi({
      'uri' => normalize_uri(target_uri.path, 'LocalAuth', 'setAccount.aspx'),
      'method' => 'GET'
    })
Severity: Minor
Found in modules/auxiliary/admin/http/kaseya_master_admin.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method run has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

  def run
    cookie_jar.clear

    validate_domains
    validate_timestamps
Severity: Minor
Found in modules/auxiliary/admin/vmware/vcenter_forge_saml_token.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method init_authenticator has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

  def init_authenticator(options = {})
    options.merge!({
      host: rhost,
      realm: @realm,
      username: @username,
Severity: Minor
Found in modules/auxiliary/admin/kerberos/get_ticket.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method action_restore_password has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

  def action_restore_password
    fail_with(Failure::BadConfig, 'The RESTORE action requires the PASSWORD option to be set') if datastore['PASSWORD'].blank?
    fail_with(Failure::BadConfig, 'The PASSWORD option must be in hex') if /^([0-9a-fA-F]{2})+$/ !~ datastore['PASSWORD']
    password = [datastore['PASSWORD']].pack('H*')
Severity: Minor
Found in modules/auxiliary/admin/dcerpc/cve_2020_1472_zerologon.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method run_host has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

  def run_host(_ip)
    validate_lpaths!
    validate_rpaths!
    begin
      if session
Severity: Minor
Found in modules/auxiliary/admin/smb/upload_file.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method run has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

  def run

    dport = datastore['RPORT'].to_i

    if (dport != 0)
Severity: Minor
Found in modules/auxiliary/admin/ms/ms08_059_his2006.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method cleanup_after has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

  def cleanup_after(*files)
    simple.connect("\\\\#{@ip}\\#{@smbshare}")
    print_status("Executing cleanup...")
    files.each do |file|
      begin
Severity: Minor
Found in modules/auxiliary/admin/smb/psexec_ntdsgrab.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method parse_m_me_nb_1 has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

  def parse_m_me_nb_1(response_data)
    sq_bit = Integer(response_data[6].unpack('C').first) & 0b10000000
    response_data = response_data[11..-1] # cut out acpi data
    if sq_bit.eql?(0b10000000)
      ioa = response_data[0..3]
Severity: Minor
Found in modules/auxiliary/client/iec104/iec104.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method parse_m_st_na_1 has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

  def parse_m_st_na_1(response_data)
    sq_bit = Integer(response_data[6].unpack('C').first) & 0b10000000
    response_data = response_data[11..-1] # cut out acpi data
    if sq_bit.eql?(0b10000000)
      ioa = response_data[0..3]
Severity: Minor
Found in modules/auxiliary/client/iec104/iec104.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method process_cracker_results has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

    def process_cracker_results(results, cred)
      return results if cred['core_id'].nil? # make sure we have good data

      # make sure we dont add the same one again
      if results.select { |r| r.first == cred['core_id'] }.empty?
Severity: Minor
Found in modules/auxiliary/analyze/crack_windows.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method parse_m_sp_na_1 has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

  def parse_m_sp_na_1(response_data)
    sq_bit = Integer(response_data[6].unpack('C').first) & 0b10000000 # this bit determines the object addressing structure
    response_data = response_data[11..-1] # cut out acpi data
    if sq_bit.eql?(0b10000000)
      ioa = response_data[0..3] # extract ioa value
Severity: Minor
Found in modules/auxiliary/client/iec104/iec104.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method send_document has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

  def send_document(conn, chat_id)
    unless ::File.file?(document) && ::File.readable?(document)
      fail_with(Failure::BadConfig, 'The document to be sent does not exist or is not a readable file!')
    end
    raw_params = { 'chat_id' => chat_id, 'document' => Faraday::UploadIO.new(document, 'application/octet-stream') }
Severity: Minor
Found in modules/auxiliary/client/telegram/send_message.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method parse_c_sc_na_1 has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

  def parse_c_sc_na_1(response_data)
    sq_bit = Integer(response_data[6].unpack('C').first) & 0b10000000
    response_data = response_data[11..-1] # cut out acpi data
    if sq_bit.eql?(0b10000000)
      ioa = response_data[0..3]
Severity: Minor
Found in modules/auxiliary/client/iec104/iec104.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method parse_c_dc_na_1 has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

  def parse_c_dc_na_1(response_data)
    sq_bit = Integer(response_data[6].unpack('C').first) & 0b10000000
    response_data = response_data[11..-1] # cut out acpi data
    if sq_bit.eql?(0b10000000)
      ioa = response_data[0..3]
Severity: Minor
Found in modules/auxiliary/client/iec104/iec104.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method connect_smb has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

  def connect_smb(opts = {})
    username = opts[:username] || datastore['USERNAME']
    password = opts[:password] || datastore['PASSWORD']
    domain = opts[:domain] || datastore['DOMAIN']
    datastore['SMBUser'] = username
Severity: Minor
Found in modules/auxiliary/admin/dcerpc/cve_2022_26923_certifried.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method parse_m_dp_na_1 has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

  def parse_m_dp_na_1(response_data)
    sq_bit = Integer(response_data[6].unpack('C').first) & 0b10000000
    response_data = response_data[11..-1] # cut out acpi data
    if sq_bit.eql?(0b10000000)
      ioa = response_data[0..3]
Severity: Minor
Found in modules/auxiliary/client/iec104/iec104.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method arp2 has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

  def arp2(target_ip,int)
    config = PacketFu::Config.new(PacketFu::Utils.ifconfig ":#{int}").config
    arp_pkt = PacketFu::ARPPacket.new(:flavor => "Windows")
    arp_pkt.eth_saddr = arp_pkt.arp_saddr_mac = config[:eth_saddr]
    arp_pkt.eth_daddr = "ff:ff:ff:ff:ff:ff"
Severity: Minor
Found in modules/auxiliary/bnat/bnat_router.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method parse_m_me_nc_1 has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

  def parse_m_me_nc_1(response_data)
    sq_bit = Integer(response_data[6].unpack('C').first) & 0b10000000
    response_data = response_data[11..-1] # cut out acpi data
    if sq_bit.eql?(0b10000000)
      ioa = response_data[0..3]
Severity: Minor
Found in modules/auxiliary/client/iec104/iec104.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Severity
Category
Status
Source
Language