Sign upLogin

rapid7/metasploit-framework

View on GitHub
Star

Showing 22,177 of 22,177 total issues

Method build_csr has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def build_csr(cn:, private_key:, dns: nil, msext_sid: nil, msext_upn: nil, algorithm: 'SHA256')
    request = OpenSSL::X509::Request.new
    request.version = 1
    request.subject = OpenSSL::X509::Name.new([
      ['CN', cn, OpenSSL::ASN1::UTF8STRING]
Severity: Minor
Found in lib/msf/core/exploit/remote/ms_icpr.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method write_ndmp_frag has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def write_ndmp_frag(buf, all_but_last_char, times, flags)
    buf = ([buf.length | 0x80000000].pack('N') + buf) * times

    return false unless raw_sendall(all_but_last_char ? buf[0...-1] : buf, flags)
Severity: Minor
Found in lib/msf/core/exploit/remote/ndmp_socket.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method connect_ws has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def connect_ws(opts={}, timeout = 20)
    ws_key = Rex::Text.rand_text_alphanumeric(20)
    opts['headers'] = opts.fetch('headers', {}).merge({
      'Connection' => 'Upgrade',
      'Upgrade' => 'WebSocket',
Severity: Minor
Found in lib/msf/core/exploit/remote/http_client.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method progresolv has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def progresolv(number)
    names = File.join(Msf::Config.data_directory, "wordlists", "rpc_names.txt")
    File.open(names, "rb").each_line do |line|
      next if line.empty? || line =~ /^\s*#/
Severity: Minor
Found in lib/msf/core/exploit/remote/sunrpc.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method services has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def services(opts)
    opts = opts.clone()
    search_term = opts.delete(:search_term)

    order_args = [:port]
Severity: Minor
Found in lib/msf/core/db_manager/service.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method report_host_details has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def report_host_details(host, details)
  ::ApplicationRecord.connection_pool.with_connection {

    detail = ::Mdm::HostDetail.where(( details.delete(:key) || {} ).merge(:host_id => host.id)).first
    if detail
Severity: Minor
Found in lib/msf/core/db_manager/host_detail.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method update_workspace has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def update_workspace(opts)
    raise ArgumentError.new("The following options are required: :id") if opts[:id].nil?
    opts = opts.clone() # protect the original caller's opts
    opts.delete(:workspace)
Severity: Minor
Found in lib/msf/core/db_manager/workspace.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method request_certificate has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def request_certificate(opts = {})
    tree = opts[:tree] || connect_ipc

    begin
      icpr = connect_icpr(tree)
Severity: Minor
Found in lib/msf/core/exploit/remote/ms_icpr.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method dcerpc_getarch has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def dcerpc_getarch
    ret = nil

    connect_timeout = (datastore['ConnectTimeout'] || 10).to_i
    read_timeout    = (datastore['DCERPC::ReadTimeout'] || 10).to_i
Severity: Minor
Found in lib/msf/core/exploit/remote/dcerpc.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method update_loot has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def update_loot(opts)
    ::ApplicationRecord.connection_pool.with_connection {
      wspace = Msf::Util::DBManager.process_opts_workspace(opts, framework, false)
      # Prevent changing the data field to ensure the file contents remain the same as what was originally looted.
      raise ArgumentError, "Updating the data attribute is not permitted." if opts[:data]
Severity: Minor
Found in lib/msf/core/db_manager/loot.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method read_ndmp_frags has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def read_ndmp_frags
    result = ''

    loop do
      buf = raw_recvall(4)
Severity: Minor
Found in lib/msf/core/exploit/remote/ndmp_socket.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method report_vuln_details has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def report_vuln_details(vuln, details)
  ::ApplicationRecord.connection_pool.with_connection {
    detail = ::Mdm::VulnDetail.where(( details.delete(:key) || {} ).merge(:vuln_id => vuln.id)).first
    if detail
      details.each_pair do |k,v|
Severity: Minor
Found in lib/msf/core/db_manager/vuln_detail.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method connect has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def connect(global = true, opts={})

    dossl = false
    if(opts.has_key?('SSL'))
      dossl = opts['SSL']
Severity: Minor
Found in lib/msf/core/exploit/remote/tcp.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method start_payload_listeners has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

    def start_payload_listeners
      # Spawn nothing if the user doesn't want to pop sessions.
      return if datastore['MaxSessionCount'] == 0

      # Don't repeat launching payload handlers
Severity: Minor
Found in lib/msf/core/exploit/remote/browser_autopwn2.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method deploy_package has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def deploy_package(bsh_script, package)
    success = false

    print_status("Attempting to use '#{package}' as package")
    res = invoke_bsh_script(bsh_script, package)
Severity: Minor
Found in lib/msf/core/exploit/remote/http/jboss/bean_shell.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method gitea_create_repo has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def gitea_create_repo(name, timeout = 20)
    res = send_request_cgi({
      'uri' => gitea_url_repo_create,
      'keep_cookies' => true
    }, timeout)
Severity: Minor
Found in lib/msf/core/exploit/remote/http/gitea/repository.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method request_opts_from_url has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def request_opts_from_url(url)
    # verify and extract components from the URL
    begin
      tgt = URI.parse(url)
      raise 'Invalid URL' unless tgt.scheme =~ %r{https?}
Severity: Minor
Found in lib/msf/core/exploit/remote/http_client.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method sign_license_agreement has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def sign_license_agreement(cookies, nsp)
    if cookies.blank?
      return [2, 'Cannot sign the license agreement. The provided cookies are empty or nil.']
    end
Severity: Minor
Found in lib/msf/core/exploit/remote/http/nagios_xi/install.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method gitea_migrate_repo has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def gitea_migrate_repo(name, uid, url, token, timeout = 20)
    res = send_request_cgi({
      'uri' => gitea_url_repo_migrate,
      'keep_cookies' => true
    }, timeout)
Severity: Minor
Found in lib/msf/core/exploit/remote/http/gitea/repository.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method splunk_login has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def splunk_login(username, password, timeout = 20)
    # gets cval cookies
    cookie = splunk_helper_extract_token(timeout)
    if cookie.nil?
      vprint_error('Unable to extract login tokens')
Severity: Minor
Found in lib/msf/core/exploit/remote/http/splunk/login.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Severity
Category
Status
Source
Language