Sign upLogin

rapid7/metasploit-framework

View on GitHub
Star

Showing 22,177 of 22,177 total issues

Similar blocks of code found in 2 locations. Consider refactoring.
Open

            {
              "back"       => "Move back from the current context",
              "advanced"   => "Displays advanced options for one or more modules",
              "info"       => "Displays information about one or more modules",
              "options"    => "Displays global options or for one or more modules",
Severity: Minor
Found in lib/msf/ui/console/command_dispatcher/modules.rb and 1 other location - About 30 mins to fix
lib/rex/post/hwbridge/ui/console/command_dispatcher/core.rb on lines 47..63

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 33.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Similar blocks of code found in 2 locations. Consider refactoring.
Open

  def initialize(info = {})
    super(update_info(info,
      'Name'           => 'Microsoft SRV.SYS WriteAndX Invalid DataOffset',
      'Description'    => %q{
          This module exploits a denial of service vulnerability in the
Severity: Minor
Found in modules/auxiliary/dos/windows/smb/ms09_001_write.rb and 1 other location - About 30 mins to fix
modules/auxiliary/dos/windows/smb/ms06_063_trans.rb on lines 10..30

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 33.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Similar blocks of code found in 2 locations. Consider refactoring.
Open

    register_options([
      OptString.new('TARGETURI', [true, 'Base path', '/']),
      OptString.new('VALIDATION_KEY', [false, 'ViewState validation key']),
      OptString.new('COOKIE', [false, 'SharePoint cookie if you have one']),
      # "Promote" these advanced options so we don't have to pass around our own
Severity: Minor
Found in modules/exploits/windows/http/sharepoint_ssi_viewstate.rb and 1 other location - About 30 mins to fix
modules/exploits/multi/http/openfire_auth_bypass_rce_cve_2023_32315.rb on lines 69..76

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 33.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Similar blocks of code found in 2 locations. Consider refactoring.
Open

    if pids.include? 5
      data = get_engine_coolant_temp(datastore['CANBUS'], datastore['SRCID'], datastore['DSTID'], opt)
      print_status("  Engine Temp: #{data['TEMP_C']} \u00b0C / #{data['TEMP_F']} \u00b0F") if data.key? 'TEMP_C'
Severity: Minor
Found in modules/post/hardware/automotive/getvinfo.rb and 1 other location - About 30 mins to fix
modules/post/hardware/automotive/getvinfo.rb on lines 60..62

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 33.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Similar blocks of code found in 2 locations. Consider refactoring.
Open

  def self.report_event
    lambda {
      warden.authenticate!
      begin
        job = lambda { |opts| get_db.report_event(opts) }
Severity: Minor
Found in lib/msf/core/web_services/servlet/event_servlet.rb and 1 other location - About 30 mins to fix
lib/msf/core/web_services/servlet/host_servlet.rb on lines 49..59

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 33.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Similar blocks of code found in 2 locations. Consider refactoring.
Open

    c = {
      "?"          => "Help menu",
      "background" => "Backgrounds the current session",
      "exit"       => "Terminate the hardware bridge session",
      "help"       => "Help menu",
Severity: Minor
Found in lib/rex/post/hwbridge/ui/console/command_dispatcher/core.rb and 1 other location - About 30 mins to fix
lib/msf/ui/console/command_dispatcher/modules.rb on lines 41..57

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 33.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Similar blocks of code found in 2 locations. Consider refactoring.
Open

    connect

    sploit =  "GET " + rand_text_alpha_upper(950) + generate_seh_payload(target.ret)
    sploit << rand_text_alpha_upper(1024 - payload.encoded.length)
Severity: Minor
Found in modules/exploits/windows/misc/bigant_server.rb and 1 other location - About 30 mins to fix
modules/exploits/windows/misc/bigant_server_250.rb on lines 61..71

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 33.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Similar blocks of code found in 2 locations. Consider refactoring.
Open

    when /Windows 2003 SP2/
      stack_pivot << [0x77bdf448].pack("V") #ret
      stack_pivot << [0x77bdf448].pack("V") #ret
      stack_pivot << [0x77bdf448].pack("V") #ret
      stack_pivot << [0x77bdf448].pack("V") #ret
Severity: Minor
Found in modules/exploits/windows/misc/enterasys_netsight_syslog_bof.rb and 1 other location - About 30 mins to fix
modules/exploits/windows/misc/enterasys_netsight_syslog_bof.rb on lines 75..80

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 33.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Avoid too many return statements within this function.
Open

        return
Severity: Major
Found in modules/auxiliary/admin/http/grafana_auth_bypass.py - About 30 mins to fix

    Avoid too many return statements within this function.
    Open

        return properties
    Severity: Major
    Found in modules/auxiliary/scanner/http/rdp_web_login.py - About 30 mins to fix

      Avoid too many return statements within this function.
      Open

              return user, password, VALID_LOGIN, r
      Severity: Major
      Found in modules/auxiliary/gather/office365userenum.py - About 30 mins to fix

        Avoid too many return statements within this function.
        Open

                return True
        Severity: Major
        Found in modules/auxiliary/scanner/http/onion_omega2_login.py - About 30 mins to fix

          Avoid too many return statements within this function.
          Open

                  return
          Severity: Major
          Found in modules/auxiliary/admin/http/grafana_auth_bypass.py - About 30 mins to fix

            Avoid too many return statements within this function.
            Open

                return
            Severity: Major
            Found in modules/auxiliary/dos/cisco/cisco_7937g_dos.py - About 30 mins to fix

              Avoid too many return statements within this function.
              Open

                      return None
              Severity: Major
              Found in modules/auxiliary/scanner/http/rdp_web_login.py - About 30 mins to fix

                Avoid too many return statements within this function.
                Open

                        return "unknown"
                Severity: Major
                Found in modules/exploits/linux/smtp/haraka.py - About 30 mins to fix

                  Avoid too many return statements within this function.
                  Open

                      return
                  Severity: Major
                  Found in modules/auxiliary/admin/http/cisco_7937g_ssh_privesc.py - About 30 mins to fix

                    Avoid too many return statements within this function.
                    Open

                            return str(e)
                    Severity: Major
                    Found in modules/auxiliary/scanner/ssl/bleichenbacher_oracle.py - About 30 mins to fix

                      Avoid too many return statements within this function.
                      Open

                          return user, password, UNKNOWN, r
                      Severity: Major
                      Found in modules/auxiliary/gather/office365userenum.py - About 30 mins to fix

                        Avoid too many return statements within this function.
                        Open

                                    return
                        Severity: Major
                        Found in modules/auxiliary/admin/http/grafana_auth_bypass.py - About 30 mins to fix
                          Severity
                          Category
                          Status
                          Source
                          Language