Sign upLogin

rastating/wordpress-exploit-framework

View on GitHub
Star

Showing 121 of 338 total issues

Method run has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.
Open

  def run
    return false unless super

    listing = [{
      name: 'Name', type: 'Type'
Severity: Minor
Found in lib/wpxf/modules/auxiliary/info/download_manager_directory_listing_disclosure.rb - About 45 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method _check_version_from_readme has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.
Open

  def _check_version_from_readme(type, name, fixed = nil, introduced = nil)
    readme = _get_first_readme(name, type)
    if readme.nil?
      # No readme present for plugin
      return :unknown if type == :plugin
Severity: Minor
Found in lib/wpxf/wordpress/fingerprint.rb - About 45 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method run has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.
Open

    def run
      if normalized_option_value('check_wordpress_and_online')
        return false unless check_wordpress_and_online
      end
Severity: Minor
Found in lib/wpxf/core/module.rb - About 45 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method run has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.
Open

  def run
    return false unless super

    emit_info 'Extracting table prefix...'
    prefix = table_prefix
Severity: Minor
Found in lib/wpxf/modules/auxiliary/priv_esc/custom_contact_forms_privilege_escalation.rb - About 45 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method run has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.
Open

  def run
    return false unless super

    emit_info 'Preparing payload...'
    payload_name = "#{Utility::Text.rand_alpha(rand(5..10))}.php"
Severity: Minor
Found in lib/wpxf/modules/exploit/shell/creative_contact_form_shell_upload.rb - About 45 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method _determine_prefix has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.
Open

  def _determine_prefix
    body = _build_prefix_request_body
    params = _build_prefix_request_params

    res = execute_request(
Severity: Minor
Found in lib/wpxf/wordpress/hash_dump.rb - About 45 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method run has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.
Open

  def run
    return false unless super

    emit_info 'Preparing payload...'
    theme_name = Utility::Text.rand_alpha(rand(5..10))
Severity: Minor
Found in lib/wpxf/modules/exploit/shell/mailpoet_newsletters_shell_upload.rb - About 45 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method execute_user_command has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.
Open

      def execute_user_command(command, args)
        command = normalise_alised_commands(command)
        if can_handle? command
          puts unless commands_without_output.include? command
          send(command, *args) if correct_number_of_args?(command, args)
Severity: Minor
Found in lib/wpxf/cli/console.rb - About 45 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method _http_server_loop has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.
Open

  def _http_server_loop
    begin
      loop do
        socket = @tcp_server.accept
Severity: Minor
Found in lib/wpxf/net/http_server.rb - About 45 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method post_wordpress_comment has 5 arguments (exceeds 4 allowed). Consider refactoring.
Open

  def post_wordpress_comment(post_id, content, author, email, website)
Severity: Minor
Found in lib/wpxf/wordpress/comments.rb - About 35 mins to fix

    Method _upload_plugin has 5 arguments (exceeds 4 allowed). Consider refactoring.
    Open

      def _upload_plugin(plugin_name, payload_name, cookie, nonce, create_zip = true)
    Severity: Minor
    Found in lib/wpxf/wordpress/plugin.rb - About 35 mins to fix

      Method start has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
      Open

            def start
        loop do
          begin
            input = prompt_for_input
            break if input =~ /exit|quit/
      Severity: Minor
      Found in lib/wpxf/cli/console.rb - About 35 mins to fix

      Cognitive Complexity

      Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

      A method's cognitive complexity is based on a few simple rules:

      • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
      • Code is considered more complex for each "break in the linear flow of the code"
      • Code is considered more complex when "flow breaking structures are nested"

      Further reading

      Method run has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
      Open

        def run
    return false unless super

    emit_info 'Preparing payload...'
    year = Time.new.year.to_s
      Severity: Minor
      Found in lib/wpxf/modules/exploit/shell/reflex_gallery_shell_upload.rb - About 35 mins to fix

      Cognitive Complexity

      Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

      A method's cognitive complexity is based on a few simple rules:

      • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
      • Code is considered more complex for each "break in the linear flow of the code"
      • Code is considered more complex when "flow breaking structures are nested"

      Further reading

      Method run has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
      Open

        def run
    return false unless super

    body = build_update_body
    unless body
      Severity: Minor
      Found in lib/wpxf/modules/auxiliary/priv_esc/user_role_editor_privilege_escalation.rb - About 35 mins to fix

      Cognitive Complexity

      Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

      A method's cognitive complexity is based on a few simple rules:

      • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
      • Code is considered more complex for each "break in the linear flow of the code"
      • Code is considered more complex when "flow breaking structures are nested"

      Further reading

      Method run has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
      Open

        def run
    return false unless super

    emit_info 'Preparing payload...'
    payload_id = Utility::Text.rand_alpha(10)
      Severity: Minor
      Found in lib/wpxf/modules/exploit/shell/symposium_shell_upload.rb - About 35 mins to fix

      Cognitive Complexity

      Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

      A method's cognitive complexity is based on a few simple rules:

      • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
      • Code is considered more complex for each "break in the linear flow of the code"
      • Code is considered more complex when "flow breaking structures are nested"

      Further reading

      Method run has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
      Open

        def run
    return false unless super

    emit_info 'Preparing payload...'
    payload_name = "#{Utility::Text.rand_alpha(rand(5..10))}.php"
      Severity: Minor
      Found in lib/wpxf/modules/exploit/shell/inboundio_marketing_shell_upload.rb - About 35 mins to fix

      Cognitive Complexity

      Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

      A method's cognitive complexity is based on a few simple rules:

      • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
      • Code is considered more complex for each "break in the linear flow of the code"
      • Code is considered more complex when "flow breaking structures are nested"

      Further reading

      Avoid too many return statements within this method.
      Open

            return null;
      Severity: Major
      Found in data/php/download_exec.php - About 30 mins to fix

        Avoid too many return statements within this method.
        Open

            return @success
        Severity: Major
        Found in lib/wpxf/modules/exploit/xss/stored/admin_management_xtended_xss_shell_upload.rb - About 30 mins to fix

          Avoid too many return statements within this method.
          Open

              return true
          Severity: Major
          Found in lib/wpxf/modules/exploit/shell/revslider_shell_upload.rb - About 30 mins to fix

            Avoid too many return statements within this method.
            Open

                      return "Mozilla/5.0 #{random_chrome_platform_string(os)}"
            Severity: Major
            Found in lib/wpxf/net/user_agent.rb - About 30 mins to fix
              Severity
              Category
              Status
              Source
              Language