Showing 22,004 of 22,004 total issues
Method exec_php
has 106 lines of code (exceeds 25 allowed). Consider refactoring. Open
def exec_php(php_code, is_check = false)
# remove comments, line breaks and spaces of php_code
payload_clean = php_code.gsub(/(\s+)|(#.*)/, '')
Method set_win32k_offsets
has 106 lines of code (exceeds 25 allowed). Consider refactoring. Open
def set_win32k_offsets
@set_win32k_offsets ||= proc do |version|
case version
when '6.3.9600.17393'
{
Method on_request_uri
has 106 lines of code (exceeds 25 allowed). Consider refactoring. Open
def on_request_uri(cli, request)
agent = request.headers['User-Agent']
my_target = get_target(agent)
Method enum_vm_cust_spec
has 106 lines of code (exceeds 25 allowed). Consider refactoring. Open
def enum_vm_cust_spec
vpx_customization_specs = get_vpx_customization_spec(shell_vcdb_pass, vcdb_user, vcdb_name)
if vpx_customization_specs.nil?
print_warning('No vpx_customization_spec entries evident')
Method cmd_set
has 106 lines of code (exceeds 25 allowed). Consider refactoring. Open
def cmd_set(*args)
# Figure out if these are global variables
global = false
append = false
clear = false
Method cmd_vulns
has 106 lines of code (exceeds 25 allowed). Consider refactoring. Open
def cmd_vulns(*args)
return unless active?
default_columns = ['Timestamp', 'Host', 'Name', 'References']
host_ranges = []
File enum_ie.rb
has 343 lines of code (exceeds 250 allowed). Consider refactoring. Open
class MetasploitModule < Msf::Post
include Msf::Post::File
include Msf::Post::Windows::Registry
def initialize(info = {})
Identical blocks of code found in 2 locations. Consider refactoring. Open
if(datastore['JOHNPWFILE'] and user)
case ntlm_ver
when NTLM_CONST::NTLM_V1_RESPONSE, NTLM_CONST::NTLM_2_SESSION_RESPONSE
fd = File.open(datastore['JOHNPWFILE'] + '_netntlm', "ab")
- Read upRead up
Duplicated Code
Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:
Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.
When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).
Tuning
This issue has a mass of 144.
We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.
The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.
If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.
See codeclimate-duplication
's documentation for more information about tuning the mass threshold in your .codeclimate.yml
.
Refactorings
- Extract Method
- Extract Class
- Form Template Method
- Introduce Null Object
- Pull Up Method
- Pull Up Field
- Substitute Algorithm
Further Reading
- Don't Repeat Yourself on the C2 Wiki
- Duplicated Code on SourceMaking
- Refactoring: Improving the Design of Existing Code by Martin Fowler. Duplicated Code, p76
Identical blocks of code found in 2 locations. Consider refactoring. Open
if(datastore['JOHNPWFILE'] and user)
case ntlm_ver
when NTLM_CONST::NTLM_V1_RESPONSE, NTLM_CONST::NTLM_2_SESSION_RESPONSE
fd = File.open(datastore['JOHNPWFILE'] + '_netntlm', "ab")
fd.puts(
- Read upRead up
Duplicated Code
Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:
Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.
When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).
Tuning
This issue has a mass of 144.
We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.
The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.
If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.
See codeclimate-duplication
's documentation for more information about tuning the mass threshold in your .codeclimate.yml
.
Refactorings
- Extract Method
- Extract Class
- Form Template Method
- Introduce Null Object
- Pull Up Method
- Pull Up Field
- Substitute Algorithm
Further Reading
- Don't Repeat Yourself on the C2 Wiki
- Duplicated Code on SourceMaking
- Refactoring: Improving the Design of Existing Code by Martin Fowler. Duplicated Code, p76
File manageengine_auth_upload.rb
has 342 lines of code (exceeds 250 allowed). Consider refactoring. Open
class MetasploitModule < Msf::Exploit::Remote
Rank = ExcellentRanking
include Msf::Exploit::Remote::HttpClient
File php_unserialize_zval_cookie.rb
has 342 lines of code (exceeds 250 allowed). Consider refactoring. Open
class MetasploitModule < Msf::Exploit::Remote
Rank = AverageRanking
include Msf::Exploit::Remote::Tcp
include Msf::Exploit::Remote::HttpClient
Method getprocparam
has 105 lines of code (exceeds 25 allowed). Consider refactoring. Open
def getprocparam(rhost)
print_status("[SAP] Connecting to SAP Management Console SOAP Interface on #{rhost}:#{rport}")
success = false
soapenv = 'http://schemas.xmlsoap.org/soap/envelope/'
xsi = 'http://www.w3.org/2001/XMLSchema-instance'
Method initialize
has 105 lines of code (exceeds 25 allowed). Consider refactoring. Open
def initialize(info={})
super(update_info(info,
'Name' => "ManageEngine Desktop Central / Password Manager LinkViewFetchServlet.dat SQL Injection",
'Description' => %q{
This module exploits an unauthenticated blind SQL injection in LinkViewFetchServlet,
Method initialize
has 105 lines of code (exceeds 25 allowed). Consider refactoring. Open
def initialize(info = {})
super(
update_info(
info,
'Name' => 'Oracle WebLogic Server Administration Console Handle RCE',
Method initialize
has 105 lines of code (exceeds 25 allowed). Consider refactoring. Open
def initialize(info = {})
super(
update_info(
info,
'Name' => 'Citrix ADC (NetScaler) Forms SSO Target RCE',
Method on_request_uri
has 105 lines of code (exceeds 25 allowed). Consider refactoring. Open
def on_request_uri(cli, request)
if (request.uri.match(/payload/))
return if ((p = regenerate_payload(cli)) == nil)
data = generate_payload_exe({ :code => p.encoded })
Method process_propfind
has 105 lines of code (exceeds 25 allowed). Consider refactoring. Open
def process_propfind(cli, request)
path = request.uri
print_status("PROPFIND #{path}")
body = ''
Method process_propfind
has 105 lines of code (exceeds 25 allowed). Consider refactoring. Open
def process_propfind(cli, request)
path = request.uri
vprint_status("PROPFIND #{path}")
body = ''
Method process_propfind
has 105 lines of code (exceeds 25 allowed). Consider refactoring. Open
def process_propfind(cli, request)
path = request.uri
print_status("PROPFIND #{path}")
body = ''
Method exploit
has 105 lines of code (exceeds 25 allowed). Consider refactoring. Open
def exploit
downfile = datastore['DOWNFILE'] || rand_text_alpha(8+rand(8))
uri = '/apply.cgi'
user = datastore['HttpUsername']
pass = datastore['HttpPassword']