Method enumerate_writable_path_dirs has a Cognitive Complexity of 51 (exceeds 5 allowed). Consider refactoring. Open
def enumerate_writable_path_dirs(path_dirs, user_groups, current_user)
writable_path_dirs = []
perms_we_need = ['(F)', '(M)']
print_status('')
- Read upRead up
Cognitive Complexity
Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.
A method's cognitive complexity is based on a few simple rules:
- Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
- Code is considered more complex for each "break in the linear flow of the code"
- Code is considered more complex when "flow breaking structures are nested"
Further reading
File srclient_dll_hijacking.rb has 276 lines of code (exceeds 250 allowed). Consider refactoring. Open
class MetasploitModule < Msf::Exploit::Local
Rank = NormalRanking
include Msf::Exploit::EXE
include Msf::Exploit::FileDropperMethod exploit has a Cognitive Complexity of 19 (exceeds 5 allowed). Consider refactoring. Open
def exploit
if is_system?
fail_with(Failure::None, 'Session is already elevated')
end
- Read upRead up
Cognitive Complexity
Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.
A method's cognitive complexity is based on a few simple rules:
- Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
- Code is considered more complex for each "break in the linear flow of the code"
- Code is considered more complex when "flow breaking structures are nested"
Further reading
Method initialize has 58 lines of code (exceeds 25 allowed). Consider refactoring. Open
def initialize(info = {})
super(
update_info(
info,
'Name' => 'Windows Server 2012 SrClient DLL hijacking',Method exploit has 53 lines of code (exceeds 25 allowed). Consider refactoring. Open
def exploit
if is_system?
fail_with(Failure::None, 'Session is already elevated')
end
Method check has a Cognitive Complexity of 16 (exceeds 5 allowed). Consider refactoring. Open
def check
version = get_version_info
unless version.build_number == Msf::WindowsVersion::Server2012 && version.windows_server?
return Exploit::CheckCode::Safe('Target is not Windows Server 2012.')
end- Read upRead up
Cognitive Complexity
Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.
A method's cognitive complexity is based on a few simple rules:
- Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
- Code is considered more complex for each "break in the linear flow of the code"
- Code is considered more complex when "flow breaking structures are nested"
Further reading
Method check has 40 lines of code (exceeds 25 allowed). Consider refactoring. Open
def check
version = get_version_info
unless version.build_number == Msf::WindowsVersion::Server2012 && version.windows_server?
return Exploit::CheckCode::Safe('Target is not Windows Server 2012.')
endMethod enumerate_writable_path_dirs has 34 lines of code (exceeds 25 allowed). Consider refactoring. Open
def enumerate_writable_path_dirs(path_dirs, user_groups, current_user)
writable_path_dirs = []
perms_we_need = ['(F)', '(M)']
print_status('')
Method grab_user_groups has a Cognitive Complexity of 10 (exceeds 5 allowed). Consider refactoring. Open
def grab_user_groups(current_user)
print_status("Obtaining group information for the current user #{current_user}...")
# add current user to the groups we are a member of in case user-specific permissions are set for any of the %PATH% directories
user_groups = [current_user]- Read upRead up
Cognitive Complexity
Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.
A method's cognitive complexity is based on a few simple rules:
- Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
- Code is considered more complex for each "break in the linear flow of the code"
- Code is considered more complex when "flow breaking structures are nested"
Further reading
Method monitor_tiworker has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring. Open
def monitor_tiworker
print_warning("TiWorker.exe is already running on the target. The module will monitor the process every 10 seconds for up to #{wait_for_tiworker} minute(s)...")
wait_time_left = wait_for_tiworker
sleep_time = 0
while wait_time_left > 0- Read upRead up
Cognitive Complexity
Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.
A method's cognitive complexity is based on a few simple rules:
- Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
- Code is considered more complex for each "break in the linear flow of the code"
- Code is considered more complex when "flow breaking structures are nested"
Further reading
Avoid too many return statements within this method. Open
return Exploit::CheckCode::AppearsAvoid too many return statements within this method. Open
return Exploit::CheckCode::Safe(writable_path_dirs_fail_message)Method find_pdir_owner has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring. Open
def find_pdir_owner(pdir, current_user)
# we need double backslashes in the path for wmic, using block gsub because regular gsub doesn't seem to work
pdir_escaped = pdir.gsub(/\\/) { '\\\\' }
pdir_owner_info = cmd_exec("wmic path Win32_LogicalFileSecuritySetting where Path=\"#{pdir_escaped}\" ASSOC /RESULTROLE:Owner /ASSOCCLASS:Win32_LogicalFileOwner /RESULTCLASS:Win32_SID")
if pdir_owner_info.blank? || pdir_owner_info.split('{')[0].blank?- Read upRead up
Cognitive Complexity
Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.
A method's cognitive complexity is based on a few simple rules:
- Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
- Code is considered more complex for each "break in the linear flow of the code"
- Code is considered more complex when "flow breaking structures are nested"