Sign upLogin

rapid7/metasploit-framework

View on GitHub
Star

Showing 7,361 of 22,177 total issues

Method run has 61 lines of code (exceeds 25 allowed). Consider refactoring.
Open

  def run
    @creds_hash = Hash.new
    @pass_hash = Hash.new

    targets = %w[
Severity: Major
Found in modules/post/multi/gather/grub_creds.rb - About 2 hrs to fix

    Method get_secret has 61 lines of code (exceeds 25 allowed). Consider refactoring.
    Open

      def get_secret(lsa_key)
    output = "\n"

    # LSA Secret key location within the registry
    root_regkey = 'HKLM\\Security\\Policy\\Secrets\\'
    Severity: Major
    Found in modules/post/windows/gather/lsa_secrets.rb - About 2 hrs to fix

      Method run has 61 lines of code (exceeds 25 allowed). Consider refactoring.
      Open

        def run
    if datastore['SID']
      root_key, base_key = split_key("HKU\\#{datastore['SID']}\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Connections")
    else
      root_key, base_key = split_key('HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Connections')
      Severity: Major
      Found in modules/post/windows/gather/enum_proxy.rb - About 2 hrs to fix

        Method send_tcp has 61 lines of code (exceeds 25 allowed). Consider refactoring.
        Open

              def send_tcp(packet,packet_data, nameservers)

        ans = nil
        length = [packet_data.size].pack("n")
        Severity: Major
        Found in lib/net/dns/resolver.rb - About 2 hrs to fix

          Method cmd_screenshare has 61 lines of code (exceeds 25 allowed). Consider refactoring.
          Open

            def cmd_screenshare( *args )
    stream_path = Rex::Text.rand_text_alpha(8) + ".jpeg"
    player_path = Rex::Text.rand_text_alpha(8) + ".html"
    quality = 50
    view = true
          Severity: Major
          Found in lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/ui.rb - About 2 hrs to fix

            Method load_session_info has 61 lines of code (exceeds 25 allowed). Consider refactoring.
            Open

              def load_session_info
    begin
      ::Timeout.timeout(60) do
        update_session_info
            Severity: Major
            Found in lib/msf/base/sessions/meterpreter.rb - About 2 hrs to fix

              Method substitute_vars has 61 lines of code (exceeds 25 allowed). Consider refactoring.
              Open

                def substitute_vars(raw, offsets)
    offsets.each_pair { |name, info|
      offset, pack = info

      # Give the derived class a chance to substitute this variable
              Severity: Major
              Found in lib/msf/core/payload.rb - About 2 hrs to fix

                Method initialize has 61 lines of code (exceeds 25 allowed). Consider refactoring.
                Open

                  def initialize(framework)
    self.framework = framework
    self.sid_pool  = 0
    self.mutex = Mutex.new
    self.scheduler_queue = ::Queue.new
                Severity: Major
                Found in lib/msf/core/session_manager.rb - About 2 hrs to fix

                  Method report_service has 61 lines of code (exceeds 25 allowed). Consider refactoring.
                  Open

                    def report_service(opts)
    return if !active
  ::ApplicationRecord.connection_pool.with_connection { |conn|
    opts = opts.clone() # protect the original caller's opts
    addr  = opts.delete(:host) || return
                  Severity: Major
                  Found in lib/msf/core/db_manager/service.rb - About 2 hrs to fix

                    Method initialize has 61 lines of code (exceeds 25 allowed). Consider refactoring.
                    Open

                      def initialize(info = {})
    super

    register_options(
      [
                    Severity: Major
                    Found in lib/msf/core/exploit/remote/http_client.rb - About 2 hrs to fix

                      Method connect_login has 61 lines of code (exceeds 25 allowed). Consider refactoring.
                      Open

                        def connect_login(global = true)
    if datastore['DOMAIN'] && datastore['DOMAIN'] != ''
      domain = datastore['DOMAIN']
    else
      domain = Rex::Text.rand_text_alpha(rand(32)+1)
                      Severity: Major
                      Found in lib/msf/core/exploit/remote/smtp_deliver.rb - About 2 hrs to fix

                        Identical blocks of code found in 2 locations. Consider refactoring.
                        Open

                          def exploit
    payload_exe = rand_text_alphanumeric(4 + rand(4))
    case target['Platform']
      when 'java'
        payload_exe = "#{temp_path}#{payload_exe}.jar"
                        Severity: Major
                        Found in modules/exploits/multi/http/struts_dmi_exec.rb and 1 other location - About 2 hrs to fix
                        modules/exploits/multi/http/struts_dmi_rest_exec.rb on lines 173..199

                        Duplicated Code

                        Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

                        Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

                        When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

                        Tuning

                        This issue has a mass of 90.

                        We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

                        The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

                        If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

                        See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

                        Refactorings

                        Further Reading

                        Identical blocks of code found in 2 locations. Consider refactoring.
                        Open

                          def exploit
    payload_exe = rand_text_alphanumeric(4 + rand(4))
    case target['Platform']
      when 'java'
        payload_exe = "#{temp_path}#{payload_exe}.jar"
                        Severity: Major
                        Found in modules/exploits/multi/http/struts_dmi_rest_exec.rb and 1 other location - About 2 hrs to fix
                        modules/exploits/multi/http/struts_dmi_exec.rb on lines 172..198

                        Duplicated Code

                        Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

                        Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

                        When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

                        Tuning

                        This issue has a mass of 90.

                        We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

                        The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

                        If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

                        See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

                        Refactorings

                        Further Reading

                        Similar blocks of code found in 2 locations. Consider refactoring.
                        Open

                          def payload_win2k3sp1
    egg_options = {
      eggtag: rand_text_alpha(4)
    }
                        Severity: Major
                        Found in modules/exploits/windows/smb/smb_rras_erraticgopher.rb and 1 other location - About 2 hrs to fix
                        modules/exploits/windows/smb/smb_rras_erraticgopher.rb on lines 168..192

                        Duplicated Code

                        Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

                        Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

                        When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

                        Tuning

                        This issue has a mass of 90.

                        We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

                        The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

                        If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

                        See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

                        Refactorings

                        Further Reading

                        Similar blocks of code found in 2 locations. Consider refactoring.
                        Open

                          def asm_block_recv_rc4(opts={})
    xorkey = Rex::Text.to_dword(opts[:xorkey]).chomp
    reliable     = opts[:reliable]
    asm = %Q^
      recv:
                        Severity: Major
                        Found in lib/msf/core/payload/windows/reverse_tcp_rc4.rb and 1 other location - About 2 hrs to fix
                        lib/msf/core/payload/windows/x64/reverse_tcp_rc4_x64.rb on lines 64..180

                        Duplicated Code

                        Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

                        Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

                        When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

                        Tuning

                        This issue has a mass of 90.

                        We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

                        The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

                        If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

                        See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

                        Refactorings

                        Further Reading

                        Similar blocks of code found in 2 locations. Consider refactoring.
                        Open

                          def start_handler
    self.listener_thread = framework.threads.spawn("ReverseTcpDoubleSSLHandlerListener", false) {
      sock_inp = nil
      sock_out = nil
                        Severity: Major
                        Found in lib/msf/core/handler/reverse_tcp_double_ssl.rb and 1 other location - About 2 hrs to fix
                        lib/msf/core/handler/reverse_tcp_double.rb on lines 71..104

                        Duplicated Code

                        Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

                        Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

                        When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

                        Tuning

                        This issue has a mass of 90.

                        We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

                        The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

                        If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

                        See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

                        Refactorings

                        Further Reading

                        Similar blocks of code found in 2 locations. Consider refactoring.
                        Open

                          def payload_win2k3sp2
    egg_options = {
      eggtag: rand_text_alpha(4)
    }
                        Severity: Major
                        Found in modules/exploits/windows/smb/smb_rras_erraticgopher.rb and 1 other location - About 2 hrs to fix
                        modules/exploits/windows/smb/smb_rras_erraticgopher.rb on lines 141..165

                        Duplicated Code

                        Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

                        Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

                        When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

                        Tuning

                        This issue has a mass of 90.

                        We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

                        The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

                        If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

                        See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

                        Refactorings

                        Further Reading

                        Similar blocks of code found in 2 locations. Consider refactoring.
                        Open

                          def run
    last_str = nil
    last_inp = nil
    last_err = nil
                        Severity: Major
                        Found in modules/auxiliary/fuzzers/smb/smb_create_pipe.rb and 1 other location - About 2 hrs to fix
                        modules/auxiliary/fuzzers/smb/smb_tree_connect.rb on lines 36..71

                        Duplicated Code

                        Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

                        Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

                        When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

                        Tuning

                        This issue has a mass of 90.

                        We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

                        The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

                        If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

                        See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

                        Refactorings

                        Further Reading

                        Similar blocks of code found in 2 locations. Consider refactoring.
                        Open

                          def asm_block_recv_rc4(opts={})
    xorkey = Rex::Text.to_dword(opts[:xorkey]).chomp
    reliable     = opts[:reliable]
    asm = %Q^
      recv:
                        Severity: Major
                        Found in lib/msf/core/payload/windows/x64/reverse_tcp_rc4_x64.rb and 1 other location - About 2 hrs to fix
                        lib/msf/core/payload/windows/reverse_tcp_rc4.rb on lines 63..170

                        Duplicated Code

                        Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

                        Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

                        When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

                        Tuning

                        This issue has a mass of 90.

                        We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

                        The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

                        If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

                        See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

                        Refactorings

                        Further Reading

                        Similar blocks of code found in 2 locations. Consider refactoring.
                        Open

                          def start_handler
    self.listener_thread = framework.threads.spawn("ReverseTcpDoubleHandlerListener", false) {
      sock_inp = nil
      sock_out = nil
                        Severity: Major
                        Found in lib/msf/core/handler/reverse_tcp_double.rb and 1 other location - About 2 hrs to fix
                        lib/msf/core/handler/reverse_tcp_double_ssl.rb on lines 136..169

                        Duplicated Code

                        Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

                        Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

                        When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

                        Tuning

                        This issue has a mass of 90.

                        We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

                        The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

                        If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

                        See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

                        Refactorings

                        Further Reading

                        Severity
                        Category
                        Status
                        Source
                        Language