lib/msf/core/exploit/remote/postgres.rb
File postgres.rb has 303 lines of code (exceeds 250 allowed). Consider refactoring. Open
Open
module Msf
###
#
# This module exposes methods for querying a remote PostgreSQL service.Method postgres_login has a Cognitive Complexity of 21 (exceeds 5 allowed). Consider refactoring. Open
Open
def postgres_login(opts={})
postgres_logout if self.postgres_conn
db = opts[:database] || datastore['DATABASE']
username = opts[:username] || datastore['USERNAME']
password = opts[:password] || datastore['PASSWORD']- Read upRead up
Cognitive Complexity
Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.
A method's cognitive complexity is based on a few simple rules:
- Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
- Code is considered more complex for each "break in the linear flow of the code"
- Code is considered more complex when "flow breaking structures are nested"
Further reading
Method postgres_query has a Cognitive Complexity of 20 (exceeds 5 allowed). Consider refactoring. Open
Open
def postgres_query(sql=nil,doprint=false)
unless self.postgres_conn
result = postgres_login
unless result == :connected
return { conn_error: result }- Read upRead up
Cognitive Complexity
Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.
A method's cognitive complexity is based on a few simple rules:
- Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
- Code is considered more complex for each "break in the linear flow of the code"
- Code is considered more complex when "flow breaking structures are nested"
Further reading
Method analyze_auth_error has 50 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def analyze_auth_error(e)
fname,fline,froutine = e.to_s.split("\t")[3,3]
fingerprint = "#{fname}:#{fline}:#{froutine}"
case fingerprint
Method postgres_print_reply has a Cognitive Complexity of 14 (exceeds 5 allowed). Consider refactoring. Open
Open
def postgres_print_reply(resp=nil,sql=nil)
verbose = datastore['VERBOSE']
return :error unless resp.kind_of? Connection::Result
if resp.rows and resp.fields- Read upRead up
Cognitive Complexity
Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.
A method's cognitive complexity is based on a few simple rules:
- Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
- Code is considered more complex for each "break in the linear flow of the code"
- Code is considered more complex when "flow breaking structures are nested"
Further reading
Method postgres_query has 35 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def postgres_query(sql=nil,doprint=false)
unless self.postgres_conn
result = postgres_login
unless result == :connected
return { conn_error: result }Method postgres_login has 34 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def postgres_login(opts={})
postgres_logout if self.postgres_conn
db = opts[:database] || datastore['DATABASE']
username = opts[:username] || datastore['USERNAME']
password = opts[:password] || datastore['PASSWORD']Method postgres_upload_binary_data has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def postgres_upload_binary_data(data, remote_fname=nil)
remote_fname ||= Rex::Text::rand_text_alpha(8) + ".dll"
# From the Postgres documentation:
# SELECT lo_creat(-1); -- returns OID of new, empty large objectMethod postgres_upload_binary_data has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring. Open
Open
def postgres_upload_binary_data(data, remote_fname=nil)
remote_fname ||= Rex::Text::rand_text_alpha(8) + ".dll"
# From the Postgres documentation:
# SELECT lo_creat(-1); -- returns OID of new, empty large object- Read upRead up
Cognitive Complexity
Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.
A method's cognitive complexity is based on a few simple rules:
- Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
- Code is considered more complex for each "break in the linear flow of the code"
- Code is considered more complex when "flow breaking structures are nested"
Further reading
Avoid too many return statements within this method. Open
Open
when "Fauth.c:L362:Rauth_failed" ; return {:preauth => "8.2.14-15"} # Failed (bad db, bad credentials)Avoid too many return statements within this method. Open
Open
when "Fauth.c:L483:RClientAuthentication" ; return {:preauth => "9.1.6"} # Bad userAvoid too many return statements within this method. Open
Open
when "Fauth.c:L414:RClientAuthentication" ; return {:preauth => "8.2.7-1"} # Failed (bad db, bad credentials) ubuntu 8.04.2Avoid too many return statements within this method. Open
Open
return :connectedAvoid too many return statements within this method. Open
Open
when 'F.\src\backend\libpq\auth.c:L297:Rauth_failed' ; return {:preauth => "9.0.3-Win"} # Rejected (bad db or bad creds)Avoid too many return statements within this method. Open
Open
when 'Fsrc\backend\utils\init\postinit.c:L717:RInitPostgres' ; return {:preauth => "9.2.1-Win"} # Failed (bad db, good credentials)Avoid too many return statements within this method. Open
Open
when "Fauth.c:L394:RClientAuthentication" ; return {:preauth => "8.1.18-19"} # Rejected (maybe good)Avoid too many return statements within this method. Open
Open
when "Fauth.c:L349:RClientAuthentication" ; return {:preauth => "8.4.1"} # Rejected (maybe good)Avoid too many return statements within this method. Open
Open
when "Fpostinit.c:L794:RInitPostgres" ; return {:preauth => "9.4.1-5"} # Good creds, non-existent but allowed databaseAvoid too many return statements within this method. Open
Open
when "Fpostinit.c:L319:RInitPostgres" ; return {:preauth => "8.2.14-15"} # Failed (bad db, good credentials)Avoid too many return statements within this method. Open
Open
when 'F.\src\backend\libpq\auth.c:L359:RClientAuthentication' ; return {:preauth => "8.4.2-Win"} # Rejected (maybe good)Avoid too many return statements within this method. Open
Open
when 'Fpostinit.c:L319:' ; return {:preauth => '8.2.10-8.2.13-OpenSolaris'} # Failed (bad db, bad credentials)Avoid too many return statements within this method. Open
Open
when "Fauth.c:L337:Rauth_failed" ; return {:preauth => "8.1.18-19"} # Failed (bad db, bad credentials)Avoid too many return statements within this method. Open
Open
when "Fpostinit.c:L422:RInitPostgres" ; return {:preauth => "8.4.1-2"} # Failed (bad db, good credentials)Avoid too many return statements within this method. Open
Open
when "Fauth.c:L419:RClientAuthentication" ; return {:preauth => "8.2.14-15"} # Rejected (maybe good)Avoid too many return statements within this method. Open
Open
when "Fauth.c:L1060:RClientAuthentication" ; return {:preauth => "8.3.8"} # Rejected (maybe good)Avoid too many return statements within this method. Open
Open
when "Fauth.c:L302:Rauth_failed" ; return {:preauth => "9.1.6"} # Bad password, good databaseAvoid too many return statements within this method. Open
Open
when 'Fmiscinit.c:L420:' ; return {:preauth => '8.2.6-8.2.13-OpenSolaris'} # Failed (good db, bad credentials)Avoid too many return statements within this method. Open
Open
when "Fpostinit.c:L354:RInitPostgres" ; return {:preauth => "8.1.18-19"} # Failed (bad db, good credentials)Avoid too many return statements within this method. Open
Open
when "Fpostinit.c:L388:RInitPostgres" ; return {:preauth => "8.3.8-9"} # Failed (bad db, good credentials)Avoid too many return statements within this method. Open
Open
when "Fmiscinit.c:L362:RInitializeSessionUserId" ; return {:preauth => "9.4.1-5"} # Bad userAvoid too many return statements within this method. Open
Open
when "Fauth.c:L1003:Rauth_failed" ; return {:preauth => "8.3.8"} # Failed (bad db, bad credentials)Avoid too many return statements within this method. Open
Open
when "Fauth.c:L364:RClientAuthentication" ; return {:preauth => "8.4.2"} # Rejected (maybe good)Avoid too many return statements within this method. Open
Open
when "Fpostinit.c:L709:RInitPostgres" ; return {:preauth => "9.1.5"} # Failed (bad db, good credentials)Avoid too many return statements within this method. Open
Open
when "Fauth.c:L457:RClientAuthentication" ; return {:preauth => "8.0.22-23"} # Rejected (maybe good)Avoid too many return statements within this method. Open
Open
when 'F.\src\backend\libpq\auth.c:L273:Rauth_failed' ; return {:preauth => "8.4.2-Win"} # Failed (bad db, bad credentials)Avoid too many return statements within this method. Open
Open
when "Fpostinit.c:L274:RInitPostgres" ; return {:preauth => "8.0.22-23"} # Failed (bad db, good credentials)Avoid too many return statements within this method. Open
Open
when "Fauth.c:L1017:Rauth_failed" ; return {:preauth => "8.3.9"} # Failed (bad db, bad credentials)Avoid too many return statements within this method. Open
Open
when "Fauth.c:L273:Rauth_failed" ; return {:preauth => "8.4.2"} # Failed (bad db, bad credentials)Avoid too many return statements within this method. Open
Open
when "Fpostinit.c:L718:RInitPostgres" ; return {:preauth => "9.1.6"} # Good creds, non-existent but allowed databaseAvoid too many return statements within this method. Open
Open
when "Fauth.c:L285:Rauth_failed" ; return {:preauth => "9.4.1-5"} # Bad creds, good databaseAvoid too many return statements within this method. Open
Open
when 'F.\src\backend\libpq\auth.c:L464:RClientAuthentication' ; return {:preauth => "9.0.3-Win"} # Rejected (not allowed in pg_hba.conf)Avoid too many return statements within this method. Open
Open
when 'Fsrc\backend\libpq\auth.c:L302:Rauth_failed' ; return {:preauth => "9.2.1-Win"} # Rejected (bad db or bad creds)Avoid too many return statements within this method. Open
Open
when 'Fsrc\backend\libpq\auth.c:L479:RClientAuthentication' ; return {:preauth => "9.2.1-Win"} # Rejected (not allowed in pg_hba.conf)Avoid too many return statements within this method. Open
Open
when 'Fmiscinit.c:L382:' ; return {:preauth => '8.2.4-OpenSolaris'} # Failed (good db, bad credentials)Avoid too many return statements within this method. Open
Open
when 'Fpostinit.c:L318:' ; return {:preauth => '8.2.4-8.2.9-OpenSolaris'} # Failed (bad db, bad credentials)Avoid too many return statements within this method. Open
Open
return {:unknown => fingerprint}Avoid too many return statements within this method. Open
Open
when "Fauth.c:L1074:RClientAuthentication" ; return {:preauth => "8.3.9"} # Rejected (maybe good, but not allowed due to pg_hba.conf)Avoid too many return statements within this method. Open
Open
when "Fmiscinit.c:L432:RInitializeSessionUserId" ; return {:preauth => "9.1.5"} # Failed (bad db, bad credentials)Avoid too many return statements within this method. Open
Open
when "Fauth.c:L481:RClientAuthentication" ; return {:preauth => "9.4.1-5"} # bad user or hostAvoid too many return statements within this method. Open
Open
when "Fauth.c:L258:Rauth_failed" ; return {:preauth => "8.4.1"} # Failed (bad db, bad credentials)Avoid too many return statements within this method. Open
Open
when 'F.\src\backend\utils\init\postinit.c:L422:RInitPostgres' ; return {:preauth => "8.4.2-Win"} # Failed (bad db, good credentials)Method postgres_logout has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring. Open
Open
def postgres_logout
ip = self.postgres_conn.peerhost
port = self.postgres_conn.peerport
verbose = datastore['VERBOSE']
- Read upRead up
Cognitive Complexity
Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.
A method's cognitive complexity is based on a few simple rules:
- Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
- Code is considered more complex for each "break in the linear flow of the code"
- Code is considered more complex when "flow breaking structures are nested"