Class: Msf::Auxiliary::Web::Path

Inherits:
Fuzzable
  • Object
show all
Defined in:
lib/msf/core/auxiliary/web/path.rb

Instance Attribute Summary collapse

Attributes inherited from Fuzzable

#fuzzer

Class Method Summary collapse

Instance Method Summary collapse

Methods inherited from Fuzzable

#==, #dup, #fuzz, #fuzz_async, #fuzz_id, #fuzzed, #fuzzed?, #hash, #http, #submit, #submit_async

Constructor Details

#initialize(opts = {}) ⇒ Path

opts - Options Hash (default: {})

:action - Action URL of the form
:inputs - PATH_INFO as a String

32
33
34
35
36
37
# File 'lib/msf/core/auxiliary/web/path.rb', line 32

def initialize( opts = {} )
  self.action = opts[:action]
  self.action.chop! if self.action.end_with?( '?' )

  self.input = (opts[:inputs] || opts[:input]).to_s.dup
end

Instance Attribute Details

#actionObject

URL String to which to submit the params


22
23
24
# File 'lib/msf/core/auxiliary/web/path.rb', line 22

def action
  @action
end

#modelObject

Mdm::WebForm model if available


25
26
27
# File 'lib/msf/core/auxiliary/web/path.rb', line 25

def model
  @model
end

Class Method Details

.from_model(form) ⇒ Object


123
124
125
126
127
# File 'lib/msf/core/auxiliary/web/path.rb', line 123

def self.from_model( form )
  e = new( :action => "#{form.path}?#{form.query}", :input => form.params[0][1] )
  e.model = form
  e
end

Instance Method Details

#alteredObject

Returns 'path'


77
78
79
# File 'lib/msf/core/auxiliary/web/path.rb', line 77

def altered
  'path'
end

#altered_valueObject

Returns the PATH_INFO as a String.


82
83
84
# File 'lib/msf/core/auxiliary/web/path.rb', line 82

def altered_value
  input
end

#altered_value=(value) ⇒ Object


86
87
88
# File 'lib/msf/core/auxiliary/web/path.rb', line 86

def altered_value=( value )
  self.input = value.to_s.dup
end

#empty?Boolean

Bool - true if PATH_INFO is empty, false otherwise.

Returns:

  • (Boolean)

99
100
101
# File 'lib/msf/core/auxiliary/web/path.rb', line 99

def empty?
  param.empty?
end

#inputObject Also known as: param


47
48
49
# File 'lib/msf/core/auxiliary/web/path.rb', line 47

def input
  @inputs
end

#input=(value) ⇒ Object

Sets the injected PATH_INFO value.

value - PATH_INFO String.


44
45
46
# File 'lib/msf/core/auxiliary/web/path.rb', line 44

def input=( value )
  @inputs = value.to_s.dup
end

#inputsObject

Examples

{ :name => input, :value => input, :type => 'path' }

61
62
63
# File 'lib/msf/core/auxiliary/web/path.rb', line 61

def inputs
  { :name => input, :value => input, :type => 'path' }
end

#methodObject


52
53
54
# File 'lib/msf/core/auxiliary/web/path.rb', line 52

def method
  'GET'
end

#paramsObject

Examples

{ input => input }

70
71
72
# File 'lib/msf/core/auxiliary/web/path.rb', line 70

def params
  { input => input }
end

#permutation_for(field_name, field_value) ⇒ Object


113
114
115
116
117
# File 'lib/msf/core/auxiliary/web/path.rb', line 113

def permutation_for( field_name, field_value )
  path = self.dup
  path.input = field_value.dup
  path
end

#permutationsObject

A copy of self with seed as PATH_INFO.

seed - String to use as PATH_INFO.


108
109
110
111
# File 'lib/msf/core/auxiliary/web/path.rb', line 108

def permutations
  return [] if empty?
  fuzzer.seeds_for( altered_value ).map { |seed| permutation_for( nil, seed ) }.uniq
end

#request(opts = {}) ⇒ Object


90
91
92
93
94
95
96
# File 'lib/msf/core/auxiliary/web/path.rb', line 90

def request( opts = {} )
  uri = URI( action )
  path = uri.path
  path << '/' if !path.end_with?( '/' )

  [ "#{path}/#{param}?#{uri.query}", opts.merge( :method => method ) ]
end

#to_hashObject


119
120
121
# File 'lib/msf/core/auxiliary/web/path.rb', line 119

def to_hash
  { :action => action.dup, :input => input.dup }
end