Sign upLogin

rapid7/metasploit-framework

View on GitHub
Star
modules/exploits/linux/local/netfilter_priv_esc_ipv4.rb

Summary

Maintainability
F
3 days
Test Coverage

Method exploit has 227 lines of code (exceeds 25 allowed). Consider refactoring.
Open

  def exploit
    if check != CheckCode::Appears
      fail_with(Failure::NotVulnerable, 'Target not vulnerable! punt!')
    end
Severity: Major
Found in modules/exploits/linux/local/netfilter_priv_esc_ipv4.rb - About 1 day to fix

    Method exploit has a Cognitive Complexity of 30 (exceeds 5 allowed). Consider refactoring.
    Open

      def exploit
    if check != CheckCode::Appears
      fail_with(Failure::NotVulnerable, 'Target not vulnerable! punt!')
    end
    Severity: Minor
    Found in modules/exploits/linux/local/netfilter_priv_esc_ipv4.rb - About 4 hrs to fix

    Cognitive Complexity

    Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

    A method's cognitive complexity is based on a few simple rules:

    • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
    • Code is considered more complex for each "break in the linear flow of the code"
    • Code is considered more complex when "flow breaking structures are nested"

    Further reading

    File netfilter_priv_esc_ipv4.rb has 334 lines of code (exceeds 250 allowed). Consider refactoring.
    Open

    class MetasploitModule < Msf::Exploit::Local
  Rank = GoodRanking

  include Msf::Post::File
  include Msf::Post::Linux::Kernel
    Severity: Minor
    Found in modules/exploits/linux/local/netfilter_priv_esc_ipv4.rb - About 4 hrs to fix

      Method has_prereqs? has a Cognitive Complexity of 20 (exceeds 5 allowed). Consider refactoring.
      Open

          def has_prereqs?()
      vprint_status('Checking if 32bit C libraries, gcc-multilib, and gcc are installed')
      if target.name == "Ubuntu"
        lib = cmd_exec('dpkg --get-selections | grep libc6-dev-i386')
        if lib.include?('install')
      Severity: Minor
      Found in modules/exploits/linux/local/netfilter_priv_esc_ipv4.rb - About 2 hrs to fix

      Cognitive Complexity

      Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

      A method's cognitive complexity is based on a few simple rules:

      • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
      • Code is considered more complex for each "break in the linear flow of the code"
      • Code is considered more complex when "flow breaking structures are nested"

      Further reading

      Method initialize has 52 lines of code (exceeds 25 allowed). Consider refactoring.
      Open

        def initialize(info = {})
    super(update_info(info,
        'Name'           => 'Linux Kernel 4.6.3 Netfilter Privilege Escalation',
        'Description'    => %q{
          This module attempts to exploit a netfilter bug on Linux Kernels before 4.6.3, and currently
      Severity: Major
      Found in modules/exploits/linux/local/netfilter_priv_esc_ipv4.rb - About 2 hrs to fix

        Method check has 39 lines of code (exceeds 25 allowed). Consider refactoring.
        Open

          def check
    def iptables_loaded?()
      # user@ubuntu:~$ grep ip_tables /proc/modules
      # ip_tables 28672 1 iptable_filter, Live 0x0000000000000000
      # x_tables 36864 2 iptable_filter,ip_tables, Live 0x0000000000000000
        Severity: Minor
        Found in modules/exploits/linux/local/netfilter_priv_esc_ipv4.rb - About 1 hr to fix

          Method iptables_loaded? has a Cognitive Complexity of 9 (exceeds 5 allowed). Consider refactoring.
          Open

              def iptables_loaded?()
      # user@ubuntu:~$ grep ip_tables /proc/modules
      # ip_tables 28672 1 iptable_filter, Live 0x0000000000000000
      # x_tables 36864 2 iptable_filter,ip_tables, Live 0x0000000000000000
      vprint_status('Checking if ip_tables is loaded in kernel')
          Severity: Minor
          Found in modules/exploits/linux/local/netfilter_priv_esc_ipv4.rb - About 55 mins to fix

          Cognitive Complexity

          Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

          A method's cognitive complexity is based on a few simple rules:

          • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
          • Code is considered more complex for each "break in the linear flow of the code"
          • Code is considered more complex when "flow breaking structures are nested"

          Further reading

          Method check has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
          Open

            def check
    def iptables_loaded?()
      # user@ubuntu:~$ grep ip_tables /proc/modules
      # ip_tables 28672 1 iptable_filter, Live 0x0000000000000000
      # x_tables 36864 2 iptable_filter,ip_tables, Live 0x0000000000000000
          Severity: Minor
          Found in modules/exploits/linux/local/netfilter_priv_esc_ipv4.rb - About 35 mins to fix

          Cognitive Complexity

          Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

          A method's cognitive complexity is based on a few simple rules:

          • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
          • Code is considered more complex for each "break in the linear flow of the code"
          • Code is considered more complex when "flow breaking structures are nested"

          Further reading

          There are no issues that match your filters.

          Category
          Status