rapid7/metasploit-framework

View on GitHub
modules/auxiliary/gather/windows_secrets_dump.rb

Summary

Maintainability
F
1 wk
Test Coverage

File windows_secrets_dump.rb has 967 lines of code (exceeds 250 allowed). Consider refactoring.
Open

require 'metasploit/framework/hashes/identify'
require 'ruby_smb/dcerpc/client'

class MetasploitModule < Msf::Auxiliary
  include Msf::Exploit::Remote::SMB::Client::Authenticated
Severity: Major
Found in modules/auxiliary/gather/windows_secrets_dump.rb - About 2 days to fix

    Method dump_ntds_hashes has a Cognitive Complexity of 83 (exceeds 5 allowed). Consider refactoring.
    Open

      def dump_ntds_hashes
        _machine_name, domain_name = get_machine_name_and_domain
        return unless domain_name
    
        print_status('Dumping Domain Credentials (domain\\uid:rid:lmhash:nthash)')
    Severity: Minor
    Found in modules/auxiliary/gather/windows_secrets_dump.rb - About 1 day to fix

    Cognitive Complexity

    Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

    A method's cognitive complexity is based on a few simple rules:

    • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
    • Code is considered more complex for each "break in the linear flow of the code"
    • Code is considered more complex when "flow breaking structures are nested"

    Further reading

    Method run has a Cognitive Complexity of 79 (exceeds 5 allowed). Consider refactoring.
    Open

      def run
        unless db
          print_warning('Cannot find any active database. Extracted data will only be displayed here and NOT stored.')
        end
    
    
    Severity: Minor
    Found in modules/auxiliary/gather/windows_secrets_dump.rb - About 1 day to fix

    Cognitive Complexity

    Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

    A method's cognitive complexity is based on a few simple rules:

    • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
    • Code is considered more complex for each "break in the linear flow of the code"
    • Code is considered more complex when "flow breaking structures are nested"

    Further reading

    Method dump_ntds_hashes has 157 lines of code (exceeds 25 allowed). Consider refactoring.
    Open

      def dump_ntds_hashes
        _machine_name, domain_name = get_machine_name_and_domain
        return unless domain_name
    
        print_status('Dumping Domain Credentials (domain\\uid:rid:lmhash:nthash)')
    Severity: Major
    Found in modules/auxiliary/gather/windows_secrets_dump.rb - About 6 hrs to fix

      Method run has 134 lines of code (exceeds 25 allowed). Consider refactoring.
      Open

        def run
          unless db
            print_warning('Cannot find any active database. Extracted data will only be displayed here and NOT stored.')
          end
      
      
      Severity: Major
      Found in modules/auxiliary/gather/windows_secrets_dump.rb - About 5 hrs to fix

        Method print_secret has a Cognitive Complexity of 30 (exceeds 5 allowed). Consider refactoring.
        Open

          def print_secret(name, secret_item)
            if secret_item.nil? || secret_item.empty?
              vprint_status("Discarding secret #{name}, NULL Data")
              return
            end
        Severity: Minor
        Found in modules/auxiliary/gather/windows_secrets_dump.rb - About 4 hrs to fix

        Cognitive Complexity

        Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

        A method's cognitive complexity is based on a few simple rules:

        • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
        • Code is considered more complex for each "break in the linear flow of the code"
        • Code is considered more complex when "flow breaking structures are nested"

        Further reading

        Class MetasploitModule has 31 methods (exceeds 20 allowed). Consider refactoring.
        Open

        class MetasploitModule < Msf::Auxiliary
          include Msf::Exploit::Remote::SMB::Client::Authenticated
          include Msf::Exploit::Remote::DCERPC
          include Msf::Auxiliary::Report
          include Msf::Util::WindowsRegistry
        Severity: Minor
        Found in modules/auxiliary/gather/windows_secrets_dump.rb - About 3 hrs to fix

          Method parse_user_record has 82 lines of code (exceeds 25 allowed). Consider refactoring.
          Open

            def parse_user_record(dcerpc_client, user_record)
              vprint_status("Decrypting hash for user: #{user_record.pmsg_out.msg_getchg.p_nc.string_name.to_ary[0..-1].join.encode('utf-8')}")
          
              entinf_struct = user_record.pmsg_out.msg_getchg.p_objects.entinf
              rid = entinf_struct.p_name.sid[-4..-1].unpack('<L').first
          Severity: Major
          Found in modules/auxiliary/gather/windows_secrets_dump.rb - About 3 hrs to fix

            Method print_secret has 74 lines of code (exceeds 25 allowed). Consider refactoring.
            Open

              def print_secret(name, secret_item)
                if secret_item.nil? || secret_item.empty?
                  vprint_status("Discarding secret #{name}, NULL Data")
                  return
                end
            Severity: Major
            Found in modules/auxiliary/gather/windows_secrets_dump.rb - About 2 hrs to fix

              Method dump_cached_hashes has a Cognitive Complexity of 21 (exceeds 5 allowed). Consider refactoring.
              Open

                def dump_cached_hashes(reg_parser, nlkm_key)
                  print_status('Dumping cached hashes')
              
                  cache_infos = reg_parser.cached_infos(nlkm_key)
                  if cache_infos.nil? || cache_infos.empty?
              Severity: Minor
              Found in modules/auxiliary/gather/windows_secrets_dump.rb - About 2 hrs to fix

              Cognitive Complexity

              Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

              A method's cognitive complexity is based on a few simple rules:

              • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
              • Code is considered more complex for each "break in the linear flow of the code"
              • Code is considered more complex when "flow breaking structures are nested"

              Further reading

              Method dump_cached_hashes has 59 lines of code (exceeds 25 allowed). Consider refactoring.
              Open

                def dump_cached_hashes(reg_parser, nlkm_key)
                  print_status('Dumping cached hashes')
              
                  cache_infos = reg_parser.cached_infos(nlkm_key)
                  if cache_infos.nil? || cache_infos.empty?
              Severity: Major
              Found in modules/auxiliary/gather/windows_secrets_dump.rb - About 2 hrs to fix

                Method parse_user_record has a Cognitive Complexity of 16 (exceeds 5 allowed). Consider refactoring.
                Open

                  def parse_user_record(dcerpc_client, user_record)
                    vprint_status("Decrypting hash for user: #{user_record.pmsg_out.msg_getchg.p_nc.string_name.to_ary[0..-1].join.encode('utf-8')}")
                
                    entinf_struct = user_record.pmsg_out.msg_getchg.p_objects.entinf
                    rid = entinf_struct.p_name.sid[-4..-1].unpack('<L').first
                Severity: Minor
                Found in modules/auxiliary/gather/windows_secrets_dump.rb - About 2 hrs to fix

                Cognitive Complexity

                Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                A method's cognitive complexity is based on a few simple rules:

                • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                • Code is considered more complex for each "break in the linear flow of the code"
                • Code is considered more complex when "flow breaking structures are nested"

                Further reading

                Method initialize has 49 lines of code (exceeds 25 allowed). Consider refactoring.
                Open

                  def initialize(info = {})
                    super(
                      update_info(
                        info,
                        'Name' => 'Windows Secrets Dump',
                Severity: Minor
                Found in modules/auxiliary/gather/windows_secrets_dump.rb - About 1 hr to fix

                  Method dump_sam_hashes has a Cognitive Complexity of 11 (exceeds 5 allowed). Consider refactoring.
                  Open

                    def dump_sam_hashes(reg_parser, boot_key)
                      print_status('Dumping SAM hashes')
                      vprint_status('Calculating HashedBootKey from SAM')
                      hboot_key = reg_parser.get_hboot_key(boot_key)
                      unless hboot_key.present?
                  Severity: Minor
                  Found in modules/auxiliary/gather/windows_secrets_dump.rb - About 1 hr to fix

                  Cognitive Complexity

                  Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                  A method's cognitive complexity is based on a few simple rules:

                  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                  • Code is considered more complex for each "break in the linear flow of the code"
                  • Code is considered more complex when "flow breaking structures are nested"

                  Further reading

                  Method dump_sam_hashes has 29 lines of code (exceeds 25 allowed). Consider refactoring.
                  Open

                    def dump_sam_hashes(reg_parser, boot_key)
                      print_status('Dumping SAM hashes')
                      vprint_status('Calculating HashedBootKey from SAM')
                      hboot_key = reg_parser.get_hboot_key(boot_key)
                      unless hboot_key.present?
                  Severity: Minor
                  Found in modules/auxiliary/gather/windows_secrets_dump.rb - About 1 hr to fix

                    Method get_boot_key has 28 lines of code (exceeds 25 allowed). Consider refactoring.
                    Open

                      def get_boot_key
                        print_status('Retrieving target system bootKey')
                        root_key_handle = @winreg.open_root_key('HKLM')
                    
                        boot_key = ''.b
                    Severity: Minor
                    Found in modules/auxiliary/gather/windows_secrets_dump.rb - About 1 hr to fix

                      Method decrypt_supplemental_info has a Cognitive Complexity of 10 (exceeds 5 allowed). Consider refactoring.
                      Open

                        def decrypt_supplemental_info(dcerpc_client, result, attribute_value)
                          result[:kerberos_keys] = {}
                          result[:clear_text_passwords] = {}
                          plain_text = dcerpc_client.decrypt_attribute_value(attribute_value)
                          user_properties = RubySMB::Dcerpc::Samr::UserProperties.read(plain_text)
                      Severity: Minor
                      Found in modules/auxiliary/gather/windows_secrets_dump.rb - About 1 hr to fix

                      Cognitive Complexity

                      Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                      A method's cognitive complexity is based on a few simple rules:

                      • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                      • Code is considered more complex for each "break in the linear flow of the code"
                      • Code is considered more complex when "flow breaking structures are nested"

                      Further reading

                      Method decrypt_supplemental_info has 27 lines of code (exceeds 25 allowed). Consider refactoring.
                      Open

                        def decrypt_supplemental_info(dcerpc_client, result, attribute_value)
                          result[:kerberos_keys] = {}
                          result[:clear_text_passwords] = {}
                          plain_text = dcerpc_client.decrypt_attribute_value(attribute_value)
                          user_properties = RubySMB::Dcerpc::Samr::UserProperties.read(plain_text)
                      Severity: Minor
                      Found in modules/auxiliary/gather/windows_secrets_dump.rb - About 1 hr to fix

                        Avoid deeply nested control flow statements.
                        Open

                                  unless report_creds(print_name, sec, **credential_opts)
                                    vprint_bad("Error when reporting #{print_name} machine kerberos key #{sec}")
                                  end
                        Severity: Major
                        Found in modules/auxiliary/gather/windows_secrets_dump.rb - About 45 mins to fix

                          Method get_boot_key has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.
                          Open

                            def get_boot_key
                              print_status('Retrieving target system bootKey')
                              root_key_handle = @winreg.open_root_key('HKLM')
                          
                              boot_key = ''.b
                          Severity: Minor
                          Found in modules/auxiliary/gather/windows_secrets_dump.rb - About 45 mins to fix

                          Cognitive Complexity

                          Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                          A method's cognitive complexity is based on a few simple rules:

                          • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                          • Code is considered more complex for each "break in the linear flow of the code"
                          • Code is considered more complex when "flow breaking structures are nested"

                          Further reading

                          Avoid deeply nested control flow statements.
                          Open

                                      if nlkm_key.nil? || nlkm_key.empty?
                                        print_status('No NLKM key (skip cached hashes dump)')
                                      else
                                        report_info(nlkm_key.unpack('H*')[0], 'host.nlkm_key')
                                        dump_cached_hashes(reg_parser, nlkm_key)
                          Severity: Major
                          Found in modules/auxiliary/gather/windows_secrets_dump.rb - About 45 mins to fix

                            Method get_service_account has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
                            Open

                              def get_service_account(service_name)
                                return nil unless @svcctl
                            
                                vprint_status("Getting #{service_name} service account")
                                svc_handle = @svcctl.open_service_w(@scm_handle, service_name)
                            Severity: Minor
                            Found in modules/auxiliary/gather/windows_secrets_dump.rb - About 35 mins to fix

                            Cognitive Complexity

                            Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                            A method's cognitive complexity is based on a few simple rules:

                            • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                            • Code is considered more complex for each "break in the linear flow of the code"
                            • Code is considered more complex when "flow breaking structures are nested"

                            Further reading

                            Method get_default_login_account has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
                            Open

                              def get_default_login_account
                                vprint_status('Getting default login account')
                                begin
                                  username = @winreg.read_registry_key_value(
                                    'HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon',
                            Severity: Minor
                            Found in modules/auxiliary/gather/windows_secrets_dump.rb - About 25 mins to fix

                            Cognitive Complexity

                            Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                            A method's cognitive complexity is based on a few simple rules:

                            • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                            • Code is considered more complex for each "break in the linear flow of the code"
                            • Code is considered more complex when "flow breaking structures are nested"

                            Further reading

                            Method do_cleanup has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
                            Open

                              def do_cleanup
                                print_status('Cleaning up...')
                                if @service_should_be_stopped
                                  print_status('Stopping service RemoteRegistry...')
                                  svc_handle = @svcctl.open_service_w(@scm_handle, 'RemoteRegistry')
                            Severity: Minor
                            Found in modules/auxiliary/gather/windows_secrets_dump.rb - About 25 mins to fix

                            Cognitive Complexity

                            Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                            A method's cognitive complexity is based on a few simple rules:

                            • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                            • Code is considered more complex for each "break in the linear flow of the code"
                            • Code is considered more complex when "flow breaking structures are nested"

                            Further reading

                            There are no issues that match your filters.

                            Category
                            Status