Sign upLogin

rapid7/metasploit-framework

View on GitHub
Star

Showing 7,361 of 22,177 total issues

Method cmd_write has 52 lines of code (exceeds 25 allowed). Consider refactoring.
Open

  def cmd_write(*args)
    if args.length == 0 || args.include?("-h")
      cmd_write_help
      return
    end
Severity: Major
Found in lib/rex/post/meterpreter/ui/console/command_dispatcher/core.rb - About 2 hrs to fix

    Method cmd_favorite has 52 lines of code (exceeds 25 allowed). Consider refactoring.
    Open

              def cmd_favorite(*args)
            valid_custom_args = ['-c', '-d', '-l']
            favs_file = Msf::Config.fav_modules_file

            # always display the help banner if -h is provided or if multiple options are provided
    Severity: Major
    Found in lib/msf/ui/console/command_dispatcher/modules.rb - About 2 hrs to fix

      Method run_simple has 52 lines of code (exceeds 25 allowed). Consider refactoring.
      Open

        def self.run_simple(oevasion, opts, &block)
    evasion = oevasion.replicant
    # Trap and print errors here (makes them UI-independent)
    begin
      # Clone the module to prevent changes to the original instance
      Severity: Major
      Found in lib/msf/base/simple/evasion.rb - About 2 hrs to fix

        Method bootstrap has 52 lines of code (exceeds 25 allowed). Consider refactoring.
        Open

          def bootstrap(datastore = {}, handler = nil)
    session = self

    # Configure unicode encoding before loading stdapi
    session.encode_unicode = datastore['EnableUnicodeEncoding']
        Severity: Major
        Found in lib/msf/base/sessions/meterpreter.rb - About 2 hrs to fix

          Method update_all_module_details has 52 lines of code (exceeds 25 allowed). Consider refactoring.
          Open

            def update_all_module_details
    return if not self.migrated
    return if self.modules_caching

    self.framework.cache_thread = Thread.current
          Severity: Major
          Found in lib/msf/core/db_manager/module_cache.rb - About 2 hrs to fix

            Method relay_ntlmssp has 52 lines of code (exceeds 25 allowed). Consider refactoring.
            Open

                def relay_ntlmssp(session, incoming_security_buffer = nil)
      # TODO: Handle GSS correctly
      # gss_result = process_gss(incoming_security_buffer)
      # return gss_result if gss_result
      # TODO: Add support for a default NTLM provider in ruby_smb
            Severity: Major
            Found in lib/msf/core/exploit/remote/smb/relay/ntlm/server_client.rb - About 2 hrs to fix

              Method generate_reverse_http has 52 lines of code (exceeds 25 allowed). Consider refactoring.
              Open

                def generate_reverse_http(opts={})
    # required opts:
    #  proxy_host, proxy_port, scheme, user_agent
    var_escape = lambda { |txt|
      txt.gsub('\\', '\\' * 4).gsub('\'', %q(\\\'))
              Severity: Major
              Found in lib/msf/core/payload/python/reverse_http.rb - About 2 hrs to fix

                Identical blocks of code found in 2 locations. Consider refactoring.
                Open

                    def get_pull_request_from_commit(commit)
      sha = commit.sha
      url = URI.parse("https://github.com/#{repository}/branch_commits/#{sha}")
      cli = Net::HTTP.new(url.host, url.port)
      cli.use_ssl = true
                Severity: Major
                Found in tools/modules/file_pull_requests.rb and 1 other location - About 2 hrs to fix
                lib/msf/util/document_generator/pull_request_finder.rb on lines 143..163

                Duplicated Code

                Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

                Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

                When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

                Tuning

                This issue has a mass of 79.

                We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

                The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

                If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

                See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

                Refactorings

                Further Reading

                Identical blocks of code found in 2 locations. Consider refactoring.
                Open

                  def linux_stager
    cmds = "/bin/sh@-c@echo LINE | tee FILE"
    exe = Msf::Util::EXE.to_linux_x86_elf(framework, payload.raw)
    base64 = Rex::Text.encode_base64(exe)
    base64.gsub!(/\=/, "\\u003d")
                Severity: Major
                Found in modules/exploits/multi/http/struts_code_exec_exception_delegator.rb and 1 other location - About 2 hrs to fix
                modules/exploits/multi/http/struts_code_exec.rb on lines 102..123

                Duplicated Code

                Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

                Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

                When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

                Tuning

                This issue has a mass of 79.

                We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

                The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

                If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

                See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

                Refactorings

                Further Reading

                Identical blocks of code found in 2 locations. Consider refactoring.
                Open

                        def get_pull_request_from_commit(commit)
          sha = commit.sha
          url = URI.parse("https://github.com/#{repository}/branch_commits/#{sha}")
          cli = Net::HTTP.new(url.host, url.port)
          cli.use_ssl = true
                Severity: Major
                Found in lib/msf/util/document_generator/pull_request_finder.rb and 1 other location - About 2 hrs to fix
                tools/modules/file_pull_requests.rb on lines 109..129

                Duplicated Code

                Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

                Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

                When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

                Tuning

                This issue has a mass of 79.

                We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

                The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

                If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

                See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

                Refactorings

                Further Reading

                Identical blocks of code found in 2 locations. Consider refactoring.
                Open

                  def linux_stager
    cmds = "/bin/sh@-c@echo LINE | tee FILE"
    exe = Msf::Util::EXE.to_linux_x86_elf(framework, payload.raw)
    base64 = Rex::Text.encode_base64(exe)
    base64.gsub!(/\=/, "\\u003d")
                Severity: Major
                Found in modules/exploits/multi/http/struts_code_exec.rb and 1 other location - About 2 hrs to fix
                modules/exploits/multi/http/struts_code_exec_exception_delegator.rb on lines 117..138

                Duplicated Code

                Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

                Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

                When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

                Tuning

                This issue has a mass of 79.

                We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

                The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

                If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

                See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

                Refactorings

                Further Reading

                Similar blocks of code found in 2 locations. Consider refactoring.
                Open

                  module DNS
    
    class RR
      
      #------------------------------------------------------------
                Severity: Major
                Found in lib/net/dns/rr/ns.rb and 1 other location - About 2 hrs to fix
                lib/net/dns/rr/cname.rb on lines 11..61

                Duplicated Code

                Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

                Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

                When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

                Tuning

                This issue has a mass of 79.

                We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

                The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

                If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

                See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

                Refactorings

                Further Reading

                Similar blocks of code found in 2 locations. Consider refactoring.
                Open

                  def import_options_from_s(option_str, delim = nil)
    hash = {}

    # Figure out the delimiter, default to space.
    if (delim.nil?)
                Severity: Major
                Found in lib/msf/core/data_store_with_fallbacks.rb and 1 other location - About 2 hrs to fix
                lib/msf/core/data_store.rb on lines 111..145

                Duplicated Code

                Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

                Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

                When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

                Tuning

                This issue has a mass of 79.

                We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

                The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

                If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

                See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

                Refactorings

                Further Reading

                Similar blocks of code found in 2 locations. Consider refactoring.
                Open

                  def linux_stager
    cmds = "echo LINE | tee FILE"
    exe = Msf::Util::EXE.to_linux_x86_elf(framework, payload.raw)
    base64 = Rex::Text.encode_base64(exe)
    base64.gsub!(/\=/, "\\u003d")
                Severity: Major
                Found in modules/exploits/multi/http/orientdb_exec.rb and 1 other location - About 2 hrs to fix
                modules/exploits/multi/http/hyperic_hq_script_console.rb on lines 204..225

                Duplicated Code

                Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

                Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

                When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

                Tuning

                This issue has a mass of 79.

                We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

                The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

                If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

                See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

                Refactorings

                Further Reading

                Similar blocks of code found in 2 locations. Consider refactoring.
                Open

                  def initialize(info = {})
    super( update_info( info, {
        'Name'           => 'Setuid Tunnelblick Privilege Escalation',
        'Description'    => %q{
            This module exploits a vulnerability in Tunnelblick 3.2.8 on Mac OS X. The
                Severity: Major
                Found in modules/exploits/osx/local/setuid_tunnelblick.rb and 1 other location - About 2 hrs to fix
                modules/exploits/osx/local/setuid_viscosity.rb on lines 14..53

                Duplicated Code

                Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

                Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

                When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

                Tuning

                This issue has a mass of 79.

                We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

                The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

                If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

                See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

                Refactorings

                Further Reading

                Similar blocks of code found in 2 locations. Consider refactoring.
                Open

                  def import_options_from_s(option_str, delim = nil)
    hash = {}

    # Figure out the delimiter, default to space.
    if (delim.nil?)
                Severity: Major
                Found in lib/msf/core/data_store.rb and 1 other location - About 2 hrs to fix
                lib/msf/core/data_store_with_fallbacks.rb on lines 157..191

                Duplicated Code

                Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

                Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

                When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

                Tuning

                This issue has a mass of 79.

                We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

                The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

                If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

                See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

                Refactorings

                Further Reading

                Similar blocks of code found in 2 locations. Consider refactoring.
                Open

                  def linux_stager
    cmds = "echo LINE | tee FILE"
    exe  = Msf::Util::EXE.to_linux_x86_elf(framework, payload.raw)
    base64 = Rex::Text.encode_base64(exe)
    base64.gsub!(/\=/, "\\u003d")
                Severity: Major
                Found in modules/exploits/multi/http/hyperic_hq_script_console.rb and 1 other location - About 2 hrs to fix
                modules/exploits/multi/http/orientdb_exec.rb on lines 178..196

                Duplicated Code

                Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

                Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

                When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

                Tuning

                This issue has a mass of 79.

                We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

                The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

                If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

                See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

                Refactorings

                Further Reading

                Similar blocks of code found in 2 locations. Consider refactoring.
                Open

                  def initialize(info = {})
    super( update_info( info, {
        'Name'           => 'Viscosity setuid-set ViscosityHelper Privilege Escalation',
        'Description'    => %q{
            This module exploits a vulnerability in Viscosity 1.4.1 on Mac OS X. The
                Severity: Major
                Found in modules/exploits/osx/local/setuid_viscosity.rb and 1 other location - About 2 hrs to fix
                modules/exploits/osx/local/setuid_tunnelblick.rb on lines 14..53

                Duplicated Code

                Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

                Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

                When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

                Tuning

                This issue has a mass of 79.

                We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

                The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

                If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

                See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

                Refactorings

                Further Reading

                Similar blocks of code found in 2 locations. Consider refactoring.
                Open

                  module DNS

    class RR
      
      #------------------------------------------------------------
                Severity: Major
                Found in lib/net/dns/rr/cname.rb and 1 other location - About 2 hrs to fix
                lib/net/dns/rr/ns.rb on lines 11..61

                Duplicated Code

                Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

                Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

                When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

                Tuning

                This issue has a mass of 79.

                We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

                The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

                If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

                See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

                Refactorings

                Further Reading

                Method run has 51 lines of code (exceeds 25 allowed). Consider refactoring.
                Open

                    public Object run() throws Exception
    {
        //System.out.println("Running");
        // if the native payload data has not been set just return for now, it
        // will be set by the next time we reach here.
                Severity: Major
                Found in external/source/exploits/CVE-2008-5353/src/msf/x/PayloadX.java - About 2 hrs to fix
                  Severity
                  Category
                  Status
                  Source
                  Language