Sign upLogin

rapid7/metasploit-framework

View on GitHub
Star

Showing 7,361 of 22,177 total issues

Method initialize has 53 lines of code (exceeds 25 allowed). Consider refactoring.
Open

  def initialize(info = {})
    super(update_info(info,
      'Name'           => 'HP Network Node Manager I PMD Buffer Overflow',
      'Description'    => %q{
        This module exploits a stack buffer overflow in HP Network Node Manager I (NNMi). The
Severity: Major
Found in modules/exploits/linux/misc/hp_nnmi_pmd_bof.rb - About 2 hrs to fix

    Method initialize has 53 lines of code (exceeds 25 allowed). Consider refactoring.
    Open

      def initialize(info = {})
    super(
      update_info(
        info,
        {
    Severity: Major
    Found in modules/exploits/linux/ssh/ceragon_fibeair_known_privkey.rb - About 2 hrs to fix

      Method run has 53 lines of code (exceeds 25 allowed). Consider refactoring.
      Open

        def run
    # Get device prompt
    prompt = session.shell_command('')

    os_type = 'junos'
      Severity: Major
      Found in modules/post/networking/gather/enum_juniper.rb - About 2 hrs to fix

        Method run has 53 lines of code (exceeds 25 allowed). Consider refactoring.
        Open

          def run
    file_type = datastore['FILETYPE'].shellescape
    exe_path = datastore['EXE_PATH'].shellescape
    tmp_path = datastore['TMP_PATH'].gsub('<random>', Rex::Text.rand_text_alpha(8)).shellescape
    if datastore['COUNT'] < 1
        Severity: Major
        Found in modules/post/osx/capture/screen.rb - About 2 hrs to fix

          Method run has 53 lines of code (exceeds 25 allowed). Consider refactoring.
          Open

            def run
    # sadly OptPath does not work, so we check manually if it exists
    if !file_exist?(datastore['FILE'])
      print_error('Remote file does not exist!')
      return
          Severity: Major
          Found in modules/post/windows/gather/word_unc_injector.rb - About 2 hrs to fix

            Method analyze_file has 53 lines of code (exceeds 25 allowed). Consider refactoring.
            Open

              def analyze_file(filename)
    config = client.fs.file.new(filename, 'r')
    contents = config.read
    config_lines = contents.split("\n")
            Severity: Major
            Found in modules/post/windows/gather/credentials/tortoisesvn.rb - About 2 hrs to fix

              Method run has 53 lines of code (exceeds 25 allowed). Consider refactoring.
              Open

                def run
    if sysinfo.nil?
      print_error('This module is only available in a windows meterpreter session.')
      return
    end
              Severity: Major
              Found in modules/post/windows/gather/credentials/sso.rb - About 2 hrs to fix

                Method new_from_data has 53 lines of code (exceeds 25 allowed). Consider refactoring.
                Open

                      def new_from_data(data, from = nil)
        unless from
          if data.kind_of? Array
            data,from = data
          else
                Severity: Major
                Found in lib/net/dns/packet.rb - About 2 hrs to fix

                  Method initialize has 53 lines of code (exceeds 25 allowed). Consider refactoring.
                  Open

                    def initialize(hash, context = {})
    self.listen_host = '0.0.0.0' # clients don't already have addresses. Needs to be 0.0.0.0
    self.listen_port = 67 # mandatory (bootps)
    self.context = context
    self.sock = nil
                  Severity: Major
                  Found in lib/rex/proto/dhcp/server.rb - About 2 hrs to fix

                    Method session_setup_no_ntlmssp has 53 lines of code (exceeds 25 allowed). Consider refactoring.
                    Open

                      def session_setup_no_ntlmssp(user = '', pass = '', domain = '', do_recv = true)

    # Requires a challenge key to have been seen during negotiation
    raise XCEPT::NTLM1MissingChallenge if not self.challenge_key
                    Severity: Major
                    Found in lib/rex/proto/smb/client.rb - About 2 hrs to fix

                      Method end_element has 53 lines of code (exceeds 25 allowed). Consider refactoring.
                      Open

                          def end_element(name=nil)
      block = @block
      case name
      when "node" # Wrap it up
        collect_host_data
                      Severity: Major
                      Found in lib/rex/parser/nexpose_raw_document.rb - About 2 hrs to fix

                        Method report_test has 53 lines of code (exceeds 25 allowed). Consider refactoring.
                        Open

                            def report_test
      return unless in_tag("nodes")
      return unless in_tag("node")
      return unless @state[:test]
                        Severity: Major
                        Found in lib/rex/parser/nexpose_raw_document.rb - About 2 hrs to fix

                          Method cmd_password_change has 53 lines of code (exceeds 25 allowed). Consider refactoring.
                          Open

                            def cmd_password_change(*args)
    if args.length == 0 || args.include?('-h')
      cmd_password_change_usage
      return
    end
                          Severity: Major
                          Found in lib/rex/post/meterpreter/ui/console/command_dispatcher/kiwi.rb - About 2 hrs to fix

                            Method cmd_save has 53 lines of code (exceeds 25 allowed). Consider refactoring.
                            Open

                              def cmd_save(*args)
    if args.include?('-h') || args.include?('--help')
      cmd_save_help
      return false
    end
                            Severity: Major
                            Found in lib/msf/ui/console/command_dispatcher/core.rb - About 2 hrs to fix

                              Method dump_sessions has 53 lines of code (exceeds 25 allowed). Consider refactoring.
                              Open

                                def self.dump_sessions(framework, opts={})
    output = ""
    verbose = opts[:verbose] || false
    sessions = opts[:sessions] || framework.sessions
    show_active = opts[:show_active] || false
                              Severity: Major
                              Found in lib/msf/base/serializer/readable_text.rb - About 2 hrs to fix

                                Method find_key has 53 lines of code (exceeds 25 allowed). Consider refactoring.
                                Open

                                  def find_key(buf, badchars, keyChars)

    keyFound = nil

    bufLen = buf.length
                                Severity: Major
                                Found in lib/msf/core/encoder/xor_dynamic.rb - About 2 hrs to fix

                                  Method import_nuclei_json has 53 lines of code (exceeds 25 allowed). Consider refactoring.
                                  Open

                                    def import_nuclei_json(args = {}, &block)
    wspace = Msf::Util::DBManager.process_opts_workspace(args, framework).name
    bl = validate_ips(args[:blacklist]) ? args[:blacklist].split : []

    JSON.parse(args[:data]).each do |data|
                                  Severity: Major
                                  Found in lib/msf/core/db_manager/import/nuclei.rb - About 2 hrs to fix

                                    Method handle_nessus has 53 lines of code (exceeds 25 allowed). Consider refactoring.
                                    Open

                                      def handle_nessus(wspace, hobj, port, nasl, plugin_name, severity, data,task=nil)

    addr = hobj.address
    # The port section looks like:
    #   http (80/tcp)
                                    Severity: Major
                                    Found in lib/msf/core/db_manager/import/nessus.rb - About 2 hrs to fix

                                      Method do_report_failure_or_success has 53 lines of code (exceeds 25 allowed). Consider refactoring.
                                      Open

                                        def do_report_failure_or_success(opts)
    return unless opts[:refs]
    ::ApplicationRecord.connection_pool.with_connection {
      mrefs  = opts[:refs]
      host   = opts[:host]
                                      Severity: Major
                                      Found in lib/msf/core/db_manager/exploit_attempt.rb - About 2 hrs to fix

                                        Method splunk_helper_malicious_app has 53 lines of code (exceeds 25 allowed). Consider refactoring.
                                        Open

                                          def splunk_helper_malicious_app(app_name)
    # metadata folder
    metadata = <<~EOF
      [commands]
      export = system
                                        Severity: Major
                                        Found in lib/msf/core/exploit/remote/http/splunk/helpers.rb - About 2 hrs to fix
                                          Severity
                                          Category
                                          Status
                                          Source
                                          Language