Showing 7,361 of 22,177 total issues
Similar blocks of code found in 2 locations. Consider refactoring. Open
connect_udp
user = rand_text_english(2, payload_badchars)
port = rand(65535).to_s
filler = rand_text_english(792, payload_badchars)
- Read upRead up
Duplicated Code
Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:
Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.
When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).
Tuning
This issue has a mass of 110.
We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.
The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.
If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.
See codeclimate-duplication
's documentation for more information about tuning the mass threshold in your .codeclimate.yml
.
Refactorings
- Extract Method
- Extract Class
- Form Template Method
- Introduce Null Object
- Pull Up Method
- Pull Up Field
- Substitute Algorithm
Further Reading
- Don't Repeat Yourself on the C2 Wiki
- Duplicated Code on SourceMaking
- Refactoring: Improving the Design of Existing Code by Martin Fowler. Duplicated Code, p76
Method on_request_uri
has 77 lines of code (exceeds 25 allowed). Consider refactoring. Open
def on_request_uri(cli, request)
print_status("Request '#{request.method} #{request.uri}'")
selected_headers = [ 'user-agent', 'origin', 'referer' ]
request.headers.each_key { |k|
next if not selected_headers.include? k.downcase
Method exec
has 77 lines of code (exceeds 25 allowed). Consider refactoring. Open
def exec(ip,fields)
data = '<?xml version="1.0" encoding="utf-8" ?>'
data << '<env:Envelope xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:env="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">'
data << '<env:Body>'
data << '<n1:RFC_READ_TABLE xmlns:n1="urn:sap-com:document:sap:rfc:functions" env:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">'
Method initialize
has 77 lines of code (exceeds 25 allowed). Consider refactoring. Open
def initialize(info = {})
super(merge_info(info,
'Name' => 'Bind TCP Stager',
'Description' => 'Listen for a connection',
'Author' => 'nemo <nemo[at]felinemenace.org>',
Method exploit
has 77 lines of code (exceeds 25 allowed). Consider refactoring. Open
def exploit
# Get file system path
print_status("Retrieving file system path...")
res = send_request_raw({ 'uri' => normalize_uri(target_uri.path, 'includes/vars.php') })
Method initialize
has 77 lines of code (exceeds 25 allowed). Consider refactoring. Open
def initialize(info = {})
super(
update_info(
info,
'Name' => 'Cacti Import Packages RCE',
Method initialize
has 77 lines of code (exceeds 25 allowed). Consider refactoring. Open
def initialize(info = {})
super(
update_info(
info,
'Name' => 'JetBrains TeamCity Unauthenticated Remote Code Execution',
Method exploit
has 77 lines of code (exceeds 25 allowed). Consider refactoring. Open
def exploit
@packet_header_pre_packet_size= [
0x2e, 0x4e, 0x45, 0x54, 0x01, 0x00, 0x00, 0x00,
0x00, 0x00
]
Method initialize
has 77 lines of code (exceeds 25 allowed). Consider refactoring. Open
def initialize(info = {})
super(
update_info(
info,
'Name' => 'NetMotion Mobility Server MvcUtil Java Deserialization',
Method initialize
has 77 lines of code (exceeds 25 allowed). Consider refactoring. Open
def initialize(info = {})
super(
update_info(
info,
'Name' => 'ManageEngine Endpoint Central Unauthenticated SAML RCE',
Method initialize
has 77 lines of code (exceeds 25 allowed). Consider refactoring. Open
def initialize(info={})
super(update_info(info,
'Name' => "Tom Sawyer Software GET Extension Factory Remote Code Execution",
'Description' => %q{
This module exploits a remote code execution vulnerability in the tsgetx71ex553.dll
Method on_request_uri
has 77 lines of code (exceeds 25 allowed). Consider refactoring. Open
def on_request_uri(cli, request)
mytarget = auto_target(cli, request)
var_title = rand_text_alpha(rand(100) + 1)
func_main = rand_text_alpha(rand(100) + 1)
randnop = rand_text_alpha(rand(100) + 1)
Method initialize
has 77 lines of code (exceeds 25 allowed). Consider refactoring. Open
def initialize(info = {})
super(update_info(info,
'Name' => 'MS10-004 Microsoft PowerPoint Viewer TextBytesAtom Stack Buffer Overflow',
'Description' => %q{
This module exploits a stack buffer overflow vulnerability in the handling of
Method initialize
has 77 lines of code (exceeds 25 allowed). Consider refactoring. Open
def initialize(info = {})
super(
update_info(
info,
'Name' => 'glibc LD_AUDIT Arbitrary DSO Load Privilege Escalation',
Method initialize
has 77 lines of code (exceeds 25 allowed). Consider refactoring. Open
def initialize(info = {})
super(
update_info(
info,
'Name' => 'Cisco Small Business RV Series Authentication Bypass and Command Injection',
Method exploit
has 77 lines of code (exceeds 25 allowed). Consider refactoring. Open
def exploit
# Prefer CBHOST, but use LHOST, or autodetect the IP otherwise
cbhost = datastore['CBHOST'] || datastore['LHOST'] || Rex::Socket.source_address(datastore['RHOST'])
Method initialize
has 77 lines of code (exceeds 25 allowed). Consider refactoring. Open
def initialize(info = {})
super(
update_info(
info,
'Name' => 'Webmin Package Updates RCE',
Method handle_control
has 77 lines of code (exceeds 25 allowed). Consider refactoring. Open
def handle_control(pkt)
src_call, dst_call, tstamp, out_seq, inp_seq, itype = pkt.unpack('nnNCCC')
# Scrub the high bits out of the call IDs
src_call ^= 0x8000 if (src_call & 0x8000 != 0)
Method cmd_timestomp
has 77 lines of code (exceeds 25 allowed). Consider refactoring. Open
def cmd_timestomp(*args)
paths = []
modified = nil
accessed = nil
Method report_auth_info
has 77 lines of code (exceeds 25 allowed). Consider refactoring. Open
def report_auth_info(opts={})
print_warning("*** #{self.fullname} is still calling the deprecated report_auth_info method! This needs to be updated!")
print_warning('*** For detailed information about LoginScanners and the Credentials objects see:')
print_warning(' https://docs.metasploit.com/docs/development/developing-modules/guides/scanners/creating-metasploit-framework-loginscanners.html')
print_warning(' https://docs.metasploit.com/docs/development/developing-modules/guides/scanners/how-to-write-a-http-loginscanner-module.html')