Sign upLogin

rapid7/metasploit-framework

View on GitHub
Star

Showing 21,757 of 21,757 total issues

Method build_noscript_html has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def build_noscript_html(cli, request)
    client_info = get_client(:host => cli.peerhost, :ua_string => request['User-Agent'])
    body = ""

    sploit_cnt = 0
Severity: Minor
Found in modules/auxiliary/server/browser_autopwn.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method on_client_command_list has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def on_client_command_list(c,arg)

    if(not @state[c][:auth])
      c.put "500 Access denied\r\n"
      return
Severity: Minor
Found in modules/auxiliary/server/ftp.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method on_request_uri has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def on_request_uri(cli, request)
    vprint_status("Request '#{request.uri}'")

    case request.method
    when 'OPTIONS'
Severity: Minor
Found in modules/auxiliary/server/capture/http_ntlm.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method on_client_data has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def on_client_data(c)
    info = {:errors => [], :ip => @state[c][:ip]}
    data = c.get_once
    return if not data
Severity: Minor
Found in modules/auxiliary/server/capture/mssql.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method mssql_parse_login has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def mssql_parse_login(data, info)
    status = data.slice!(0,1).unpack('C')[0]
    len = data.slice!(0,2).unpack('n')[0]

    if len > data.length + 4
Severity: Minor
Found in modules/auxiliary/server/capture/mssql.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method on_request_uri has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def on_request_uri(cli, request)
    print_status("Handling '#{request.uri}'")

    case request.uri
    when self.get_resource
Severity: Minor
Found in modules/auxiliary/server/browser_autopwn.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method metadata_pjl has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def metadata_pjl(c)
    # extract PJL Metadata

    @state[c][:prn_metadata] = @state[c][:data].scan(/^@PJL\s(JOB=|SET\s|COMMENT\s)(.*)$/i)
    print_good("Extracting PJL Metadata")
Severity: Minor
Found in modules/auxiliary/server/capture/printjob_capture.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method enumerate_slab_ids has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def enumerate_slab_ids
    sock.send("stats slabs\r\n", 0)
    slab_ids = []
    loop do
      data = sock.recv(4096)
Severity: Minor
Found in modules/auxiliary/gather/memcached_extractor.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method check has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def check
    authenticated = authenticate
    return Exploit::CheckCode::Safe('Unable to authenticate to SuiteCRM') unless authenticated

    res = send_request_cgi(
Severity: Minor
Found in modules/auxiliary/gather/suite_crm_export_sqli.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method authenticate has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def authenticate
    login_url = normalize_uri(target_uri.path, 'en-US', 'account', 'login')

    res = send_request_cgi({
      'method' => 'GET',
Severity: Minor
Found in modules/auxiliary/gather/splunk_raw_server_info.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method run has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def run
    vprint_status('Getting Variables')
    res = send_request_cgi({
      'uri' => normalize_uri(target_uri.path, 'default.aspx'),
      'method' => 'GET'
Severity: Minor
Found in modules/auxiliary/gather/billquick_txtid_sqli.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method execute_request has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def execute_request
    payload = '/../../../..//////////dev/cmdb/sslvpn_websession'

    uri = normalize_uri(target_uri.path, 'fgt_lang')
    begin
Severity: Minor
Found in modules/auxiliary/gather/fortios_vpnssl_traversal_creds_leak.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method login has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def login(response)
    return false unless response

    login_uri = target_uri.path.end_with?('index.php') ? normalize_uri(target_uri.path) : normalize_uri(target_uri.path, '/index.php')
    cookies = response.get_cookies
Severity: Minor
Found in modules/auxiliary/gather/dolibarr_creds_sqli.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method get_data_by_option has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def get_data_by_option(cookie, option)
    res = send_request_cgi({
      'uri' => normalize_uri(target_uri.path, 'cgi-bin', 'MANGA', 'data.cgi'),
      'method' => 'GET',
      'cookie' => "bauth=#{cookie}",
Severity: Minor
Found in modules/auxiliary/gather/peplink_bauth_sqli.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method get_service_account has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def get_service_account(service_name)
    return nil unless @svcctl

    vprint_status("Getting #{service_name} service account")
    svc_handle = @svcctl.open_service_w(@scm_handle, service_name)
Severity: Minor
Found in modules/auxiliary/gather/windows_secrets_dump.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method start_http has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def start_http(opts={})
    # Ensture all dependencies are present before initializing HTTP
    use_zlib

    comm = datastore['ListenerComm']
Severity: Minor
Found in modules/auxiliary/gather/safari_file_url_navigation.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method output_testing_details has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def output_testing_details(r)
    return unless r.status == "IN_PROGRESS"

    if r.endpoints.length == 1
      print_status "#{r.host} (#{r.endpoints[0].ip_address}) - Progress #{[r.endpoints[0].progress, 0].max}% (#{r.endpoints[0].status_details_message})"
Severity: Minor
Found in modules/auxiliary/gather/ssllabs_scan.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method get_certificate_details has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def get_certificate_details(cert_fingerprint)
    return if cert_fingerprint.nil?

    begin
      response = @cli.request_cgi(
Severity: Minor
Found in modules/auxiliary/gather/censys_search.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method run_host has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def run_host(rhost)
    begin
      url = normalize_uri(datastore['TARGETURI'], 'cgi-bin', 'read.cgi')
      vprint_status("Attempting to load data from #{url}?page=2")
      res = send_request_cgi({
Severity: Minor
Found in modules/auxiliary/gather/c2s_dvr_password_disclosure.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method check has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def check
    res = send_request_cgi({
      'method' => 'GET',
      'uri' => normalize_uri(target_uri.path, '/assets/app/something/services/', class_file, '/')
    })
Severity: Minor
Found in modules/auxiliary/gather/cve_2021_27850_apache_tapestry_hmac_key.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Severity
Category
Status
Source
Language