Class: Msf::Exploit::Remote::HTTP::HashStoreWithoutAutomaticExpiration

Inherits:

HTTP::CookieJar::HashStore

Object
HTTP::CookieJar::HashStore
Msf::Exploit::Remote::HTTP::HashStoreWithoutAutomaticExpiration

show all

Defined in:: lib/msf/core/exploit/remote/http/http_cookie_jar.rb

Overview

On top of iterating over every item in the store, ::HTTP::CookieJar::HashStore also deletes any expired cookies and has the option to filter cookies based on whether they are parent of a passed url.

We’ve removed the extraneous features in the overwritten method.

- The deletion of cookies while you're iterating over them complicated simple cookie management. It also
  prevented sending expired cookies if needed for an exploit
- Any URL passed for filtering could be resolved to nil if it was improperly formed or resolved to a eTLD,
  which was too brittle for our uses

Instance Method Summary collapse

#each(uri = nil) ⇒ Object

Instance Method Details

#each(uri = nil) ⇒ `Object`

Raises:

(ArgumentError)

# File 'lib/msf/core/exploit/remote/http/http_cookie_jar.rb', line 119

def each(uri = nil)
  raise ArgumentError, "HashStoreWithoutAutomaticExpiration.each doesn't support url filtering" if uri

  synchronize do
    @jar.each do |_domain, paths|
      paths.each do |_path, hash|
        hash.each do |_name, cookie|
          yield cookie
        end
      end
    end
  end
  self
end

Class: Msf::Exploit::Remote::HTTP::HashStoreWithoutAutomaticExpiration

Overview

Instance Method Summary collapse

Instance Method Details

#each(uri = nil) ⇒ Object

#each(uri = nil) ⇒ `Object`