modules/exploits/windows/http/flexdotnetcms_upload_exec.rb
Method check has a Cognitive Complexity of 31 (exceeds 5 allowed). Consider refactoring. Open
Open
def check
# used to ensure cleanup only runs against flexdotnetcms targets
@skip_cleanup = true
# visit login the page to get the necessary cookies- Read upRead up
Cognitive Complexity
Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.
A method's cognitive complexity is based on a few simple rules:
- Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
- Code is considered more complex for each "break in the linear flow of the code"
- Code is considered more complex when "flow breaking structures are nested"
Further reading
Method check has 103 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def check
# used to ensure cleanup only runs against flexdotnetcms targets
@skip_cleanup = true
# visit login the page to get the necessary cookiesMethod initialize has 63 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(
update_info(
info,
'Name' => 'FlexDotnetCMS Arbitrary ASP File Upload',File flexdotnetcms_upload_exec.rb has 256 lines of code (exceeds 250 allowed). Consider refactoring. Open
Open
class MetasploitModule < Msf::Exploit::Remote
Rank = ExcellentRanking
include Msf::Exploit::Remote::HttpClient
include Msf::Exploit::EXE
prepend Msf::Exploit::Remote::AutoCheckMethod rename_test_file_and_add_payload has a Cognitive Complexity of 10 (exceeds 5 allowed). Consider refactoring. Open
Open
def rename_test_file_and_add_payload
print_status("Renaming #{@payload_txt} to #{@payload_asp} again, this time adding the payload")
# load the file in the file editor in order to obtain tokens required for renaming it
res = send_request_cgi({- Read upRead up
Cognitive Complexity
Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.
A method's cognitive complexity is based on a few simple rules:
- Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
- Code is considered more complex for each "break in the linear flow of the code"
- Code is considered more complex when "flow breaking structures are nested"
Further reading
Avoid too many return statements within this method. Open
Open
return CheckCode::Detected('Received unexpected response while trying to follow redirect to /Admin/')Avoid too many return statements within this method. Open
Open
return CheckCode::Detected('Failed to authenticate to the server.')Avoid too many return statements within this method. Open
Open
return CheckCode::Detected("Connection failed while trying to upload test file #{@payload_txt}")Avoid too many return statements within this method. Open
Open
return CheckCode::Detected('Connection failed')Avoid too many return statements within this method. Open
Open
return CheckCode::Detected("Received unexpected response while trying to obtain tokens necessary for renaming #{@payload_txt}")Avoid too many return statements within this method. Open
Open
return CheckCode::Detected("Received unexpected response while trying to open test file #{@payload_txt} in the file editor")Avoid too many return statements within this method. Open
Open
return CheckCode::Detected("Received unexpected response while trying to upload test file #{@payload_txt}")Avoid too many return statements within this method. Open
Open
return CheckCode::Safe('Target is FlexDotnetCMS v1.5.9 or higher')Avoid too many return statements within this method. Open
Open
return CheckCode::Detected("Connection failed while trying to rename the test file #{@payload_txt}.")Avoid too many return statements within this method. Open
Open
return CheckCode::Detected("Connection failed while trying to open test file #{@payload_txt} in the file editor")Avoid too many return statements within this method. Open
Open
return CheckCode::Vulnerable('Target is FlexDotnetCMS v1.5.8 or lower.')Method cleanup has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring. Open
Open
def cleanup
# only run when at least one attempt to upload a file has been made
return if @skip_cleanup
# delete uploaded TXT and ASP files- Read upRead up
Cognitive Complexity
Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.
A method's cognitive complexity is based on a few simple rules:
- Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
- Code is considered more complex for each "break in the linear flow of the code"
- Code is considered more complex when "flow breaking structures are nested"