2008-08-08 06:01:10 +00:00
|
|
|
#!/usr/bin/env ruby
|
|
|
|
|
2014-03-13 14:47:52 +00:00
|
|
|
# Copyright (C) 2008 Rapid7, Inc.
|
2008-08-08 06:01:10 +00:00
|
|
|
|
|
|
|
#
|
|
|
|
# This script extracts the forms from the main page of each
|
|
|
|
# web site in a list. The output of this can be used with
|
|
|
|
# Metasploit (and other tools) to obtain the saved form data
|
|
|
|
# of these domains.
|
|
|
|
#
|
|
|
|
|
|
|
|
require 'rubygems' # install rubygems
|
|
|
|
require 'hpricot' # gem install hpricot
|
|
|
|
require 'timeout'
|
|
|
|
|
|
|
|
def usage
|
2013-09-30 18:47:53 +00:00
|
|
|
$stderr.puts "#{$0} [site list] [output-dir]"
|
|
|
|
exit(0)
|
2008-08-08 06:01:10 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
input = ARGV.shift() || usage()
|
|
|
|
|
|
|
|
res = ""
|
|
|
|
doc = Hpricot(File.open(input))
|
|
|
|
doc.search("//form").each do |form|
|
|
|
|
|
2013-09-30 18:47:53 +00:00
|
|
|
# Extract the form
|
|
|
|
res = "<form"
|
|
|
|
form.attributes.each do |attr|
|
|
|
|
res << " #{attr[0]}='#{attr[1].gsub("'", "")}'"
|
|
|
|
end
|
|
|
|
res << "> "
|
2008-08-08 06:01:10 +00:00
|
|
|
|
2013-09-30 18:47:53 +00:00
|
|
|
# Strip out the value
|
|
|
|
form.search("//input") do |inp|
|
2008-08-08 06:01:10 +00:00
|
|
|
|
2013-09-30 18:47:53 +00:00
|
|
|
inp.attributes.keys.each do |ikey|
|
|
|
|
if (ikey.downcase == "value")
|
|
|
|
inp[ikey] = ""
|
|
|
|
next
|
|
|
|
end
|
2008-08-08 06:01:10 +00:00
|
|
|
|
2013-09-30 18:47:53 +00:00
|
|
|
if(inp.attributes[ikey] =~ /^http/i)
|
|
|
|
inp[ikey] = ""
|
|
|
|
next
|
|
|
|
end
|
2008-08-08 06:01:10 +00:00
|
|
|
|
2013-09-30 18:47:53 +00:00
|
|
|
end
|
2008-08-08 06:01:10 +00:00
|
|
|
|
2013-09-30 18:47:53 +00:00
|
|
|
res << inp.to_html
|
|
|
|
end
|
|
|
|
res << "</form>"
|
2008-08-08 06:01:10 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
$stdout.puts res
|