Sign upLogin

rapid7/metasploit-framework

View on GitHub
Star

Showing 22,177 of 22,177 total issues

Method moodle_and_online? has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def moodle_and_online?
    unless datastore['MOODLECHECK']
      vprint_status 'Skipping Moodle check...'
      return true
    end
Severity: Minor
Found in lib/msf/core/exploit/remote/http/moodle/base.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method adaudit_plus_grab_domain_aliases has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def adaudit_plus_grab_domain_aliases(res_body)
    doc = ::Nokogiri::HTML(res_body)
    css_dom_name = doc.css('select#domainName')&.first
    domain_aliases = []
Severity: Minor
Found in lib/msf/core/exploit/remote/http/manage_engine_adaudit_plus/target_info.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method wordpress_version has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def wordpress_version
    # detect version from generator
    version = wordpress_version_helper(normalize_uri(target_uri.path), /<meta name="generator" content="WordPress #{WORDPRESS_VERSION_PATTERN}" \/>/i)
    return version if version
Severity: Minor
Found in lib/msf/core/exploit/remote/http/wordpress/version.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method joomla_and_online? has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def joomla_and_online?
    # Possible paths that we might see the generator tag.
    paths = [ '/', '/administrator/' ]

    paths.each do |path|
Severity: Minor
Found in lib/msf/core/exploit/remote/http/joomla/base.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method validate_configuration! has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def validate_configuration!
    fail_with(Msf::Module::Failure::BadConfig, 'Missing option: RHOSTS') if rhost.blank?
    fail_with(Msf::Module::Failure::BadConfig, 'Missing option: RPORT') if rport.blank?
    fail_with(Msf::Module::Failure::BadConfig, 'Invalid option: RPORT') unless rport.to_i > 0 && rport.to_i < 65536
    fail_with(Msf::Module::Failure::BadConfig, 'Missing option: TOKEN') if api_token.blank?
Severity: Minor
Found in lib/msf/core/exploit/remote/http/kubernetes.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method drupal_changelog has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def drupal_changelog(version)
    return unless version && Rex::Version.correct?(version)

    uri = Rex::Version.new(version) < Rex::Version.new('8') ?
          normalize_uri(target_uri.path, 'CHANGELOG.txt') :
Severity: Minor
Found in lib/msf/core/exploit/remote/http/drupal.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method cleanup_service has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def cleanup_service
    if service
      begin
        if self.service.kind_of?(Rex::Service)
          temp_service = self.service
Severity: Minor
Found in lib/msf/core/exploit/remote/socket_server.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method report_user_agent has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def report_user_agent(address, request, client_opts={})
    fp = fingerprint_user_agent(request["User-Agent"])
    host = {
      :address   => address,
      :host      => address,
Severity: Minor
Found in lib/msf/core/exploit/remote/http_server.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method rdp_build_pkt has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def rdp_build_pkt(data, channel_id = "\x03\xeb", client_info: false, license_info: false)
    flags = 0
    flags |= 0x08 if @rdp_sec     # Set SEC_ENCRYPT
    flags |= 0x40 if client_info  # Set SEC_INFO_PKT
    flags |= 0x80 if license_info # Set SEC_LICENSE_PKT
Severity: Minor
Found in lib/msf/core/exploit/remote/rdp.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method postgres_upload_binary_data has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def postgres_upload_binary_data(data, remote_fname=nil)
    remote_fname ||= Rex::Text::rand_text_alpha(8) + ".dll"

    # From the Postgres documentation:
    #   SELECT lo_creat(-1);       -- returns OID of new, empty large object
Severity: Minor
Found in lib/msf/core/exploit/remote/postgres.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method validate_query_result! has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

    def validate_query_result!(query_result, filter=nil)
      if query_result.class != Hash
        raise ArgumentError, 'Parameter to "validate_query_result!" function was not a Hash!'
      end
Severity: Minor
Found in lib/msf/core/exploit/remote/ldap.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method rdp_handle_packet has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def rdp_handle_packet(pkt)
    if pkt && pkt[0] == "\x03"
      if pkt[4..6] == "\x02\xf0\x80"
        if pkt[7] == "\x68"
          chan_user_id = pkt[8..9].unpack('S>')[0]
Severity: Minor
Found in lib/msf/core/exploit/remote/rdp.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method adaudit_plus_grab_build has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def adaudit_plus_grab_build(adapcsrf_cookie)
    vprint_status('Attempting to obtain the ADAudit Plus build number')

    res = send_request_cgi({
      'uri' => adaudit_plus_license_details_uri,
Severity: Minor
Found in lib/msf/core/exploit/remote/http/manage_engine_adaudit_plus/target_info.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method send_request has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

        def send_request(message)
          resp = nil
          @max_backend_attempts.times do
            resp = @ssrf_proc.call('POST', @endpoint.path, { ctype: 'application/soap+xml;charset=UTF-8', data: message })
Severity: Minor
Found in lib/msf/core/exploit/remote/http/exchange/proxy_maybe_shell.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method java_class_loader_on_request_uri has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def java_class_loader_on_request_uri(cli, request)
    vprint_status("#{request.method} #{request.uri} requested")

    unless %w[HEAD GET].include?(request.method)
      vprint_error("Ignoring #{request.method} request")
Severity: Minor
Found in lib/msf/core/exploit/remote/java/http/class_loader.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method wdbrpc_client_memread has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def wdbrpc_client_memread(offset, length, params=0)
    pkt = wdbrpc_request_memread(offset, length, params)
    cnt = 0
    res = nil
Severity: Minor
Found in lib/msf/core/exploit/remote/wdbrpc_client.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method parse_gss_init_response has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

  def parse_gss_init_response(token, session_key)
    mech_id, encapsulated_token = unwrap_pseudo_asn1(token)

    if mech_id.value == Rex::Proto::Gss::OID_KERBEROS_5.value
      tok_id = encapsulated_token[0,2]
Severity: Minor
Found in lib/msf/core/exploit/remote/kerberos/service_authenticator/base.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method send_request_tgt_pkinit has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

          def send_request_tgt_pkinit(options = {})
            pfx = options[:pfx]
            request_pac = options.fetch(:request_pac, true)
            realm = options[:realm]
            server_name = options[:server_name] || "krbtgt/#{realm}"
Severity: Minor
Found in lib/msf/core/exploit/remote/kerberos/client.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method send_new_client has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

                def send_new_client(opts = {})
                  send_call(
                    sock: opts[:sock] || sock,
                    call: build_jmx_new_client(opts)
                  )
Severity: Minor
Found in lib/msf/core/exploit/remote/java/rmi/client/jmx/server.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method process_browser_info has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Open

    def process_browser_info(source, cli, request)
      tag = retrieve_tag(cli, request)

      browser_profile[tag] ||= {}
      profile = browser_profile[tag]
Severity: Minor
Found in lib/msf/core/exploit/remote/browser_exploit_server.rb - About 35 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Severity
Category
Status
Source
Language