Class: Msf::Auxiliary::Web::Path

Inherits:
Fuzzable
  • Object
show all
Defined in:
lib/msf/core/auxiliary/web/path.rb

Instance Attribute Summary collapse

Attributes inherited from Fuzzable

#fuzzer

Class Method Summary collapse

Instance Method Summary collapse

Methods inherited from Fuzzable

#==, #dup, #fuzz, #fuzz_async, #fuzz_id, #fuzzed, #fuzzed?, #hash, #http, #submit, #submit_async

Constructor Details

#initialize(opts = {}) ⇒ Path

opts - Options Hash (default: {})

:action - Action URL of the form
:inputs - PATH_INFO as a String

31
32
33
34
35
36
# File 'lib/msf/core/auxiliary/web/path.rb', line 31

def initialize( opts = {} )
  self.action = opts[:action]
  self.action.chop! if self.action.end_with?( '?' )

  self.input = (opts[:inputs] || opts[:input]).to_s.dup
end

Instance Attribute Details

#actionObject

URL String to which to submit the params


21
22
23
# File 'lib/msf/core/auxiliary/web/path.rb', line 21

def action
  @action
end

#modelObject

Mdm::WebForm model if available


24
25
26
# File 'lib/msf/core/auxiliary/web/path.rb', line 24

def model
  @model
end

Class Method Details

.from_model(form) ⇒ Object


122
123
124
125
126
# File 'lib/msf/core/auxiliary/web/path.rb', line 122

def self.from_model( form )
  e = new( :action => "#{form.path}?#{form.query}", :input => form.params[0][1] )
  e.model = form
  e
end

Instance Method Details

#alteredObject

Returns 'path'


76
77
78
# File 'lib/msf/core/auxiliary/web/path.rb', line 76

def altered
  'path'
end

#altered_valueObject

Returns the PATH_INFO as a String.


81
82
83
# File 'lib/msf/core/auxiliary/web/path.rb', line 81

def altered_value
  input
end

#altered_value=(value) ⇒ Object


85
86
87
# File 'lib/msf/core/auxiliary/web/path.rb', line 85

def altered_value=( value )
  self.input = value.to_s.dup
end

#empty?Boolean

Bool - true if PATH_INFO is empty, false otherwise.

Returns:

  • (Boolean)

98
99
100
# File 'lib/msf/core/auxiliary/web/path.rb', line 98

def empty?
  param.empty?
end

#inputObject Also known as: param


46
47
48
# File 'lib/msf/core/auxiliary/web/path.rb', line 46

def input
  @inputs
end

#input=(value) ⇒ Object

Sets the injected PATH_INFO value.

value - PATH_INFO String.


43
44
45
# File 'lib/msf/core/auxiliary/web/path.rb', line 43

def input=( value )
  @inputs = value.to_s.dup
end

#inputsObject

Examples

{ :name => input, :value => input, :type => 'path' }

60
61
62
# File 'lib/msf/core/auxiliary/web/path.rb', line 60

def inputs
  { :name => input, :value => input, :type => 'path' }
end

#methodObject


51
52
53
# File 'lib/msf/core/auxiliary/web/path.rb', line 51

def method
  'GET'
end

#paramsObject

Examples

{ input => input }

69
70
71
# File 'lib/msf/core/auxiliary/web/path.rb', line 69

def params
  { input => input }
end

#permutation_for(field_name, field_value) ⇒ Object


112
113
114
115
116
# File 'lib/msf/core/auxiliary/web/path.rb', line 112

def permutation_for( field_name, field_value )
  path = self.dup
  path.input = field_value.dup
  path
end

#permutationsObject

A copy of self with seed as PATH_INFO.

seed - String to use as PATH_INFO.


107
108
109
110
# File 'lib/msf/core/auxiliary/web/path.rb', line 107

def permutations
  return [] if empty?
  fuzzer.seeds_for( altered_value ).map { |seed| permutation_for( nil, seed ) }.uniq
end

#request(opts = {}) ⇒ Object


89
90
91
92
93
94
95
# File 'lib/msf/core/auxiliary/web/path.rb', line 89

def request( opts = {} )
  uri = URI( action )
  path = uri.path
  path << '/' if !path.end_with?( '/' )

  [ "#{path}/#{param}?#{uri.query}", opts.merge( :method => method ) ]
end

#to_hashObject


118
119
120
# File 'lib/msf/core/auxiliary/web/path.rb', line 118

def to_hash
  { :action => action.dup, :input => input.dup }
end