Sign upLogin

rapid7/metasploit-framework

View on GitHub
Star

Showing 21,757 of 21,757 total issues

File exe.rb has 1416 lines of code (exceeds 250 allowed). Consider refactoring.
Open

module Msf
module Util
#
# The class provides methods for creating and encoding executable file
# formats for various platforms. It is a replacement for the previous
Severity: Major
Found in lib/msf/util/exe.rb - About 3 days to fix

    File client.rb has 1386 lines of code (exceeds 250 allowed). Consider refactoring.
    Open

    module Rex
module Proto
module SMB
class Client
    Severity: Major
    Found in lib/rex/proto/smb/client.rb - About 3 days to fix

      File modules.rb has 1365 lines of code (exceeds 250 allowed). Consider refactoring.
      Open

      module Msf
  module Ui
    module Console
      module CommandDispatcher
      Severity: Major
      Found in lib/msf/ui/console/command_dispatcher/modules.rb - About 3 days to fix

        Method run has 714 lines of code (exceeds 25 allowed). Consider refactoring.
        Open

          def run
    print_status("Running MS SQL Server Enumeration...")
    if session
      set_session(session.client)
    else
        Severity: Major
        Found in modules/auxiliary/admin/mssql/mssql_enum.rb - About 3 days to fix

          Method run_host has 709 lines of code (exceeds 25 allowed). Consider refactoring.
          Open

            def run_host(ip)

    begin
      snmp = connect_snmp
          Severity: Major
          Found in modules/auxiliary/scanner/snmp/snmp_enum.rb - About 3 days to fix

            File core.rb has 1333 lines of code (exceeds 250 allowed). Consider refactoring.
            Open

            require 'set'
require 'rex/post/meterpreter'
require 'rex'

module Rex
            Severity: Major
            Found in lib/rex/post/meterpreter/ui/console/command_dispatcher/core.rb - About 3 days to fix

              File constants.rb has 1171 lines of code (exceeds 250 allowed). Consider refactoring.
              Open

              module Rex
module Proto
module SMB
class Constants
              Severity: Major
              Found in lib/rex/proto/smb/constants.rb - About 3 days to fix

                Method run has 602 lines of code (exceeds 25 allowed). Consider refactoring.
                Open

                  def run
    return if not check_dependencies

    begin
      # Get all values from v$parameter
                Severity: Major
                Found in modules/auxiliary/admin/oracle/oraenum.rb - About 3 days to fix

                  Identical blocks of code found in 2 locations. Consider refactoring.
                  Open

                    def make_pdf(ttf, js)

    #swf_name = rand_text_alpha(8 + rand(8)) + ".swf"

    xref = []
                  Severity: Major
                  Found in modules/exploits/windows/browser/adobe_cooltype_sing.rb and 1 other location - About 2 days to fix
                  modules/exploits/windows/fileformat/adobe_cooltype_sing.rb on lines 375..560

                  Duplicated Code

                  Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

                  Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

                  When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

                  Tuning

                  This issue has a mass of 716.

                  We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

                  The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

                  If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

                  See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

                  Refactorings

                  Further Reading

                  Identical blocks of code found in 2 locations. Consider refactoring.
                  Open

                    def make_pdf(ttf, js)

    #swf_name = rand_text_alpha(8 + rand(8)) + ".swf"

    xref = []
                  Severity: Major
                  Found in modules/exploits/windows/fileformat/adobe_cooltype_sing.rb and 1 other location - About 2 days to fix
                  modules/exploits/windows/browser/adobe_cooltype_sing.rb on lines 388..573

                  Duplicated Code

                  Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

                  Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

                  When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

                  Tuning

                  This issue has a mass of 716.

                  We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

                  The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

                  If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

                  See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

                  Refactorings

                  Further Reading

                  Method run_host has a Cognitive Complexity of 143 (exceeds 5 allowed). Consider refactoring.
                  Open

                    def run_host(ip)

    begin
      snmp = connect_snmp
                  Severity: Minor
                  Found in modules/auxiliary/scanner/snmp/snmp_enum.rb - About 2 days to fix

                  Cognitive Complexity

                  Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                  A method's cognitive complexity is based on a few simple rules:

                  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                  • Code is considered more complex for each "break in the linear flow of the code"
                  • Code is considered more complex when "flow breaking structures are nested"

                  Further reading

                  Method html_get_hash has a Cognitive Complexity of 138 (exceeds 5 allowed). Consider refactoring.
                  Open

                    def html_get_hash(arg = {})
    ntlm_ver = arg[:ntlm_ver]
    if ntlm_ver == NTLM_CONST::NTLM_V1_RESPONSE or ntlm_ver == NTLM_CONST::NTLM_2_SESSION_RESPONSE
      lm_hash = arg[:lm_hash]
      nt_hash = arg[:nt_hash]
                  Severity: Minor
                  Found in modules/auxiliary/server/capture/http_ntlm.rb - About 2 days to fix

                  Cognitive Complexity

                  Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                  A method's cognitive complexity is based on a few simple rules:

                  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                  • Code is considered more complex for each "break in the linear flow of the code"
                  • Code is considered more complex when "flow breaking structures are nested"

                  Further reading

                  Method mssql_get_hash has a Cognitive Complexity of 135 (exceeds 5 allowed). Consider refactoring.
                  Open

                    def mssql_get_hash(arg = {})
    ntlm_ver = arg[:ntlm_ver]
    if ntlm_ver == NTLM_CONST::NTLM_V1_RESPONSE or ntlm_ver == NTLM_CONST::NTLM_2_SESSION_RESPONSE
      lm_hash = arg[:lm_hash]
      nt_hash = arg[:nt_hash]
                  Severity: Minor
                  Found in modules/auxiliary/server/capture/mssql.rb - About 2 days to fix

                  Cognitive Complexity

                  Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                  A method's cognitive complexity is based on a few simple rules:

                  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                  • Code is considered more complex for each "break in the linear flow of the code"
                  • Code is considered more complex when "flow breaking structures are nested"

                  Further reading

                  File rdp.rb has 1073 lines of code (exceeds 250 allowed). Consider refactoring.
                  Open

                  module Msf

###
#
# This module exposes methods for interacting with a remote RDP service
                  Severity: Major
                  Found in lib/msf/core/exploit/remote/rdp.rb - About 2 days to fix

                    Method cmd_wmap_run has 541 lines of code (exceeds 25 allowed). Consider refactoring.
                    Open

                          def cmd_wmap_run(*args)
        # Stop everything
        self.masstop = false
        self.killwhenstop = true
                    Severity: Major
                    Found in plugins/wmap.rb - About 2 days to fix

                      File windows_secrets_dump.rb has 1041 lines of code (exceeds 250 allowed). Consider refactoring.
                      Open

                      require 'ruby_smb/dcerpc/client'

class MetasploitModule < Msf::Auxiliary
  include Msf::Exploit::Remote::SMB::Client::Authenticated
  include Msf::Exploit::Remote::DCERPC
                      Severity: Major
                      Found in modules/auxiliary/gather/windows_secrets_dump.rb - About 2 days to fix

                        Identical blocks of code found in 2 locations. Consider refactoring.
                        Open

                          @@target_uuids = [
    [ '00000131-0000-0000-c000-000000000046', '0.0' ],
    [ '00000134-0000-0000-c000-000000000046', '0.0' ],
    [ '00000136-0000-0000-c000-000000000046', '0.0' ],
    [ '00000143-0000-0000-c000-000000000046', '0.0' ],
                        Severity: Major
                        Found in modules/auxiliary/scanner/smb/pipe_dcerpc_auditor.rb and 1 other location - About 2 days to fix
                        modules/auxiliary/scanner/dcerpc/tcp_dcerpc_auditor.rb on lines 30..248

                        Duplicated Code

                        Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

                        Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

                        When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

                        Tuning

                        This issue has a mass of 647.

                        We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

                        The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

                        If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

                        See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

                        Refactorings

                        Further Reading

                        Identical blocks of code found in 2 locations. Consider refactoring.
                        Open

                          @@target_uuids = [
    [ '00000131-0000-0000-c000-000000000046', '0.0' ],
    [ '00000134-0000-0000-c000-000000000046', '0.0' ],
    [ '00000136-0000-0000-c000-000000000046', '0.0' ],
    [ '00000143-0000-0000-c000-000000000046', '0.0' ],
                        Severity: Major
                        Found in modules/auxiliary/scanner/dcerpc/tcp_dcerpc_auditor.rb and 1 other location - About 2 days to fix
                        modules/auxiliary/scanner/smb/pipe_dcerpc_auditor.rb on lines 34..252

                        Duplicated Code

                        Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

                        Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

                        When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

                        Tuning

                        This issue has a mass of 647.

                        We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

                        The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

                        If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

                        See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

                        Refactorings

                        Further Reading

                        Method run has a Cognitive Complexity of 129 (exceeds 5 allowed). Consider refactoring.
                        Open

                        def run
  @show_progress = datastore['ShowProgress']
  @show_percent  = datastore['ShowProgressPercent'].to_i

  if self.respond_to?(:session) && session
                        Severity: Minor
                        Found in lib/msf/core/auxiliary/scanner.rb - About 2 days to fix

                        Cognitive Complexity

                        Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                        A method's cognitive complexity is based on a few simple rules:

                        • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                        • Code is considered more complex for each "break in the linear flow of the code"
                        • Code is considered more complex when "flow breaking structures are nested"

                        Further reading

                        File rpc_db.rb has 1013 lines of code (exceeds 250 allowed). Consider refactoring.
                        Open

                        module Msf
module RPC
class RPC_Db < RPC_Base

private
                        Severity: Major
                        Found in lib/msf/core/rpc/v10/rpc_db.rb - About 2 days to fix
                          Severity
                          Category
                          Status
                          Source
                          Language