rapid7/metasploit-framework

View on GitHub
modules/post/multi/gather/lastpass_creds.rb

Summary

Maintainability
F
1 wk
Test Coverage

File lastpass_creds.rb has 702 lines of code (exceeds 250 allowed). Consider refactoring.
Open

require 'sqlite3'
require 'uri'

class MetasploitModule < Msf::Post
  include Msf::Post::File
Severity: Major
Found in modules/post/multi/gather/lastpass_creds.rb - About 1 day to fix

    Method extract_vault_and_iterations has a Cognitive Complexity of 45 (exceeds 5 allowed). Consider refactoring.
    Open

      def extract_vault_and_iterations(account_map)
        account_map.each_pair do |account, browser_map|
          browser_map.each_pair do |browser, lp_data|
            lp_data['lp_creds'].each_pair do |username, user_data|
              if browser.match(/Firefox|IE/)
    Severity: Minor
    Found in modules/post/multi/gather/lastpass_creds.rb - About 6 hrs to fix

    Cognitive Complexity

    Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

    A method's cognitive complexity is based on a few simple rules:

    • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
    • Code is considered more complex for each "break in the linear flow of the code"
    • Code is considered more complex when "flow breaking structures are nested"

    Further reading

    Method extract_credentials has a Cognitive Complexity of 42 (exceeds 5 allowed). Consider refactoring.
    Open

      def extract_credentials(account_map)
        account_map.each_pair do |account, browser_map|
          browser_map.each_pair do |browser, lp_data|
            account_map[account][browser]['lp_creds'] = {}
            if browser.match(/Firefox|IE/)
    Severity: Minor
    Found in modules/post/multi/gather/lastpass_creds.rb - About 6 hrs to fix

    Cognitive Complexity

    Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

    A method's cognitive complexity is based on a few simple rules:

    • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
    • Code is considered more complex for each "break in the linear flow of the code"
    • Code is considered more complex when "flow breaking structures are nested"

    Further reading

    Method decrypt_local_vault_key has a Cognitive Complexity of 42 (exceeds 5 allowed). Consider refactoring.
    Open

      def decrypt_local_vault_key(account, browser_map)
        data = nil
        session_cookie_value = nil
    
        browser_map.each_pair do |browser, lp_data|
    Severity: Minor
    Found in modules/post/multi/gather/lastpass_creds.rb - About 6 hrs to fix

    Cognitive Complexity

    Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

    A method's cognitive complexity is based on a few simple rules:

    • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
    • Code is considered more complex for each "break in the linear flow of the code"
    • Code is considered more complex when "flow breaking structures are nested"

    Further reading

    Method print_vault_passwords has a Cognitive Complexity of 32 (exceeds 5 allowed). Consider refactoring.
    Open

      def print_vault_passwords(account_map)
        account_map.each_pair do |account, browser_map|
          browser_map.each_pair do |browser, lp_data|
            lp_data['lp_creds'].each_pair do |username, user_data|
              lastpass_vault_data_table = Rex::Text::Table.new(
    Severity: Minor
    Found in modules/post/multi/gather/lastpass_creds.rb - About 4 hrs to fix

    Cognitive Complexity

    Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

    A method's cognitive complexity is based on a few simple rules:

    • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
    • Code is considered more complex for each "break in the linear flow of the code"
    • Code is considered more complex when "flow breaking structures are nested"

    Further reading

    Method ie_firefox_credentials has a Cognitive Complexity of 26 (exceeds 5 allowed). Consider refactoring.
    Open

      def ie_firefox_credentials(prefs_path, localstorage_db_path)
        credentials = []
        data = nil
    
        if prefs_path.nil? # IE
    Severity: Minor
    Found in modules/post/multi/gather/lastpass_creds.rb - About 3 hrs to fix

    Cognitive Complexity

    Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

    A method's cognitive complexity is based on a few simple rules:

    • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
    • Code is considered more complex for each "break in the linear flow of the code"
    • Code is considered more complex when "flow breaking structures are nested"

    Further reading

    Class MetasploitModule has 30 methods (exceeds 20 allowed). Consider refactoring.
    Open

    class MetasploitModule < Msf::Post
      include Msf::Post::File
      include Msf::Post::Windows::UserProfiles
      include Msf::Post::OSX::System
      include Msf::Post::Unix
    Severity: Minor
    Found in modules/post/multi/gather/lastpass_creds.rb - About 3 hrs to fix

      Method extract_vault_keys has a Cognitive Complexity of 25 (exceeds 5 allowed). Consider refactoring.
      Open

        def extract_vault_keys(account_map)
          account_map.each_pair do |account, browser_map|
            browser_map.each_pair do |browser, lp_data|
              browser_checked = false # Track if local stored vault key was already decrypted for this browser (only one session cookie)
              lp_data['lp_creds'].each_pair do |username, user_data|
      Severity: Minor
      Found in modules/post/multi/gather/lastpass_creds.rb - About 3 hrs to fix

      Cognitive Complexity

      Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

      A method's cognitive complexity is based on a few simple rules:

      • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
      • Code is considered more complex for each "break in the linear flow of the code"
      • Code is considered more complex when "flow breaking structures are nested"

      Further reading

      Method extract_2fa_tokens has a Cognitive Complexity of 23 (exceeds 5 allowed). Consider refactoring.
      Open

        def extract_2fa_tokens(account_map)
          account_map.each_pair do |account, browser_map|
            browser_map.each_pair do |browser, lp_data|
              if browser.match(/Firefox|IE/)
                path = lp_data['localstorage_db'] + system_separator + "lp.suid"
      Severity: Minor
      Found in modules/post/multi/gather/lastpass_creds.rb - About 3 hrs to fix

      Cognitive Complexity

      Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

      A method's cognitive complexity is based on a few simple rules:

      • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
      • Code is considered more complex for each "break in the linear flow of the code"
      • Code is considered more complex when "flow breaking structures are nested"

      Further reading

      Method build_account_map has 80 lines of code (exceeds 25 allowed). Consider refactoring.
      Open

        def build_account_map
          profiles = user_profiles
          account_map = {}
      
          profiles.each do |user_profile|
      Severity: Major
      Found in modules/post/multi/gather/lastpass_creds.rb - About 3 hrs to fix

        Method build_account_map has a Cognitive Complexity of 21 (exceeds 5 allowed). Consider refactoring.
        Open

          def build_account_map
            profiles = user_profiles
            account_map = {}
        
            profiles.each do |user_profile|
        Severity: Minor
        Found in modules/post/multi/gather/lastpass_creds.rb - About 2 hrs to fix

        Cognitive Complexity

        Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

        A method's cognitive complexity is based on a few simple rules:

        • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
        • Code is considered more complex for each "break in the linear flow of the code"
        • Code is considered more complex when "flow breaking structures are nested"

        Further reading

        Method decrypt_local_vault_key has 65 lines of code (exceeds 25 allowed). Consider refactoring.
        Open

          def decrypt_local_vault_key(account, browser_map)
            data = nil
            session_cookie_value = nil
        
            browser_map.each_pair do |browser, lp_data|
        Severity: Major
        Found in modules/post/multi/gather/lastpass_creds.rb - About 2 hrs to fix

          Method extract_otpbin has a Cognitive Complexity of 14 (exceeds 5 allowed). Consider refactoring.
          Open

            def extract_otpbin(browser, username, lp_data)
              if browser.match(/Firefox|IE/)
                if browser == "Firefox"
                  path = lp_data['localstorage_db'] + system_separator + OpenSSL::Digest::SHA256.hexdigest(username) + "_ff.sotp"
                else # IE
          Severity: Minor
          Found in modules/post/multi/gather/lastpass_creds.rb - About 1 hr to fix

          Cognitive Complexity

          Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

          A method's cognitive complexity is based on a few simple rules:

          • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
          • Code is considered more complex for each "break in the linear flow of the code"
          • Code is considered more complex when "flow breaking structures are nested"

          Further reading

          Method extract_vault_and_iterations has 41 lines of code (exceeds 25 allowed). Consider refactoring.
          Open

            def extract_vault_and_iterations(account_map)
              account_map.each_pair do |account, browser_map|
                browser_map.each_pair do |browser, lp_data|
                  lp_data['lp_creds'].each_pair do |username, user_data|
                    if browser.match(/Firefox|IE/)
          Severity: Minor
          Found in modules/post/multi/gather/lastpass_creds.rb - About 1 hr to fix

            Method extract_credentials has 41 lines of code (exceeds 25 allowed). Consider refactoring.
            Open

              def extract_credentials(account_map)
                account_map.each_pair do |account, browser_map|
                  browser_map.each_pair do |browser, lp_data|
                    account_map[account][browser]['lp_creds'] = {}
                    if browser.match(/Firefox|IE/)
            Severity: Minor
            Found in modules/post/multi/gather/lastpass_creds.rb - About 1 hr to fix

              Method print_vault_passwords has 40 lines of code (exceeds 25 allowed). Consider refactoring.
              Open

                def print_vault_passwords(account_map)
                  account_map.each_pair do |account, browser_map|
                    browser_map.each_pair do |browser, lp_data|
                      lp_data['lp_creds'].each_pair do |username, user_data|
                        lastpass_vault_data_table = Rex::Text::Table.new(
              Severity: Minor
              Found in modules/post/multi/gather/lastpass_creds.rb - About 1 hr to fix

                Method parse_vault_account has a Cognitive Complexity of 13 (exceeds 5 allowed). Consider refactoring.
                Open

                  def parse_vault_account(chunk, vault_key)
                    pointer = 22 # Starting position to find data to decrypt
                    labels = ["name", "folder", "url", "notes", "undefined", "undefined2", "username", "password"]
                    vault_data = []
                    for label in labels
                Severity: Minor
                Found in modules/post/multi/gather/lastpass_creds.rb - About 1 hr to fix

                Cognitive Complexity

                Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                A method's cognitive complexity is based on a few simple rules:

                • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                • Code is considered more complex for each "break in the linear flow of the code"
                • Code is considered more complex when "flow breaking structures are nested"

                Further reading

                Method ie_firefox_credentials has 37 lines of code (exceeds 25 allowed). Consider refactoring.
                Open

                  def ie_firefox_credentials(prefs_path, localstorage_db_path)
                    credentials = []
                    data = nil
                
                    if prefs_path.nil? # IE
                Severity: Minor
                Found in modules/post/multi/gather/lastpass_creds.rb - About 1 hr to fix

                  Method initialize has 35 lines of code (exceeds 25 allowed). Consider refactoring.
                  Open

                    def initialize(info = {})
                      super(
                        update_info(
                          info,
                          'Name' => 'LastPass Vault Decryptor',
                  Severity: Minor
                  Found in modules/post/multi/gather/lastpass_creds.rb - About 1 hr to fix

                    Method read_registry_key_value has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.
                    Open

                      def read_registry_key_value(key, value)
                        begin
                          root_key, base_key = session.sys.registry.splitkey(key)
                          reg_key = session.sys.registry.open_key(root_key, base_key, KEY_READ)
                          return nil unless reg_key
                    Severity: Minor
                    Found in modules/post/multi/gather/lastpass_creds.rb - About 45 mins to fix

                    Cognitive Complexity

                    Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                    A method's cognitive complexity is based on a few simple rules:

                    • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                    • Code is considered more complex for each "break in the linear flow of the code"
                    • Code is considered more complex when "flow breaking structures are nested"

                    Further reading

                    Method find_db_paths has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.
                    Open

                      def find_db_paths(path, browser, account)
                        paths = []
                    
                        vprint_status "Checking #{account}'s #{browser}"
                        if browser == "IE" # Special case for IE
                    Severity: Minor
                    Found in modules/post/multi/gather/lastpass_creds.rb - About 45 mins to fix

                    Cognitive Complexity

                    Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                    A method's cognitive complexity is based on a few simple rules:

                    • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                    • Code is considered more complex for each "break in the linear flow of the code"
                    • Code is considered more complex when "flow breaking structures are nested"

                    Further reading

                    Method loot_file has 5 arguments (exceeds 4 allowed). Consider refactoring.
                    Open

                      def loot_file(path, data, title, type, description)
                    Severity: Minor
                    Found in modules/post/multi/gather/lastpass_creds.rb - About 35 mins to fix

                      Method extract_local_encrypted_vault_key has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
                      Open

                        def extract_local_encrypted_vault_key(browser, username, lp_data)
                          if browser.match(/Firefox|IE/)
                            encrypted_key_path = lp_data['localstorage_db'] + system_separator + OpenSSL::Digest::SHA256.hexdigest(username) + "_lpall.slps"
                            encrypted_vault_key = read_remote_file(encrypted_key_path)
                            encrypted_vault_key = windows_unprotect(encrypted_vault_key) if encrypted_vault_key != nil && encrypted_vault_key.match(/^AQAAA.+/) # Verify Windows protection
                      Severity: Minor
                      Found in modules/post/multi/gather/lastpass_creds.rb - About 35 mins to fix

                      Cognitive Complexity

                      Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                      A method's cognitive complexity is based on a few simple rules:

                      • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                      • Code is considered more complex for each "break in the linear flow of the code"
                      • Code is considered more complex when "flow breaking structures are nested"

                      Further reading

                      Identical blocks of code found in 2 locations. Consider refactoring.
                      Open

                          if session.sys.process.each_process.find { |i| i["pid"] == pid } ["arch"] == "x86"
                            addr = [mem].pack("V")
                            len = [data.length].pack("V")
                            ret = session.railgun.crypt32.CryptUnprotectData("#{len}#{addr}", 16, nil, nil, nil, 0, 8)
                            len, addr = ret["pDataOut"].unpack("V2")
                      Severity: Major
                      Found in modules/post/multi/gather/lastpass_creds.rb and 1 other location - About 3 hrs to fix
                      modules/post/windows/gather/credentials/skype.rb on lines 77..89

                      Duplicated Code

                      Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

                      Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

                      When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

                      Tuning

                      This issue has a mass of 109.

                      We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

                      The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

                      If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

                      See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

                      Refactorings

                      Further Reading

                      Similar blocks of code found in 2 locations. Consider refactoring.
                      Open

                            when 'osx'
                              browser_path_map = {
                                'Chrome' => "#{user_profile['LocalAppData']}/Google/Chrome/Default/databases/chrome-extension_hdokiejnpimakedhajhdlcegeplioahd_0",
                                'Firefox' => "#{user_profile['LocalAppData']}/Firefox/Profiles",
                                'Opera' => "#{user_profile['LocalAppData']}/com.operasoftware.Opera/databases/chrome-extension_hnjalnkldgigidggphhmacmimbdlafdo_0",
                      Severity: Major
                      Found in modules/post/multi/gather/lastpass_creds.rb and 1 other location - About 2 hrs to fix
                      modules/post/multi/gather/lastpass_creds.rb on lines 94..111

                      Duplicated Code

                      Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

                      Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

                      When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

                      Tuning

                      This issue has a mass of 88.

                      We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

                      The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

                      If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

                      See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

                      Refactorings

                      Further Reading

                      Similar blocks of code found in 2 locations. Consider refactoring.
                      Open

                            when 'windows'
                              browser_path_map = {
                                'Chrome' => "#{user_profile['LocalAppData']}\\Google\\Chrome\\User Data\\Default\\databases\\chrome-extension_hdokiejnpimakedhajhdlcegeplioahd_0",
                                'Firefox' => "#{user_profile['AppData']}\\Mozilla\\Firefox\\Profiles",
                                'IE' => "#{user_profile['LocalAppData']}Low\\LastPass",
                      Severity: Major
                      Found in modules/post/multi/gather/lastpass_creds.rb and 1 other location - About 2 hrs to fix
                      modules/post/multi/gather/lastpass_creds.rb on lines 129..146

                      Duplicated Code

                      Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

                      Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

                      When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

                      Tuning

                      This issue has a mass of 88.

                      We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

                      The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

                      If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

                      See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

                      Refactorings

                      Further Reading

                      Identical blocks of code found in 2 locations. Consider refactoring.
                      Open

                          when /osx/
                            user_names = session.shell_command("ls /Users").split
                            user_names.reject! { |u| u == 'Shared' }
                            user_names.each do |user_name|
                              user_profiles.push(
                      Severity: Minor
                      Found in modules/post/multi/gather/lastpass_creds.rb and 1 other location - About 35 mins to fix
                      modules/post/multi/manage/hsts_eraser.rb on lines 109..117

                      Duplicated Code

                      Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

                      Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

                      When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

                      Tuning

                      This issue has a mass of 34.

                      We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

                      The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

                      If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

                      See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

                      Refactorings

                      Further Reading

                      Similar blocks of code found in 2 locations. Consider refactoring.
                      Open

                          if directory?(path)
                            files = dir(path)
                            files.reject! { |file| %w(. ..).include?(file) }
                            files.each do |file_path|
                              found_dbs_paths.push([path, file_path, 'prefs.js'].join(system_separator)) if file_path.match(/.*\.default/)
                      Severity: Minor
                      Found in modules/post/multi/gather/lastpass_creds.rb and 1 other location - About 30 mins to fix
                      modules/post/multi/manage/hsts_eraser.rb on lines 80..84

                      Duplicated Code

                      Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

                      Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

                      When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

                      Tuning

                      This issue has a mass of 32.

                      We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

                      The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

                      If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

                      See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

                      Refactorings

                      Further Reading

                      Similar blocks of code found in 2 locations. Consider refactoring.
                      Open

                                    iterations_path = lp_data['localstorage_db'] + system_separator + OpenSSL::Digest::SHA256.hexdigest(username) + "_key_ie.itr"
                                    vault_path = lp_data['localstorage_db'] + system_separator + OpenSSL::Digest::SHA256.hexdigest(username) + "_lps.sxml"
                      Severity: Minor
                      Found in modules/post/multi/gather/lastpass_creds.rb and 1 other location - About 25 mins to fix
                      modules/post/multi/gather/lastpass_creds.rb on lines 420..421

                      Duplicated Code

                      Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

                      Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

                      When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

                      Tuning

                      This issue has a mass of 29.

                      We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

                      The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

                      If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

                      See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

                      Refactorings

                      Further Reading

                      Similar blocks of code found in 2 locations. Consider refactoring.
                      Open

                                    iterations_path = lp_data['localstorage_db'] + system_separator + OpenSSL::Digest::SHA256.hexdigest(username) + "_key.itr"
                                    vault_path = lp_data['localstorage_db'] + system_separator + OpenSSL::Digest::SHA256.hexdigest(username) + "_lps.act.sxml"
                      Severity: Minor
                      Found in modules/post/multi/gather/lastpass_creds.rb and 1 other location - About 25 mins to fix
                      modules/post/multi/gather/lastpass_creds.rb on lines 423..424

                      Duplicated Code

                      Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

                      Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

                      When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

                      Tuning

                      This issue has a mass of 29.

                      We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

                      The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

                      If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

                      See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

                      Refactorings

                      Further Reading

                      Identical blocks of code found in 2 locations. Consider refactoring.
                      Open

                          when /unix|linux/
                            user_names = dir("/home")
                            user_names.reject! { |u| %w(. ..).include?(u) }
                            user_names.each do |user_name|
                              user_profiles.push('UserName' => user_name, "LocalAppData" => "/home/#{user_name}")
                      Severity: Minor
                      Found in modules/post/multi/gather/lastpass_creds.rb and 1 other location - About 20 mins to fix
                      modules/post/multi/manage/hsts_eraser.rb on lines 103..107

                      Duplicated Code

                      Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

                      Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

                      When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

                      Tuning

                      This issue has a mass of 28.

                      We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

                      The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

                      If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

                      See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

                      Refactorings

                      Further Reading

                      There are no issues that match your filters.

                      Category
                      Status