Showing 7,361 of 22,177 total issues
Method initialize
has 78 lines of code (exceeds 25 allowed). Consider refactoring. Open
def initialize(info = {})
super(
update_info(
info,
'Name' => 'PHP-FPM Underflow RCE',
Method do_priv_esc_and_check_windows
has 78 lines of code (exceeds 25 allowed). Consider refactoring. Open
def do_priv_esc_and_check_windows(session)
vprint_status('Looking for a directory with write permissions')
writable_dir = get_writable_dir('/', session[:cookie])
if writable_dir.nil?
print_bad('[do_priv_esc_and_check_windows] The user has no upload permissions, privilege escalation is not possible')
Method create_job
has 78 lines of code (exceeds 25 allowed). Consider refactoring. Open
def create_job(payload_base)
create_job = send_request_cgi({
'method' => 'POST',
'uri' => normalize_uri(target_uri.path),
'keep_cookies' => true,
Method initialize
has 78 lines of code (exceeds 25 allowed). Consider refactoring. Open
def initialize(info = {})
super(
update_info(
info,
'Name' => 'ATutor 2.2.4 - Directory Traversal / Remote Code Execution, ',
Method initialize
has 78 lines of code (exceeds 25 allowed). Consider refactoring. Open
def initialize(info={})
super(update_info(info,
'Name' => 'Adobe Flash Player Shader Buffer Overflow',
'Description' => %q{
This module exploits a buffer overflow vulnerability in Adobe Flash Player. The
Method create_alert_profile
has 78 lines of code (exceeds 25 allowed). Consider refactoring. Open
def create_alert_profile
if @exploit_method == 'cve_2021_42847'
print_status('Attempting to authenticate again in order to retrieve the required cookies.')
# We have to authenticate again in order to get the required cookie, so reset the cookie cache
cookie_jar.clear
Method initialize
has 78 lines of code (exceeds 25 allowed). Consider refactoring. Open
def initialize(info = {})
super(
update_info(
info,
'Name' => 'AjaxPro Deserialization Remote Code Execution',
Method to_exe_asp
has 78 lines of code (exceeds 25 allowed). Consider refactoring. Open
def to_exe_asp(exes = '')
var_func = Rex::Text.rand_text_alpha(rand(8)+8)
var_stream = Rex::Text.rand_text_alpha(rand(8)+8)
var_obj = Rex::Text.rand_text_alpha(rand(8)+8)
Method initialize
has 78 lines of code (exceeds 25 allowed). Consider refactoring. Open
def initialize(info = {})
super(
update_info(
info,
'Name' => 'Microsoft SharePoint Unsafe Control and ViewState RCE',
Method initialize
has 78 lines of code (exceeds 25 allowed). Consider refactoring. Open
def initialize(info = {})
super(
update_info(
info,
'Name' => 'Nagios XI Autodiscovery Webshell Upload',
Method initialize
has 78 lines of code (exceeds 25 allowed). Consider refactoring. Open
def initialize(info = {})
super(
update_info(
info,
'Name' => 'Pandora FMS Events Remote Command Execution',
Method initialize
has 78 lines of code (exceeds 25 allowed). Consider refactoring. Open
def initialize(info = {})
super(
update_info(
info,
'Name' => 'Ivanti Cloud Services Appliance (CSA) Command Injection',
Method exploit
has 78 lines of code (exceeds 25 allowed). Consider refactoring. Open
def exploit
downfile = datastore['DOWNFILE'] || rand_text_alpha(8+rand(8))
uri = '/pppoe.cgi'
user = datastore['HttpUsername']
pass = datastore['HttpPassword']
Method parse_new_config_file
has 78 lines of code (exceeds 25 allowed). Consider refactoring. Open
def parse_new_config_file(raw_xml)
db_table = Rex::Text::Table.new(
'Header' => 'DbVisualizer Databases',
'Indent' => 2,
'Columns' =>
Method run
has 78 lines of code (exceeds 25 allowed). Consider refactoring. Open
def run
downloadflag = datastore['DOWNLOAD']
cleanupflag = datastore['CLEANUP']
if is_system?
Method format_prompt
has 78 lines of code (exceeds 25 allowed). Consider refactoring. Open
def format_prompt(str)
return str unless framework
# find the active session
session = framework.sessions.values.find { |session| session.interacting }
Method cmd_db_stats
has 78 lines of code (exceeds 25 allowed). Consider refactoring. Open
def cmd_db_stats(*args)
return unless active?
print_line "Session Type: #{db_connection_info(framework)}"
current_workspace = framework.db.workspace
Method import_ip360_xml_v3
has 78 lines of code (exceeds 25 allowed). Consider refactoring. Open
def import_ip360_xml_v3(args={}, &block)
data = args[:data]
wspace = Msf::Util::DBManager.process_opts_workspace(args, framework).name
bl = validate_ips(args[:blacklist]) ? args[:blacklist].split : []
Identical blocks of code found in 2 locations. Consider refactoring. Open
def command_string
user = datastore['USER'] || 'metasploit'
pass = datastore['PASS'] || ''
cust = datastore['CUSTOM'] || ''
wmic = datastore['WMIC']
- Read upRead up
Duplicated Code
Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:
Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.
When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).
Tuning
This issue has a mass of 111.
We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.
The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.
If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.
See codeclimate-duplication
's documentation for more information about tuning the mass threshold in your .codeclimate.yml
.
Refactorings
- Extract Method
- Extract Class
- Form Template Method
- Introduce Null Object
- Pull Up Method
- Pull Up Field
- Substitute Algorithm
Further Reading
- Don't Repeat Yourself on the C2 Wiki
- Duplicated Code on SourceMaking
- Refactoring: Improving the Design of Existing Code by Martin Fowler. Duplicated Code, p76
Identical blocks of code found in 2 locations. Consider refactoring. Open
answer0.answer.each do |rr0|
print_status " Got an #{rr0.type} record: #{rr0.inspect}"
if rr0.type == 'NS'
print_status " Querying recon nameserver for address of #{rr0.nsdname}..."
answer1 = res0.send(rr0.nsdname) # get the ns's answer for the hostname
- Read upRead up
Duplicated Code
Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:
Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.
When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).
Tuning
This issue has a mass of 111.
We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.
The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.
If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.
See codeclimate-duplication
's documentation for more information about tuning the mass threshold in your .codeclimate.yml
.
Refactorings
- Extract Method
- Extract Class
- Form Template Method
- Introduce Null Object
- Pull Up Method
- Pull Up Field
- Substitute Algorithm
Further Reading
- Don't Repeat Yourself on the C2 Wiki
- Duplicated Code on SourceMaking
- Refactoring: Improving the Design of Existing Code by Martin Fowler. Duplicated Code, p76