Class: URI::HTTP

Inherits:

Generic

• Object
• Generic
• URI::HTTP

Defined in:

lib/ronin/php/lfi/extensions/uri/http.rb,
lib/ronin/php/rfi/extensions/uri/http.rb

Instance Method Summary

• #has_lfi?(options = {}) ⇒ Boolean
• #has_rfi?(options = {}) ⇒ Boolean
• #lfi(options = {}) ⇒ Object
• #rfi(options = {}) ⇒ Object
• #test_lfi(options = {}) ⇒ Object
• #test_rfi(options = {}) ⇒ Object

Instance Method Details

#has_lfi?(options = {}) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/ronin/php/lfi/extensions/uri/http.rb', line 53

def has_lfi?(options={})
  !(test_lfi(options).empty?)
end

#has_rfi?(options = {}) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/ronin/php/rfi/extensions/uri/http.rb', line 49

def has_rfi?(options={})
  !(test_rfi(options).empty?)
end

#lfi(options = {}) ⇒ Object

# File 'lib/ronin/php/lfi/extensions/uri/http.rb', line 49

def lfi(options={})
  test_lfi(options).first
end

#rfi(options = {}) ⇒ Object

# File 'lib/ronin/php/rfi/extensions/uri/http.rb', line 45

def rfi(options={})
  test_rfi(options).first
end

#test_lfi(options = {}) ⇒ Object

# File 'lib/ronin/php/lfi/extensions/uri/http.rb', line 29

def test_lfi(options={})
  up = ((options[:up]) || 0..Ronin::PHP::LFI::MAX_UP)
  vulns = []

  query_params.each_key do |param|
    lfi = Ronin::PHP::LFI.new(self,param)

    up.each do |n|
      lfi.up = n

      if lfi.vulnerable?(options)
        vulns << lfi
        break
      end
    end
  end

  return vulns
end

#test_rfi(options = {}) ⇒ Object

# File 'lib/ronin/php/rfi/extensions/uri/http.rb', line 30

def test_rfi(options={})
  vulns = []

  query_params.each_key do |param|
    rfi = Ronin::PHP::RFI.new(self,param)

    if rfi.vulnerable?(options)
      vulns << rfi
      break
    end
  end

  return vulns
end