Sign upLogin

rapid7/metasploit-framework

View on GitHub
Star
lib/msf/core/post/windows/mssql.rb

Summary

Maintainability
C
7 hrs
Test Coverage

Method impersonate_sql_user has a Cognitive Complexity of 19 (exceeds 5 allowed). Consider refactoring.
Open

        def impersonate_sql_user(service)
          return false if service.nil? || service[:pid].nil? || service[:pid] <= 0

          pid = service[:pid]
          vprint_status("Current user: #{session.sys.config.getuid}")
Severity: Minor
Found in lib/msf/core/post/windows/mssql.rb - About 2 hrs to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method impersonate_sql_user has 36 lines of code (exceeds 25 allowed). Consider refactoring.
Open

        def impersonate_sql_user(service)
          return false if service.nil? || service[:pid].nil? || service[:pid] <= 0

          pid = service[:pid]
          vprint_status("Current user: #{session.sys.config.getuid}")
Severity: Minor
Found in lib/msf/core/post/windows/mssql.rb - About 1 hr to fix

    Method check_for_sqlserver has a Cognitive Complexity of 12 (exceeds 5 allowed). Consider refactoring.
    Open

            def check_for_sqlserver(instance = nil)
          target_service = nil
          each_service do |service|
            if instance.to_s.strip.empty?
              # Target default instance
    Severity: Minor
    Found in lib/msf/core/post/windows/mssql.rb - About 1 hr to fix

    Cognitive Complexity

    Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

    A method's cognitive complexity is based on a few simple rules:

    • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
    • Code is considered more complex for each "break in the linear flow of the code"
    • Code is considered more complex when "flow breaking structures are nested"

    Further reading

    Consider simplifying this complex logical expression.
    Open

                elsif (
                  service[:display].downcase.include?("SQL Server (#{instance}".downcase) || # 2k8
                  service[:display].downcase.include?("MSSQL$#{instance}".downcase) || # 2k
                  service[:display].downcase.include?("MSSQLServer#{instance}".downcase) || # 2k5
                  service[:display].downcase == instance.downcase # If the user gets very specific
    Severity: Major
    Found in lib/msf/core/post/windows/mssql.rb - About 40 mins to fix

      Method run_sql has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
      Open

              def run_sql(query, instance = nil, server = '.', database: nil, username: nil, password: nil)
          target = server
          if instance && instance.downcase != 'mssqlserver'
            target = "#{server}\\#{instance}"
          end
      Severity: Minor
      Found in lib/msf/core/post/windows/mssql.rb - About 35 mins to fix

      Cognitive Complexity

      Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

      A method's cognitive complexity is based on a few simple rules:

      • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
      • Code is considered more complex for each "break in the linear flow of the code"
      • Code is considered more complex when "flow breaking structures are nested"

      Further reading

      Avoid too many return statements within this method.
      Open

                    return false
      Severity: Major
      Found in lib/msf/core/post/windows/mssql.rb - About 30 mins to fix

        Method get_system has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
        Open

                def get_system
          print_status('Checking if user is SYSTEM...')

          if is_system?
            print_good('User is SYSTEM')
        Severity: Minor
        Found in lib/msf/core/post/windows/mssql.rb - About 25 mins to fix

        Cognitive Complexity

        Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

        A method's cognitive complexity is based on a few simple rules:

        • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
        • Code is considered more complex for each "break in the linear flow of the code"
        • Code is considered more complex when "flow breaking structures are nested"

        Further reading

        There are no issues that match your filters.

        Category
        Status