File whatsupgold_credential_dump.rb
has 614 lines of code (exceeds 250 allowed). Consider refactoring. Open
require 'metasploit/framework/credential_collection'
class MetasploitModule < Msf::Post
include Msf::Post::Common
include Msf::Post::File
Class MetasploitModule
has 29 methods (exceeds 20 allowed). Consider refactoring. Open
class MetasploitModule < Msf::Post
include Msf::Post::Common
include Msf::Post::File
include Msf::Post::Windows::MSSQL
include Msf::Post::Windows::Powershell
Method get_wug_database_config
has a Cognitive Complexity of 23 (exceeds 5 allowed). Consider refactoring. Open
def get_wug_database_config
db_str = nil
target_key = nil
if x64?
reg_keys = [
- Read upRead up
Cognitive Complexity
Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.
A method's cognitive complexity is based on a few simple rules:
- Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
- Code is considered more complex for each "break in the linear flow of the code"
- Code is considered more complex when "flow breaking structures are nested"
Further reading
Method decrypt_wug_db
has a Cognitive Complexity of 22 (exceeds 5 allowed). Consider refactoring. Open
def decrypt_wug_db(csv_dataset)
current_row = 0
decrypted_rows = 0
plaintext_rows = 0
blank_rows = 0
- Read upRead up
Cognitive Complexity
Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.
A method's cognitive complexity is based on a few simple rules:
- Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
- Code is considered more complex for each "break in the linear flow of the code"
- Code is considered more complex when "flow breaking structures are nested"
Further reading
Method initialize
has 65 lines of code (exceeds 25 allowed). Consider refactoring. Open
def initialize(info = {})
super(
update_info(
info,
'Name' => 'WhatsUp Gold Credentials Dump',
Method plunder
has a Cognitive Complexity of 18 (exceeds 5 allowed). Consider refactoring. Open
def plunder(rowset)
rowset.each_with_index do |row, idx|
next if idx == 0 # Skip header row
loot_user_col = row['Username'].split(':')
- Read upRead up
Cognitive Complexity
Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.
A method's cognitive complexity is based on a few simple rules:
- Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
- Code is considered more complex for each "break in the linear flow of the code"
- Code is considered more complex when "flow breaking structures are nested"
Further reading
Method decrypt_wug_db
has 57 lines of code (exceeds 25 allowed). Consider refactoring. Open
def decrypt_wug_db(csv_dataset)
current_row = 0
decrypted_rows = 0
plaintext_rows = 0
blank_rows = 0
Method get_wug_database_config
has 47 lines of code (exceeds 25 allowed). Consider refactoring. Open
def get_wug_database_config
db_str = nil
target_key = nil
if x64?
reg_keys = [
Method init_wug_db
has 46 lines of code (exceeds 25 allowed). Consider refactoring. Open
def init_wug_db
print_status('Init WhatsUp Gold SQL ...')
if datastore['MSSQL_INSTANCE'] && datastore['MSSQL_DB']
print_status('MSSQL_INSTANCE and MSSQL_DB advanced options set, connect to SQL using SSPI')
db_instance_path = datastore['MSSQL_INSTANCE']
Method plunder
has 38 lines of code (exceeds 25 allowed). Consider refactoring. Open
def plunder(rowset)
rowset.each_with_index do |row, idx|
next if idx == 0 # Skip header row
loot_user_col = row['Username'].split(':')
Method get_wug_version
has 36 lines of code (exceeds 25 allowed). Consider refactoring. Open
def get_wug_version
target_key = nil
if x64?
reg_keys = [
'HKLM\\SOFTWARE\\WOW6432Node\\Ipswitch\\Network Monitor\\WhatsUp Gold\\Setup',
Method get_wug_version
has a Cognitive Complexity of 10 (exceeds 5 allowed). Consider refactoring. Open
def get_wug_version
target_key = nil
if x64?
reg_keys = [
'HKLM\\SOFTWARE\\WOW6432Node\\Ipswitch\\Network Monitor\\WhatsUp Gold\\Setup',
- Read upRead up
Cognitive Complexity
Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.
A method's cognitive complexity is based on a few simple rules:
- Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
- Code is considered more complex for each "break in the linear flow of the code"
- Code is considered more complex when "flow breaking structures are nested"
Further reading
Method read_csv_file
has a Cognitive Complexity of 10 (exceeds 5 allowed). Consider refactoring. Open
def read_csv_file(file_name)
fail_with(Msf::Exploit::Failure::NoTarget, "CSV file #{file_name} not found") unless ::File.file?(file_name)
csv_rows = ::File.binread(file_name)
csv = ::CSV.parse(
- Read upRead up
Cognitive Complexity
Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.
A method's cognitive complexity is based on a few simple rules:
- Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
- Code is considered more complex for each "break in the linear flow of the code"
- Code is considered more complex when "flow breaking structures are nested"
Further reading
Method decrypt
has 26 lines of code (exceeds 25 allowed). Consider refactoring. Open
def decrypt(csv_file)
csv = read_csv_file(csv_file)
print_good("#{csv.count} WUG rows loaded, #{@wug_total_secrets} unique nCredentialTypeIDs")
result = decrypt_wug_db(csv)
processed_rows = result[:processed_rows]
Method init_wug_db
has a Cognitive Complexity of 9 (exceeds 5 allowed). Consider refactoring. Open
def init_wug_db
print_status('Init WhatsUp Gold SQL ...')
if datastore['MSSQL_INSTANCE'] && datastore['MSSQL_DB']
print_status('MSSQL_INSTANCE and MSSQL_DB advanced options set, connect to SQL using SSPI')
db_instance_path = datastore['MSSQL_INSTANCE']
- Read upRead up
Cognitive Complexity
Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.
A method's cognitive complexity is based on a few simple rules:
- Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
- Code is considered more complex for each "break in the linear flow of the code"
- Code is considered more complex when "flow breaking structures are nested"
Further reading
Method run
has a Cognitive Complexity of 9 (exceeds 5 allowed). Consider refactoring. Open
def run
init_module
current_action = action.name.downcase
if current_action == 'export' || current_action == 'dump'
print_status('Performing export of WhatsUp Gold SQL database to CSV file')
- Read upRead up
Cognitive Complexity
Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.
A method's cognitive complexity is based on a few simple rules:
- Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
- Code is considered more complex for each "break in the linear flow of the code"
- Code is considered more complex when "flow breaking structures are nested"
Further reading
Method parse_odbc_dsn
has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring. Open
def parse_odbc_dsn(dsn_reg_key)
return nil unless registry_key_exist?(dsn_reg_key)
res = {}
wug_server = registry_getvaldata(dsn_reg_key, 'Server').to_s.delete("\000")
- Read upRead up
Cognitive Complexity
Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.
A method's cognitive complexity is based on a few simple rules:
- Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
- Code is considered more complex for each "break in the linear flow of the code"
- Code is considered more complex when "flow breaking structures are nested"
Further reading
Method init_wug_encryption
has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring. Open
def init_wug_encryption
print_status('Init WhatsUp Gold crypto ...')
# Static RC2-40 key "salted" with 11 bytes of 0x00 - looking at you, wincrypt.h
@wug_rc2_key = ['112cc5a60c0000000000000000000000'].pack('H*')
- Read upRead up
Cognitive Complexity
Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.
A method's cognitive complexity is based on a few simple rules:
- Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
- Code is considered more complex for each "break in the linear flow of the code"
- Code is considered more complex when "flow breaking structures are nested"
Further reading
Method init_module
has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring. Open
def init_module
wug_hostname = get_env('COMPUTERNAME')
print_status("Hostname #{wug_hostname} IPv4 #{rhost}")
current_action = action.name.downcase
require_sql = current_action == 'export' || current_action == 'dump'
- Read upRead up
Cognitive Complexity
Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.
A method's cognitive complexity is based on a few simple rules:
- Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
- Code is considered more complex for each "break in the linear flow of the code"
- Code is considered more complex when "flow breaking structures are nested"
Further reading
Method dump_wug_db
has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring. Open
def dump_wug_db
sql_query = "SET NOCOUNT ON;
SELECT
ct.nCredentialTypeID nCredentialTypeID,
CONVERT(VARBINARY(1024),ct.sDisplayName) DisplayName,
- Read upRead up
Cognitive Complexity
Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.
A method's cognitive complexity is based on a few simple rules:
- Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
- Code is considered more complex for each "break in the linear flow of the code"
- Code is considered more complex when "flow breaking structures are nested"
Further reading
Method decrypt
has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring. Open
def decrypt(csv_file)
csv = read_csv_file(csv_file)
print_good("#{csv.count} WUG rows loaded, #{@wug_total_secrets} unique nCredentialTypeIDs")
result = decrypt_wug_db(csv)
processed_rows = result[:processed_rows]
- Read upRead up
Cognitive Complexity
Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.
A method's cognitive complexity is based on a few simple rules:
- Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
- Code is considered more complex for each "break in the linear flow of the code"
- Code is considered more complex when "flow breaking structures are nested"