Sign upLogin

rapid7/metasploit-framework

View on GitHub
Star

Showing 7,361 of 22,177 total issues

Identical blocks of code found in 3 locations. Consider refactoring.
Open

  def decoder_stub(state)
    # If the decoder stub has not already been generated for this state, do
    # it now.  The decoder stub method may be called more than once.
    if (state.decoder_stub == nil)
      # Shikata will only cut off the last 1-4 bytes of it's own end
Severity: Major
Found in modules/encoders/x86/context_stat.rb and 2 other locations - About 1 hr to fix
modules/encoders/x86/context_cpuid.rb on lines 47..66
modules/encoders/x86/context_time.rb on lines 48..67

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 47.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Similar blocks of code found in 10 locations. Consider refactoring.
Open

  def self.delete_host_tag
    lambda {
      warden.authenticate!
      begin
        opts = parse_json_request(request, false)
Severity: Major
Found in lib/msf/core/web_services/servlet/host_servlet.rb and 9 other locations - About 1 hr to fix
lib/msf/core/web_services/servlet/host_servlet.rb on lines 63..74
lib/msf/core/web_services/servlet/host_servlet.rb on lines 91..103
lib/msf/core/web_services/servlet/host_servlet.rb on lines 107..119
lib/msf/core/web_services/servlet/login_servlet.rb on lines 52..63
lib/msf/core/web_services/servlet/note_servlet.rb on lines 48..59
lib/msf/core/web_services/servlet/payload_servlet.rb on lines 50..61
lib/msf/core/web_services/servlet/service_servlet.rb on lines 47..58
lib/msf/core/web_services/servlet/session_servlet.rb on lines 55..66
lib/msf/core/web_services/servlet/workspace_servlet.rb on lines 52..63

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 47.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Identical blocks of code found in 3 locations. Consider refactoring.
Open

  def get_custom_headers(ds)
    headers = ""
    headers << "Host: #{ds['HttpHostHeader']}\r\n" if ds['HttpHostHeader']
    headers << "Cookie: #{ds['HttpCookie']}\r\n" if ds['HttpCookie']
    headers << "Referer: #{ds['HttpReferer']}\r\n" if ds['HttpReferer']
Severity: Major
Found in lib/msf/core/payload/windows/x64/reverse_http_x64.rb and 2 other locations - About 1 hr to fix
lib/msf/core/payload/transport_config.rb on lines 125..134
lib/msf/core/payload/windows/reverse_http.rb on lines 67..76

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 47.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Similar blocks of code found in 12 locations. Consider refactoring.
Open

  def initialize(info = {})
    super(merge_info(info,
     'Name'        => 'Unix Command Shell, Reverse TCP SSL (via Ruby)',
     'Description' => 'Connect back and create a command shell via Ruby, uses SSL',
     'Author'      => 'RageLtMan <rageltman[at]sempervictus>',
Severity: Major
Found in modules/payloads/singles/cmd/unix/reverse_ruby_ssl.rb and 11 other locations - About 1 hr to fix
modules/payloads/singles/cmd/unix/bind_ruby.rb on lines 14..31
modules/payloads/singles/cmd/unix/bind_ruby_ipv6.rb on lines 14..31
modules/payloads/singles/cmd/unix/reverse_bash_telnet_ssl.rb on lines 14..40
modules/payloads/singles/cmd/unix/reverse_ksh.rb on lines 14..34
modules/payloads/singles/cmd/unix/reverse_perl.rb on lines 14..35
modules/payloads/singles/cmd/unix/reverse_perl_ssl.rb on lines 14..35
modules/payloads/singles/cmd/unix/reverse_php_ssl.rb on lines 14..35
modules/payloads/singles/cmd/unix/reverse_python_ssl.rb on lines 15..36
modules/payloads/singles/cmd/unix/reverse_ruby.rb on lines 14..31
modules/payloads/singles/cmd/windows/bind_ruby.rb on lines 14..31
modules/payloads/singles/cmd/windows/reverse_ruby.rb on lines 14..31

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 47.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Similar blocks of code found in 12 locations. Consider refactoring.
Open

  def initialize(info = {})
    super(merge_info(info,
     'Name'          => 'Unix Command Shell, Reverse TCP (via Perl)',
     'Description'   => 'Creates an interactive shell via perl',
     'Author'        => 'cazz',
Severity: Major
Found in modules/payloads/singles/cmd/unix/reverse_perl.rb and 11 other locations - About 1 hr to fix
modules/payloads/singles/cmd/unix/bind_ruby.rb on lines 14..31
modules/payloads/singles/cmd/unix/bind_ruby_ipv6.rb on lines 14..31
modules/payloads/singles/cmd/unix/reverse_bash_telnet_ssl.rb on lines 14..40
modules/payloads/singles/cmd/unix/reverse_ksh.rb on lines 14..34
modules/payloads/singles/cmd/unix/reverse_perl_ssl.rb on lines 14..35
modules/payloads/singles/cmd/unix/reverse_php_ssl.rb on lines 14..35
modules/payloads/singles/cmd/unix/reverse_python_ssl.rb on lines 15..36
modules/payloads/singles/cmd/unix/reverse_ruby.rb on lines 14..31
modules/payloads/singles/cmd/unix/reverse_ruby_ssl.rb on lines 14..31
modules/payloads/singles/cmd/windows/bind_ruby.rb on lines 14..31
modules/payloads/singles/cmd/windows/reverse_ruby.rb on lines 14..31

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 47.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Similar blocks of code found in 10 locations. Consider refactoring.
Open

  def self.update_payload
    lambda {
      warden.authenticate!
      begin
        opts = parse_json_request(request, false)
Severity: Major
Found in lib/msf/core/web_services/servlet/payload_servlet.rb and 9 other locations - About 1 hr to fix
lib/msf/core/web_services/servlet/host_servlet.rb on lines 63..74
lib/msf/core/web_services/servlet/host_servlet.rb on lines 91..103
lib/msf/core/web_services/servlet/host_servlet.rb on lines 107..119
lib/msf/core/web_services/servlet/host_servlet.rb on lines 123..134
lib/msf/core/web_services/servlet/login_servlet.rb on lines 52..63
lib/msf/core/web_services/servlet/note_servlet.rb on lines 48..59
lib/msf/core/web_services/servlet/service_servlet.rb on lines 47..58
lib/msf/core/web_services/servlet/session_servlet.rb on lines 55..66
lib/msf/core/web_services/servlet/workspace_servlet.rb on lines 52..63

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 47.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Identical blocks of code found in 3 locations. Consider refactoring.
Open

    if(response.headers.has_key?('Server') )
      if(response.headers['Server'] =~ /IIS/ or response.headers['Server'] =~ /\(Windows/)
        os = "Windows (#{response.headers['Server']})"
      elsif(response.headers['Server'] =~ /Apache\//)
          os = "Unix (#{response.headers['Server']})"
Severity: Major
Found in modules/auxiliary/scanner/http/coldfusion_locale_traversal.rb and 2 other locations - About 1 hr to fix
modules/auxiliary/gather/coldfusion_pwd_props.rb on lines 43..50
modules/auxiliary/scanner/http/coldfusion_version.rb on lines 29..36

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 47.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Similar blocks of code found in 6 locations. Consider refactoring.
Open

    res = send_request_cgi({
      'method' => "#{Rex::Text.rand_text_alpha(58746)}POST",
      'uri' => normalize_uri('cgi-bin', "genie.cgi?backup.cgi\nContent-Length: 4156559"), # Note that we need this format for Content-Length otherwise the exploitation will fail, most likely due to a bad heap layout.
      'ctype' => "multipart/form-data; boundary=#{post_data.bound}",
      'agent' => nil, # Disable sending the User-Agent header
Severity: Major
Found in modules/auxiliary/admin/http/netgear_r7000_backup_cgi_heap_overflow_rce.rb and 5 other locations - About 1 hr to fix
modules/auxiliary/admin/http/netgear_r7000_backup_cgi_heap_overflow_rce.rb on lines 151..157
modules/auxiliary/admin/http/netgear_r7000_backup_cgi_heap_overflow_rce.rb on lines 168..174
modules/auxiliary/admin/http/netgear_r7000_backup_cgi_heap_overflow_rce.rb on lines 186..192
modules/auxiliary/admin/http/netgear_r7000_backup_cgi_heap_overflow_rce.rb on lines 222..228
modules/auxiliary/admin/http/netgear_r7000_backup_cgi_heap_overflow_rce.rb on lines 276..282

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 47.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Similar blocks of code found in 6 locations. Consider refactoring.
Open

    res = send_request_cgi({
      'method' => "#{Rex::Text.rand_text_alpha(58698)}POST",
      'uri' => normalize_uri('cgi-bin', "genie.cgi?backup.cgi\nContent-Length: 4156559"), # Note that we need this format for Content-Length otherwise the exploitation will fail :/
      'ctype' => "multipart/form-data; boundary=#{post_data.bound}",
      'agent' => nil, # Disable sending the User-Agent header
Severity: Major
Found in modules/auxiliary/admin/http/netgear_r7000_backup_cgi_heap_overflow_rce.rb and 5 other locations - About 1 hr to fix
modules/auxiliary/admin/http/netgear_r7000_backup_cgi_heap_overflow_rce.rb on lines 168..174
modules/auxiliary/admin/http/netgear_r7000_backup_cgi_heap_overflow_rce.rb on lines 186..192
modules/auxiliary/admin/http/netgear_r7000_backup_cgi_heap_overflow_rce.rb on lines 222..228
modules/auxiliary/admin/http/netgear_r7000_backup_cgi_heap_overflow_rce.rb on lines 276..282
modules/auxiliary/admin/http/netgear_r7000_backup_cgi_heap_overflow_rce.rb on lines 294..300

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 47.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Similar blocks of code found in 6 locations. Consider refactoring.
Open

    res = send_request_cgi({
      'method' => "#{Rex::Text.rand_text_alpha(58663)}POST",
      'uri' => normalize_uri('cgi-bin', "genie.cgi?backup.cgi\nContent-Length: 4156559"), # Note that we need this format for Content-Length otherwise the exploitation will fail, most likely due to a bad heap layout.
      'ctype' => "multipart/form-data; boundary=#{post_data.bound}",
      'agent' => nil, # Disable sending the User-Agent header
Severity: Major
Found in modules/auxiliary/admin/http/netgear_r7000_backup_cgi_heap_overflow_rce.rb and 5 other locations - About 1 hr to fix
modules/auxiliary/admin/http/netgear_r7000_backup_cgi_heap_overflow_rce.rb on lines 151..157
modules/auxiliary/admin/http/netgear_r7000_backup_cgi_heap_overflow_rce.rb on lines 168..174
modules/auxiliary/admin/http/netgear_r7000_backup_cgi_heap_overflow_rce.rb on lines 186..192
modules/auxiliary/admin/http/netgear_r7000_backup_cgi_heap_overflow_rce.rb on lines 222..228
modules/auxiliary/admin/http/netgear_r7000_backup_cgi_heap_overflow_rce.rb on lines 294..300

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 47.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Similar blocks of code found in 6 locations. Consider refactoring.
Open

  def get_target(agent)
    #If the user is already specified by the user, we'll just use that
    return target if target.name != 'Automatic'

    if agent =~ /NT 5\.1/ and agent =~ /MSIE 6/
Severity: Major
Found in modules/exploits/windows/browser/ultramjcam_openfiledig_bof.rb and 5 other locations - About 1 hr to fix
modules/exploits/windows/browser/adobe_flash_rtmp.rb on lines 107..119
modules/exploits/windows/browser/clear_quest_cqole.rb on lines 66..78
modules/exploits/windows/browser/dell_webcam_crazytalk.rb on lines 55..67
modules/exploits/windows/browser/ibm_tivoli_pme_activex_bof.rb on lines 107..119
modules/exploits/windows/browser/ntr_activex_stopmodule.rb on lines 106..117

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 47.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Similar blocks of code found in 6 locations. Consider refactoring.
Open

  def get_target(agent)
    #If the user is already specified by the user, we'll just use that
    return target if target.name != 'Automatic'
    if agent =~ /NT 5\.1/ and agent =~ /MSIE 6/
      return targets[1] #IE 6 on Windows XP SP3
Severity: Major
Found in modules/exploits/windows/browser/ntr_activex_stopmodule.rb and 5 other locations - About 1 hr to fix
modules/exploits/windows/browser/adobe_flash_rtmp.rb on lines 107..119
modules/exploits/windows/browser/clear_quest_cqole.rb on lines 66..78
modules/exploits/windows/browser/dell_webcam_crazytalk.rb on lines 55..67
modules/exploits/windows/browser/ibm_tivoli_pme_activex_bof.rb on lines 107..119
modules/exploits/windows/browser/ultramjcam_openfiledig_bof.rb on lines 57..69

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 47.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Similar blocks of code found in 6 locations. Consider refactoring.
Open

    res = send_request_cgi({
      'method' => "#{Rex::Text.rand_text_alpha(58698)}POST",
      'uri' => normalize_uri('cgi-bin', "genie.cgi?backup.cgi\nContent-Length: 4156559"), # Note that we need this format for Content-Length otherwise the exploitation will fail, most likely due to a bad heap layout.
      'ctype' => "multipart/form-data; boundary=#{post_data.bound}",
      'agent' => nil, # Disable sending the User-Agent header
Severity: Major
Found in modules/auxiliary/admin/http/netgear_r7000_backup_cgi_heap_overflow_rce.rb and 5 other locations - About 1 hr to fix
modules/auxiliary/admin/http/netgear_r7000_backup_cgi_heap_overflow_rce.rb on lines 151..157
modules/auxiliary/admin/http/netgear_r7000_backup_cgi_heap_overflow_rce.rb on lines 168..174
modules/auxiliary/admin/http/netgear_r7000_backup_cgi_heap_overflow_rce.rb on lines 186..192
modules/auxiliary/admin/http/netgear_r7000_backup_cgi_heap_overflow_rce.rb on lines 276..282
modules/auxiliary/admin/http/netgear_r7000_backup_cgi_heap_overflow_rce.rb on lines 294..300

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 47.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Similar blocks of code found in 6 locations. Consider refactoring.
Open

  def get_target(agent)
    #If the user is already specified by the user, we'll just use that
    return target if target.name != 'Automatic'

    if agent =~ /NT 5\.1/ and agent =~ /MSIE 6/
Severity: Major
Found in modules/exploits/windows/browser/clear_quest_cqole.rb and 5 other locations - About 1 hr to fix
modules/exploits/windows/browser/adobe_flash_rtmp.rb on lines 107..119
modules/exploits/windows/browser/dell_webcam_crazytalk.rb on lines 55..67
modules/exploits/windows/browser/ibm_tivoli_pme_activex_bof.rb on lines 107..119
modules/exploits/windows/browser/ntr_activex_stopmodule.rb on lines 106..117
modules/exploits/windows/browser/ultramjcam_openfiledig_bof.rb on lines 57..69

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 47.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Similar blocks of code found in 6 locations. Consider refactoring.
Open

  def get_target(agent)
    #If the user is already specified by the user, we'll just use that
    return target if target.name != 'Automatic'

    if agent =~ /NT 5\.1/ and agent =~ /MSIE 6/
Severity: Major
Found in modules/exploits/windows/browser/adobe_flash_rtmp.rb and 5 other locations - About 1 hr to fix
modules/exploits/windows/browser/clear_quest_cqole.rb on lines 66..78
modules/exploits/windows/browser/dell_webcam_crazytalk.rb on lines 55..67
modules/exploits/windows/browser/ibm_tivoli_pme_activex_bof.rb on lines 107..119
modules/exploits/windows/browser/ntr_activex_stopmodule.rb on lines 106..117
modules/exploits/windows/browser/ultramjcam_openfiledig_bof.rb on lines 57..69

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 47.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Similar blocks of code found in 6 locations. Consider refactoring.
Open

    res = send_request_cgi({
      'method' => "#{Rex::Text.rand_text_alpha(58706)}POST",
      'uri' => normalize_uri('cgi-bin', "genie.cgi?backup.cgi\nContent-Length: 4156559"), # Note that we need this format for Content-Length otherwise the exploitation will fail :/
      'ctype' => "multipart/form-data; boundary=#{post_data.bound}",
      'agent' => nil, # Disable sending the User-Agent header
Severity: Major
Found in modules/auxiliary/admin/http/netgear_r7000_backup_cgi_heap_overflow_rce.rb and 5 other locations - About 1 hr to fix
modules/auxiliary/admin/http/netgear_r7000_backup_cgi_heap_overflow_rce.rb on lines 151..157
modules/auxiliary/admin/http/netgear_r7000_backup_cgi_heap_overflow_rce.rb on lines 186..192
modules/auxiliary/admin/http/netgear_r7000_backup_cgi_heap_overflow_rce.rb on lines 222..228
modules/auxiliary/admin/http/netgear_r7000_backup_cgi_heap_overflow_rce.rb on lines 276..282
modules/auxiliary/admin/http/netgear_r7000_backup_cgi_heap_overflow_rce.rb on lines 294..300

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 47.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Similar blocks of code found in 6 locations. Consider refactoring.
Open

    res = send_request_cgi({
      'method' => "#{Rex::Text.rand_text_alpha(58667)}POST",
      'uri' => normalize_uri('cgi-bin', "genie.cgi?backup.cgi\nContent-Length: 4156559"), # Note that we need this format for Content-Length otherwise the exploitation will fail :/
      'ctype' => "multipart/form-data; boundary=#{post_data.bound}",
      'agent' => nil, # Disable sending the User-Agent header
Severity: Major
Found in modules/auxiliary/admin/http/netgear_r7000_backup_cgi_heap_overflow_rce.rb and 5 other locations - About 1 hr to fix
modules/auxiliary/admin/http/netgear_r7000_backup_cgi_heap_overflow_rce.rb on lines 151..157
modules/auxiliary/admin/http/netgear_r7000_backup_cgi_heap_overflow_rce.rb on lines 168..174
modules/auxiliary/admin/http/netgear_r7000_backup_cgi_heap_overflow_rce.rb on lines 222..228
modules/auxiliary/admin/http/netgear_r7000_backup_cgi_heap_overflow_rce.rb on lines 276..282
modules/auxiliary/admin/http/netgear_r7000_backup_cgi_heap_overflow_rce.rb on lines 294..300

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 47.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Similar blocks of code found in 6 locations. Consider refactoring.
Open

  def get_target(agent)
    #If the user is already specified by the user, we'll just use that
    return target if target.name != 'Automatic'

    if agent =~ /NT 5\.1/ and agent =~ /MSIE 6/
Severity: Major
Found in modules/exploits/windows/browser/dell_webcam_crazytalk.rb and 5 other locations - About 1 hr to fix
modules/exploits/windows/browser/adobe_flash_rtmp.rb on lines 107..119
modules/exploits/windows/browser/clear_quest_cqole.rb on lines 66..78
modules/exploits/windows/browser/ibm_tivoli_pme_activex_bof.rb on lines 107..119
modules/exploits/windows/browser/ntr_activex_stopmodule.rb on lines 106..117
modules/exploits/windows/browser/ultramjcam_openfiledig_bof.rb on lines 57..69

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 47.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Similar blocks of code found in 6 locations. Consider refactoring.
Open

  def get_target(agent)
    #If the user is already specified by the user, we'll just use that
    return target if target.name != 'Automatic'

    if agent =~ /NT 5\.1/ and agent =~ /MSIE 6/
Severity: Major
Found in modules/exploits/windows/browser/ibm_tivoli_pme_activex_bof.rb and 5 other locations - About 1 hr to fix
modules/exploits/windows/browser/adobe_flash_rtmp.rb on lines 107..119
modules/exploits/windows/browser/clear_quest_cqole.rb on lines 66..78
modules/exploits/windows/browser/dell_webcam_crazytalk.rb on lines 55..67
modules/exploits/windows/browser/ntr_activex_stopmodule.rb on lines 106..117
modules/exploits/windows/browser/ultramjcam_openfiledig_bof.rb on lines 57..69

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 47.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Similar blocks of code found in 5 locations. Consider refactoring.
Open

  def delete_payload(opts)
    raise ArgumentError.new("The following options are required: :ids") if opts[:ids].nil?

    ::ApplicationRecord.connection_pool.with_connection do
      deleted = []
Severity: Major
Found in lib/msf/core/db_manager/payload.rb and 4 other locations - About 1 hr to fix
lib/msf/core/db_manager/loot.rb on lines 131..146
lib/msf/core/db_manager/note.rb on lines 223..238
lib/msf/core/db_manager/user.rb on lines 90..105
lib/msf/core/db_manager/vuln.rb on lines 289..304

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 47.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Severity
Category
Status
Source
Language