Sign upLogin

rapid7/ruby_smb

View on GitHub
Star

Showing 174 of 307 total issues

Method encrypt has 28 lines of code (exceeds 25 allowed). Consider refactoring.
Open

        def encrypt(unencrypted_data, key, algorithm: 'AES-128-GCM')
          if unencrypted_data.is_a? BinData::Record
            unencrypted_data = unencrypted_data.to_binary_s
          end
Severity: Minor
Found in lib/ruby_smb/smb2/packet/transform_header.rb - About 1 hr to fix

    Method samr_lookup_names_in_domain has 28 lines of code (exceeds 25 allowed). Consider refactoring.
    Open

          def samr_lookup_names_in_domain(domain_handle:, names:)
        raise ArgumentError.new('names may not be longer than 1000') if names.length > 1000

        samr_lookup_request = SamrLookupNamesInDomainRequest.new(
          domain_handle: domain_handle,
    Severity: Minor
    Found in lib/ruby_smb/dcerpc/samr.rb - About 1 hr to fix

      Method write has a Cognitive Complexity of 10 (exceeds 5 allowed). Consider refactoring.
      Open

            def write(data:, offset: 0)
        buffer = data.dup
        bytes  = data.length
        total_bytes_written = 0
      Severity: Minor
      Found in lib/ruby_smb/smb1/file.rb - About 1 hr to fix

      Cognitive Complexity

      Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

      A method's cognitive complexity is based on a few simple rules:

      • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
      • Code is considered more complex for each "break in the linear flow of the code"
      • Code is considered more complex when "flow breaking structures are nested"

      Further reading

      Method drs_bind has a Cognitive Complexity of 10 (exceeds 5 allowed). Consider refactoring.
      Open

            def drs_bind
        drs_extensions_int = DrsExtensionsInt.new(
          dw_flags: DRS_EXT_GETCHGREQ_V6 | DRS_EXT_GETCHGREPLY_V6 | DRS_EXT_GETCHGREQ_V8 | DRS_EXT_STRONG_ENCRYPTION,
          dw_ext_caps: 0xFFFFFFFF
        )
      Severity: Minor
      Found in lib/ruby_smb/dcerpc/drsr.rb - About 1 hr to fix

      Cognitive Complexity

      Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

      A method's cognitive complexity is based on a few simple rules:

      • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
      • Code is considered more complex for each "break in the linear flow of the code"
      • Code is considered more complex when "flow breaking structures are nested"

      Further reading

      Method recv_struct has a Cognitive Complexity of 10 (exceeds 5 allowed). Consider refactoring.
      Open

            def recv_struct(struct)
        raise Error::CommunicationError, 'Connection has already been closed' if @tcp_socket.closed?
        if IO.select([@tcp_socket], nil, nil, @read_timeout).nil?
          raise Error::CommunicationError, "Read timeout expired when reading from the Socket (timeout=#{@read_timeout})"
        end
      Severity: Minor
      Found in lib/ruby_smb/dcerpc/client.rb - About 1 hr to fix

      Cognitive Complexity

      Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

      A method's cognitive complexity is based on a few simple rules:

      • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
      • Code is considered more complex for each "break in the linear flow of the code"
      • Code is considered more complex when "flow breaking structures are nested"

      Further reading

      Method name has a Cognitive Complexity of 10 (exceeds 5 allowed). Consider refactoring.
      Open

              def name
          sid = case sub_authority.size
          when 1
            WELL_KNOWN_SID_NAME[[identifier_authority[-1].to_i, sub_authority[0].to_i]]
          when 2
      Severity: Minor
      Found in lib/ruby_smb/dcerpc/samr/rpc_sid.rb - About 1 hr to fix

      Cognitive Complexity

      Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

      A method's cognitive complexity is based on a few simple rules:

      • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
      • Code is considered more complex for each "break in the linear flow of the code"
      • Code is considered more complex when "flow breaking structures are nested"

      Further reading

      Method samr_enumerate_domains_in_sam_server has a Cognitive Complexity of 10 (exceeds 5 allowed). Consider refactoring.
      Open

            def samr_enumerate_domains_in_sam_server(server_handle:, enumeration_context: 0)
        samr_enum_domains_request = SamrEnumerateDomainsInSamServerRequest.new(
          server_handle: server_handle,
          enumeration_context: enumeration_context,
          prefered_maximum_length: 0xFFFFFFFF
      Severity: Minor
      Found in lib/ruby_smb/dcerpc/samr.rb - About 1 hr to fix

      Cognitive Complexity

      Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

      A method's cognitive complexity is based on a few simple rules:

      • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
      • Code is considered more complex for each "break in the linear flow of the code"
      • Code is considered more complex when "flow breaking structures are nested"

      Further reading

      Method write has a Cognitive Complexity of 10 (exceeds 5 allowed). Consider refactoring.
      Open

            def write(data:'', offset: 0)
        max_write = tree.client.server_max_write_size
        max_write = 65536 unless tree.client.server_supports_multi_credit
        buffer            = data.dup
        bytes             = data.length
      Severity: Minor
      Found in lib/ruby_smb/smb2/file.rb - About 1 hr to fix

      Cognitive Complexity

      Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

      A method's cognitive complexity is based on a few simple rules:

      • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
      • Code is considered more complex for each "break in the linear flow of the code"
      • Code is considered more complex when "flow breaking structures are nested"

      Further reading

      Method samr_enumerate_users_in_domain has a Cognitive Complexity of 10 (exceeds 5 allowed). Consider refactoring.
      Open

            def samr_enumerate_users_in_domain(domain_handle:,
                                         enumeration_context: 0,
                                         user_account_control: USER_NORMAL_ACCOUNT |
                                                               USER_WORKSTATION_TRUST_ACCOUNT |
                                                               USER_SERVER_TRUST_ACCOUNT |
      Severity: Minor
      Found in lib/ruby_smb/dcerpc/samr.rb - About 1 hr to fix

      Cognitive Complexity

      Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

      A method's cognitive complexity is based on a few simple rules:

      • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
      • Code is considered more complex for each "break in the linear flow of the code"
      • Code is considered more complex when "flow breaking structures are nested"

      Further reading

      Method do_nt_create_andx_smb1 has 27 lines of code (exceeds 25 allowed). Consider refactoring.
      Open

                    def do_nt_create_andx_smb1(request)
                path = request.data_block.file_name.snapshot
                path = path.encode.gsub(/\/|\\/, File::SEPARATOR)
                path = path.delete_prefix(File::SEPARATOR)
                local_path = get_local_path(path)
      Severity: Minor
      Found in lib/ruby_smb/server/share/provider/disk/processor/create.rb - About 1 hr to fix

        Method process_ntlm_type1 has 27 lines of code (exceeds 25 allowed). Consider refactoring.
        Open

                  def process_ntlm_type1(type1_msg)
            type2_msg = Net::NTLM::Message::Type2.new.tap do |msg|
              msg.target_name = 'LOCALHOST'.encode('UTF-16LE').b
              msg.flag = 0
              %i{ KEY56 KEY128 KEY_EXCHANGE UNICODE TARGET_INFO VERSION_INFO }.each do |flag|
        Severity: Minor
        Found in lib/ruby_smb/gss/provider/ntlm.rb - About 1 hr to fix

          Method do_num_bytes has 27 lines of code (exceeds 25 allowed). Consider refactoring.
          Open

              def do_num_bytes(struct_offset = 0, is_deferred: false)
      sum = 0
      if is_deferred
        if is_a?(NdrStruct) && self.class.superclass.has_conformant_array
          # align :max_count since it will be placed in front of the structure.
          Severity: Minor
          Found in lib/ruby_smb/dcerpc/ndr.rb - About 1 hr to fix

            Method do_transactions2_smb1 has 27 lines of code (exceeds 25 allowed). Consider refactoring.
            Open

                          def do_transactions2_smb1(request)
                # can't find an example where more than one setup is set, this code makes alot of assumptions that there
                # are exactly 0 or 1 entries
                if request.parameter_block.setup.length > 1
                  raise NotImplementedError, 'There are more than 1 TRANSACTION2 setup values'
            Severity: Minor
            Found in lib/ruby_smb/server/share/provider/disk/processor/query.rb - About 1 hr to fix

              Method samr_enumerate_users_in_domain has 27 lines of code (exceeds 25 allowed). Consider refactoring.
              Open

                    def samr_enumerate_users_in_domain(domain_handle:,
                                         enumeration_context: 0,
                                         user_account_control: USER_NORMAL_ACCOUNT |
                                                               USER_WORKSTATION_TRUST_ACCOUNT |
                                                               USER_SERVER_TRUST_ACCOUNT |
              Severity: Minor
              Found in lib/ruby_smb/dcerpc/samr.rb - About 1 hr to fix

                Method samr_enumerate_domains_in_sam_server has 27 lines of code (exceeds 25 allowed). Consider refactoring.
                Open

                      def samr_enumerate_domains_in_sam_server(server_handle:, enumeration_context: 0)
        samr_enum_domains_request = SamrEnumerateDomainsInSamServerRequest.new(
          server_handle: server_handle,
          enumeration_context: enumeration_context,
          prefered_maximum_length: 0xFFFFFFFF
                Severity: Minor
                Found in lib/ruby_smb/dcerpc/samr.rb - About 1 hr to fix

                  Method drs_domain_controller_info has 26 lines of code (exceeds 25 allowed). Consider refactoring.
                  Open

                        def drs_domain_controller_info(h_drs, domain)
        drs_domain_controller_info_request = DrsDomainControllerInfoRequest.new(
          h_drs: h_drs,
          pmsg_in: {
            switch_type: 1,
                  Severity: Minor
                  Found in lib/ruby_smb/dcerpc/drsr.rb - About 1 hr to fix

                    Method logoff! has a Cognitive Complexity of 9 (exceeds 5 allowed). Consider refactoring.
                    Open

                        def logoff!
      if smb2 || smb3
        request      = RubySMB::SMB2::Packet::LogoffRequest.new
        raw_response = send_recv(request)
        response     = RubySMB::SMB2::Packet::LogoffResponse.read(raw_response)
                    Severity: Minor
                    Found in lib/ruby_smb/client.rb - About 55 mins to fix

                    Cognitive Complexity

                    Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                    A method's cognitive complexity is based on a few simple rules:

                    • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                    • Code is considered more complex for each "break in the linear flow of the code"
                    • Code is considered more complex when "flow breaking structures are nested"

                    Further reading

                    Method process_gss_type3 has a Cognitive Complexity of 9 (exceeds 5 allowed). Consider refactoring.
                    Open

                              def process_gss_type3(gss_api)
            neg_token_init = Hash[RubySMB::Gss.asn1dig(gss_api, 0).value.map { |obj| [obj.tag, obj.value[0].value] }]
            raw_type3_msg = neg_token_init[2]

            type3_msg = Net::NTLM::Message.parse(raw_type3_msg)
                    Severity: Minor
                    Found in lib/ruby_smb/gss/provider/ntlm.rb - About 55 mins to fix

                    Cognitive Complexity

                    Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                    A method's cognitive complexity is based on a few simple rules:

                    • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                    • Code is considered more complex for each "break in the linear flow of the code"
                    • Code is considered more complex when "flow breaking structures are nested"

                    Further reading

                    Method send_packet has a Cognitive Complexity of 9 (exceeds 5 allowed). Consider refactoring.
                    Open

                          def send_packet(packet)
        case metadialect&.family
        when Dialect::FAMILY_SMB1
          session_id = packet.smb_header.uid
        when Dialect::FAMILY_SMB2
                    Severity: Minor
                    Found in lib/ruby_smb/server/server_client.rb - About 55 mins to fix

                    Cognitive Complexity

                    Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                    A method's cognitive complexity is based on a few simple rules:

                    • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                    • Code is considered more complex for each "break in the linear flow of the code"
                    • Code is considered more complex when "flow breaking structures are nested"

                    Further reading

                    Method recv_packet has a Cognitive Complexity of 9 (exceeds 5 allowed). Consider refactoring.
                    Open

                        def recv_packet(encrypt: false)
      begin
        raw_response = dispatcher.recv_packet
      rescue RubySMB::Error::CommunicationError => e
        if encrypt
                    Severity: Minor
                    Found in lib/ruby_smb/client.rb - About 55 mins to fix

                    Cognitive Complexity

                    Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                    A method's cognitive complexity is based on a few simple rules:

                    • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                    • Code is considered more complex for each "break in the linear flow of the code"
                    • Code is considered more complex when "flow breaking structures are nested"

                    Further reading

                    Severity
                    Category
                    Status
                    Source
                    Language