modules/exploits/linux/local/polkit_dbus_auth_bypass.rb
File polkit_dbus_auth_bypass.rb has 348 lines of code (exceeds 250 allowed). Consider refactoring. Open
Open
require 'unix_crypt'
class MetasploitModule < Msf::Exploit::Local
Rank = ExcellentRanking
Method check_via_version has a Cognitive Complexity of 29 (exceeds 5 allowed). Consider refactoring. Open
Open
def check_via_version
sysinfo = get_sysinfo
case sysinfo[:distro]
when 'fedora'
if sysinfo[:version] =~ /Fedora( release)? (\d+)/- Read upRead up
Cognitive Complexity
Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.
A method's cognitive complexity is based on a few simple rules:
- Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
- Code is considered more complex for each "break in the linear flow of the code"
- Code is considered more complex when "flow breaking structures are nested"
Further reading
Method check_via_version has 50 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def check_via_version
sysinfo = get_sysinfo
case sysinfo[:distro]
when 'fedora'
if sysinfo[:version] =~ /Fedora( release)? (\d+)/Method initialize has 46 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(
update_info(
info,
'Name' => 'Polkit D-Bus Authentication Bypass',Method exploit has a Cognitive Complexity of 14 (exceeds 5 allowed). Consider refactoring. Open
Open
def exploit
fail_with(Failure::NotFound, 'Failed to find the su command which this exploit depends on.') unless command_exists?('su')
fail_with(Failure::NotFound, 'Failed to find the dbus-send command which this exploit depends on.') unless command_exists?('dbus-send')
if datastore['TIMEOUT'] < 26
fail_with(Failure::BadConfig, "TIMEOUT is set to less than 26 seconds, so we can't detect if dbus-send times out or not.")- Read upRead up
Cognitive Complexity
Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.
A method's cognitive complexity is based on a few simple rules:
- Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
- Code is considered more complex for each "break in the linear flow of the code"
- Code is considered more complex when "flow breaking structures are nested"
Further reading
Method check has a Cognitive Complexity of 11 (exceeds 5 allowed). Consider refactoring. Open
Open
def check
if datastore['TIMEOUT'] < 26
return CheckCode::Unknown("TIMEOUT is set to less than 26 seconds, so we can't detect if polkit times out or not.")
end
- Read upRead up
Cognitive Complexity
Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.
A method's cognitive complexity is based on a few simple rules:
- Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
- Code is considered more complex for each "break in the linear flow of the code"
- Code is considered more complex when "flow breaking structures are nested"
Further reading
Method exploit_set_realname has 29 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def exploit_set_realname(new_realname)
loop_sequence = get_loop_sequence
cmd_exec(<<~SCRIPT
for i in #{loop_sequence}; do
dbus-sendMethod exploit has 28 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def exploit
fail_with(Failure::NotFound, 'Failed to find the su command which this exploit depends on.') unless command_exists?('su')
fail_with(Failure::NotFound, 'Failed to find the dbus-send command which this exploit depends on.') unless command_exists?('dbus-send')
if datastore['TIMEOUT'] < 26
fail_with(Failure::BadConfig, "TIMEOUT is set to less than 26 seconds, so we can't detect if dbus-send times out or not.")Method check_via_attempt has a Cognitive Complexity of 10 (exceeds 5 allowed). Consider refactoring. Open
Open
def check_via_attempt
status = nil
return status unless !is_root? && command_exists?('dbus-send')
# This is required to make the /org/freedesktop/Accounts/User0 object_path available.- Read upRead up
Cognitive Complexity
Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.
A method's cognitive complexity is based on a few simple rules:
- Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
- Code is considered more complex for each "break in the linear flow of the code"
- Code is considered more complex when "flow breaking structures are nested"
Further reading
Avoid too many return statements within this method. Open
Open
return CheckCode::Safe("Version #{current_version_string} is not affected (too old, the vulnerability was introduced in 0.105-26).")Avoid too many return statements within this method. Open
Open
return CheckCode::Appears('Ubuntu 19.10 is affected.')Avoid too many return statements within this method. Open
Open
return CheckCode::Safe("Version #{current_version_string} is not affected.")Avoid too many return statements within this method. Open
Open
return CheckCode::Safe("Version #{current_version_string} is not affected.")Avoid too many return statements within this method. Open
Open
return CheckCode::Appears("Version #{current_version_string} is affected.")