sunnyelf/cheetah

View on GitHub

Showing 18 of 19 total issues

Function dict_attack has a Cognitive Complexity of 83 (exceeds 5 allowed). Consider refactoring.
Open

def dict_attack(options):
    if options.server == 'detect' or options.shell == 'detect':
        if detect_web(options) == 'error':
            return 'error'
    set_max_req(options)
Severity: Minor
Found in cheetah.py - About 1 day to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Function detect_web has a Cognitive Complexity of 58 (exceeds 5 allowed). Consider refactoring.
Open

def detect_web(options):
    print_highlight('[WARN] not specify the web server or shell type')
    print_highlight('[INFO] detecting server info of '+options.url)
    server_list = ['apache', 'nginx', 'iis']
    shell_list = ['php', 'aspx', 'asp', 'jsp']
Severity: Minor
Found in cheetah.py - About 1 day to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

File cheetah.py has 466 lines of code (exceeds 250 allowed). Consider refactoring.
Open

#!/usr/bin/env python
# -*- coding: utf-8 -*-

"""
Cheetah is a dictionary-based webshell password violent cracker
Severity: Minor
Found in cheetah.py - About 7 hrs to fix

    Function main has a Cognitive Complexity of 26 (exceeds 5 allowed). Consider refactoring.
    Open

    def main():
        set_coding()
        print_banner()
    
        if len(sys.argv) == 1:
    Severity: Minor
    Found in cheetah.py - About 3 hrs to fix

    Cognitive Complexity

    Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

    A method's cognitive complexity is based on a few simple rules:

    • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
    • Code is considered more complex for each "break in the linear flow of the code"
    • Code is considered more complex when "flow breaking structures are nested"

    Further reading

    Function req_post has a Cognitive Complexity of 15 (exceeds 5 allowed). Consider refactoring.
    Open

    def req_post(payload, times, options):
        header = gen_random_header(options)
        if options.time != 0:
            print_highlight('[HINT] sleeping '+str(options.time)+' seconds to request')
            time.sleep(options.time)
    Severity: Minor
    Found in cheetah.py - About 1 hr to fix

    Cognitive Complexity

    Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

    A method's cognitive complexity is based on a few simple rules:

    • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
    • Code is considered more complex for each "break in the linear flow of the code"
    • Code is considered more complex when "flow breaking structures are nested"

    Further reading

    Function req_get has a Cognitive Complexity of 13 (exceeds 5 allowed). Consider refactoring.
    Open

    def req_get(payload, times, options):
        header = gen_random_header(options)
        if options.time != 0:
            print_highlight('[HINT] sleeping '+str(options.time)+' seconds to request')
            time.sleep(options.time)
    Severity: Minor
    Found in cheetah.py - About 1 hr to fix

    Cognitive Complexity

    Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

    A method's cognitive complexity is based on a few simple rules:

    • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
    • Code is considered more complex for each "break in the linear flow of the code"
    • Code is considered more complex when "flow breaking structures are nested"

    Further reading

    Function main has 34 lines of code (exceeds 25 allowed). Consider refactoring.
    Open

    def main():
        set_coding()
        print_banner()
    
        if len(sys.argv) == 1:
    Severity: Minor
    Found in cheetah.py - About 1 hr to fix

      Function set_max_req has a Cognitive Complexity of 11 (exceeds 5 allowed). Consider refactoring.
      Open

      def set_max_req(options):
          if options.max_request is None:
              print_highlight('[WARN] you did not specify the maximum request parameter')
              server_dict = {'apache': {'post': 1000, 'get': 100},
                             'nginx': {'post': 1000, 'get': 756},
      Severity: Minor
      Found in cheetah.py - About 1 hr to fix

      Cognitive Complexity

      Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

      A method's cognitive complexity is based on a few simple rules:

      • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
      • Code is considered more complex for each "break in the linear flow of the code"
      • Code is considered more complex when "flow breaking structures are nested"

      Further reading

      Avoid deeply nested control flow statements.
      Open

                          if res == 'find':
                              pwd_find = 'find'
                              break
                          if res == 'error':
      Severity: Major
      Found in cheetah.py - About 45 mins to fix

        Avoid deeply nested control flow statements.
        Open

                            if res == 'error':
                                pwd_find = 'error'
                                break
        
        Severity: Major
        Found in cheetah.py - About 45 mins to fix

          Avoid deeply nested control flow statements.
          Open

                              if server in get_rsp.headers['x-powered-by'].lower():
                                  print_highlight(web_hint+server)
                                  options.server = server
                                  break
          
          Severity: Major
          Found in cheetah.py - About 45 mins to fix

            Avoid deeply nested control flow statements.
            Open

                                if res == 'find':
                                    pwd_find = 'find'
                                    break
                                if res == 'error':
            Severity: Major
            Found in cheetah.py - About 45 mins to fix

              Avoid deeply nested control flow statements.
              Open

                                  if res == 'error':
                                      pwd_find = 'error'
                                      break
                              payload.clear()
              Severity: Major
              Found in cheetah.py - About 45 mins to fix

                Avoid deeply nested control flow statements.
                Open

                                    if shell in get_rsp.headers['x-powered-by'].lower():
                                        print_highlight(shell_hint+shell)
                                        options.shell = shell
                                        break
                            if options.server == 'detect':
                Severity: Major
                Found in cheetah.py - About 45 mins to fix

                  Avoid too many return statements within this function.
                  Open

                          return 'error'
                  Severity: Major
                  Found in cheetah.py - About 30 mins to fix

                    Avoid too many return statements within this function.
                    Open

                            return 'error'
                    Severity: Major
                    Found in cheetah.py - About 30 mins to fix

                      Avoid too many return statements within this function.
                      Open

                                  return 'notfind'
                      Severity: Major
                      Found in cheetah.py - About 30 mins to fix

                        Avoid too many return statements within this function.
                        Open

                                    return 'notfind'
                        Severity: Major
                        Found in cheetah.py - About 30 mins to fix
                          Severity
                          Category
                          Status
                          Source
                          Language