Sign upLogin

rapid7/metasploit-framework

View on GitHub
Star

Showing 16,065 of 22,177 total issues

Method postgres_logout has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

  def postgres_logout
    ip = self.postgres_conn.peerhost
    port = self.postgres_conn.peerport
    verbose = datastore['VERBOSE']
Severity: Minor
Found in lib/msf/core/exploit/remote/postgres.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method jenkins_login has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

          def jenkins_login(username, password, target_uri = nil)
            begin
              request = {
                'vars_post' =>
                  {
Severity: Minor
Found in lib/msf/core/exploit/remote/http/jenkins.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method safe_get_once has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

            def safe_get_once(nsock = sock, loop_timeout = read_loop_timeout)
              data = ''
              begin
                res = nsock.get_once
              rescue ::EOFError
Severity: Minor
Found in lib/msf/core/exploit/remote/java/rmi/client.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method smb_enumprintproviders has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

      def smb_enumprintproviders
        resp = smb_enumprinters(8, nil, 1, 0)
        return nil if not resp
        rptr, tmp, blen = resp.unpack("V*")
Severity: Minor
Found in lib/msf/core/exploit/remote/smb/client.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method k_truncate has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

            def k_truncate(data, etype)
              if etype == Rex::Proto::Kerberos::Crypto::Encryption::AES256
                keysize = 32
              elsif etype == Rex::Proto::Kerberos::Crypto::Encryption::AES128
                keysize = 16
Severity: Minor
Found in lib/msf/core/exploit/remote/kerberos/client/pkinit.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method send_registry_lookup has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

              def send_registry_lookup(opts = {})
                send_call(
                  sock: opts[:sock] || sock,
                  call: build_registry_lookup(opts)
                )
Severity: Minor
Found in lib/msf/core/exploit/remote/java/rmi/client/registry.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method dcerpc_mgmt_inq_if_ids has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

  def dcerpc_mgmt_inq_if_ids(dport=135)
    res = []

    begin
Severity: Minor
Found in lib/msf/core/exploit/remote/dcerpc_mgmt.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method smb_srvsvc_netsharegetinfo has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

      def smb_srvsvc_netsharegetinfo(share)
        shares = []
        simple.connect("\\\\#{rhost}\\IPC$")
        handle = dcerpc_handle('4b324fc8-1670-01d3-1278-5a47bf6ee188', '3.0', 'ncacn_np', ["\\srvsvc"])
        begin
Severity: Minor
Found in lib/msf/core/exploit/remote/smb/client.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method extract_string has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

            def extract_string(io)
              raw_length = io.read(2)
              unless raw_length && raw_length.length == 2
                return nil
              end
Severity: Minor
Found in lib/msf/core/exploit/remote/java/rmi/util.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method execute_powershell_payload has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

  def execute_powershell_payload
    ENV['MSF_SERVICENAME'] = datastore['SERVICE_NAME']
    command = cmd_psh_payload(payload.encoded, payload_instance.arch.first)

    if datastore['PSH::persist'] and not datastore['DisablePayloadHandler']
Severity: Minor
Found in lib/msf/core/exploit/remote/smb/client/psexec.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method send_jmx_get_object_instance has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

                def send_jmx_get_object_instance(opts = {})
                  send_call(
                    sock: opts[:sock] || sock,
                    call: build_jmx_get_object_instance(opts)
                  )
Severity: Minor
Found in lib/msf/core/exploit/remote/java/rmi/client/jmx/connection.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method test_vulnerable has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

    def test_vulnerable
      random_string_len = @truncation_length ? [rand(2..10), @truncation_length].min : rand(2..10)
      random_string = Rex::Text.rand_text_alphanumeric(random_string_len)
      query_string = "'#{random_string}'"
      query_string = @encoder[:encode].sub(/\^DATA\^/, query_string) if @encoder
Severity: Minor
Found in lib/msf/core/exploit/sqli/mysqli/common.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method test_vulnerable has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

    def test_vulnerable
      random_string_len = @truncation_length ? [rand(2..10), @truncation_length].min : rand(2..10)
      random_string = Rex::Text.rand_text_alphanumeric(random_string_len)
      query_string = "'#{random_string}'"
      query_string = @encoder[:encode].sub(/\^DATA\^/, query_string) if @encoder
Severity: Minor
Found in lib/msf/core/exploit/sqli/mssqli/common.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method generate_omelet has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

  def generate_omelet(payload, badchars = nil, opts = {})
    # Prefer the target's platform/architecture information, but use
    # the module's if no target specific information exists
    los   = target_platform
    larch = target_arch || ARCH_X86
Severity: Minor
Found in lib/msf/core/exploit/omelet.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method build_pkt_line_receive_pack has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

  def build_pkt_line_receive_pack(ref, objects, branch_tip = '')
    data = ''
    commits = []
    branch_sha = '0' * 40
Severity: Minor
Found in lib/msf/core/exploit/git/smart_http.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method generate_ruby_deserialization_for_payload has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

    def generate_ruby_deserialization_for_payload(payload, name)
      command = nil

      if payload.platform.platforms == [Msf::Module::Platform::Windows]
        if [ Rex::Arch::ARCH_X86, Rex::Arch::ARCH_X64 ].include? payload.arch.first
Severity: Minor
Found in lib/msf/core/exploit/ruby_deserialization.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method backend_url has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

  def backend_url
    proto = (datastore["SSL"] ? "https" : "http")
    myhost = (datastore['SRVHOST'] == '0.0.0.0') ? Rex::Socket.source_address : datastore['SRVHOST']
    port_str = (datastore['HTTPPORT'].to_i == 80) ? '' : ":#{datastore['HTTPPORT']}"
    "#{proto}://#{myhost}#{port_str}"
Severity: Minor
Found in lib/msf/core/exploit/format/webarchive.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method send_ref_discovery_request has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

  def send_ref_discovery_request(git_uri)
    puts 'sending ref discovery request'
    request_params =
    {
      'method' => 'GET',
Severity: Minor
Found in lib/msf/core/exploit/git/smart_http.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method generate_egghunter has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

  def generate_egghunter(payload, badchars = nil, opts = {})
    # Prefer the target's platform/architecture information, but use
    # the module's if no target specific information exists
    los   = target_platform
    larch = target_arch || ARCH_X86
Severity: Minor
Found in lib/msf/core/exploit/egghunter.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method test_vulnerable has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

    def test_vulnerable
      random_string_len = @truncation_length ? [rand(2..10), @truncation_length].min : rand(2..10)
      random_string = Rex::Text.rand_text_alphanumeric(random_string_len)
      query_string = "'#{random_string}'"
      query_string = @encoder[:encode].sub(/\^DATA\^/, query_string) if @encoder
Severity: Minor
Found in lib/msf/core/exploit/sqli/postgresqli/common.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Severity
Category
Status
Source
Language