Sign upLogin

rapid7/metasploit-framework

View on GitHub
Star

Showing 16,065 of 22,177 total issues

Method run_host has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

  def run_host(ip)
    base = normalize_uri(target_uri.path)
    base << '/' if base[-1,1] != '/'

    peer = "#{ip}:#{rport}"
Severity: Minor
Found in modules/auxiliary/scanner/http/manageengine_securitymanager_traversal.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method run_host has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

  def run_host(rhost)
    url = normalize_uri(datastore['URI'], '/index.php/members')

    begin
      res = send_request_raw({'uri' => url})
Severity: Minor
Found in modules/auxiliary/scanner/http/concrete5_member_list.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method get_ssl_record has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

  def get_ssl_record
    hdr = get_data(SSL_RECORD_HEADER_SIZE)

    unless hdr
      vprint_error("No SSL record header received after #{response_timeout} seconds...")
Severity: Minor
Found in modules/auxiliary/scanner/ssl/openssl_heartbleed.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method getreply has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

  def getreply
    pkt_bytes = capture.next
    Kernel.select(nil,nil,nil,0.1)
    return unless pkt_bytes
    pkt = PacketFu::Packet.parse(pkt_bytes)
Severity: Minor
Found in modules/auxiliary/scanner/discovery/arp_sweep.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method parse_reply has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

  def parse_reply(pkt)

    return if not pkt[1]

    if(pkt[1] =~ /^::ffff:/)
Severity: Minor
Found in modules/auxiliary/scanner/vxworks/wdbrpc_version.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method run_host has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

  def run_host(ip)
    begin

      user_pass = "#{datastore['DBUSER']}:#{datastore['DBPASS']}"
Severity: Minor
Found in modules/auxiliary/scanner/oracle/xdb_sid.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method run_host has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

  def run_host(ip)

    # Specified Kex/Encryption downgrade requirements must be set to connect to the Power Meters.
    ssh_opts = ssh_client_defaults.merge({
      auth_methods:    ['publickey'],
Severity: Minor
Found in modules/auxiliary/scanner/ssh/eaton_xpert_backdoor.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method get_oracle_version has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

  def get_oracle_version(ip)
    begin
      res = send_request_cgi({
        'version' => '1.1',
        'uri'     => uri,
Severity: Minor
Found in modules/auxiliary/scanner/oracle/isqlplus_login.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method run_host has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

  def run_host(ip)
    datastore['BLANK_PASSWORDS'] = false # Always
    ver = get_oracle_version(ip)
    if not check_oracle_version(ver)
      print_error "#{msg} Unknown Oracle version, skipping."
Severity: Minor
Found in modules/auxiliary/scanner/oracle/isqlplus_login.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method get_rsync_auth_status has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

  def get_rsync_auth_status(rmodule)
    sock.puts("#{rmodule}\n")
    res = sock.get_once(-1, read_timeout)
    if res
      res.strip!
Severity: Minor
Found in modules/auxiliary/scanner/rsync/modules_list.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method finger_slurp_data has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

  def finger_slurp_data
    buff = ""
    begin
      while(res = sock.get_once(-1, 5) || '')
        buff << res
Severity: Minor
Found in modules/auxiliary/scanner/finger/finger_users.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method run has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

  def run
    @base_stations = {}

    print_status("Opening interface: #{datastore['INTERFACE']}")
    print_status("Using band: #{datastore['BAND']}")
Severity: Minor
Found in modules/auxiliary/scanner/dect/station_scanner.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method run_host has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

  def run_host(ip)
    if vim_do_login(datastore['USERNAME'], datastore['PASSWORD']) == :success
      role_map = {}
      esx_roles = vim_get_roles
      case esx_roles
Severity: Minor
Found in modules/auxiliary/scanner/vmware/vmware_enum_permissions.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method run_host has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

  def run_host(ip)
    return unless check_host(ip) == Exploit::CheckCode::Vulnerable

    dlsw_data = ''
    until dlsw_data.length > datastore['LEAK_AMOUNT']
Severity: Minor
Found in modules/auxiliary/scanner/dlsw/dlsw_leak_capture.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method run_host has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

  def run_host(ip)
    print_status("#{ip}:#{rport} - Starting rsh sweep")

    cmd = datastore['CMD']
    cmd ||= 'sh -i 2>&1'
Severity: Minor
Found in modules/auxiliary/scanner/rservices/rsh_login.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method get_oracle_version has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

  def get_oracle_version(ip)
    begin
      res = send_request_cgi({
        'version' => '1.1',
        'uri'     => uri,
Severity: Minor
Found in modules/auxiliary/scanner/oracle/isqlplus_sidbrute.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method run_host has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

  def run_host(ip)
    factory = ssh_socket_factory

    ssh_opts = ssh_client_defaults.merge({
      port:            rport,
Severity: Minor
Found in modules/auxiliary/scanner/ssh/fortinet_backdoor.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method do_login has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

  def do_login(user='nessus', pass='nessus')
    vprint_status("Trying username:'#{user}' with password:'#{pass}'")
    headers = {}

    begin
Severity: Minor
Found in modules/auxiliary/scanner/nessus/nessus_xmlrpc_login.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method run_host has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

  def run_host(_ip)
    fail_with(Failure::BadConfig, "LocalFile must be set") unless datastore['LocalFile']
    fail_with(Failure::BadConfig, "RemoteFile must be set") unless datastore['RemoteFile']
    return unless check == Exploit::CheckCode::Vulnerable
Severity: Minor
Found in modules/auxiliary/scanner/redis/file_upload.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method run_host has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

  def run_host(ip)
    begin
      connect
      sock.put(Rex::Text.rand_text(5))
      res = sock.get_once
Severity: Minor
Found in modules/auxiliary/scanner/misc/sercomm_backdoor_scanner.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Severity
Category
Status
Source
Language