metasploit-framework/data/msfcrawler/forms.rb

require 'rubygems'
require 'pathname'
require 'hpricot'
require 'uri'

class CrawlerForms < BaseParser

	def parse(request,result)
		
		if !result['Content-Type'].include? "text/html"
			return
		end
		
		hr = ''
		m = ''

		doc = Hpricot(result.body.to_s)
		doc.search('form').each do |f|
			hr = f.attributes['action']
			puts "Parsing form: #{f.attributes['name']}"
			
			m = "GET"
			if f.attributes['method']
				m = f.attributes['method']
			end
	
			htmlform = Hpricot(f.inner_html)
			
			arrdata = []
			
			htmlform.search('input').each do |p|
				#puts p.attributes['name']
				#puts p.attributes['type']
				#puts p.attributes['value']
				arrdata << (p.attributes['name'] + "=" + p.attributes['value'])				
			end
			
			data = arrdata.join("&").to_s
	
		
			begin
				uri = URI.parse(hr)
			
				tssl = false
				if uri.scheme == "https"
					tssl = true
				else
					tssl = false
				end

				if !uri.host or uri.host == nil
					thost = request['rhost']
					tssl = self.targetssl	
				else
					thost = uri.host	
				end

				if !uri.port or uri.port == nil
					tport = request['rport']
				else
					tport = uri.port
				end

				if !uri.path or uri.path == nil
					tpath = "/"
				else
					tpath = uri.path
				end
				
				newp = Pathname.new(tpath)
				oldp = Pathname.new(request['uri'])
				if !oldp.absolute?
					if !newp.absolute?
						newp = oldp + newp.cleanpath
					end
				end

				hreq = {
					'rhost'		=> thost,
					'rport'		=> tport,
					'uri'  		=> newp.to_s,
					'method'   	=> m,
					'ctype'		=> 'text/plain',
					'ssl'		=> tssl,
					'query'		=> uri.query,
					'data'		=> data
					
				}
				#puts hreq
				insertnewpath(hreq)
			
					
			rescue URI::InvalidURIError
				#puts "Parse error"
				#puts "Error: #{link[0]}"
			end
		end			
	end 
end
start to parse forms git-svn-id: file:///home/svn/framework3/trunk@8929 4d416f70-5f16-0410-b530-b9f4589650da 2010-03-26 02:39:19 +00:00			`require 'rubygems'`
			`require 'pathname'`
			`require 'hpricot'`
			`require 'uri'`

			`class CrawlerForms < BaseParser`

			`def parse(request,result)`

			`if !result['Content-Type'].include? "text/html"`
			`return`
			`end`
more detail in form parsing git-svn-id: file:///home/svn/framework3/trunk@8930 4d416f70-5f16-0410-b530-b9f4589650da 2010-03-26 03:15:00 +00:00
			`hr = ''`
			`m = ''`
start to parse forms git-svn-id: file:///home/svn/framework3/trunk@8929 4d416f70-5f16-0410-b530-b9f4589650da 2010-03-26 02:39:19 +00:00
			`doc = Hpricot(result.body.to_s)`
			`doc.search('form').each do \|f\|`
more detail in form parsing git-svn-id: file:///home/svn/framework3/trunk@8930 4d416f70-5f16-0410-b530-b9f4589650da 2010-03-26 03:15:00 +00:00			`hr = f.attributes['action']`
			`puts "Parsing form: #{f.attributes['name']}"`

			`m = "GET"`
			`if f.attributes['method']`
			`m = f.attributes['method']`
			`end`
start to parse forms git-svn-id: file:///home/svn/framework3/trunk@8929 4d416f70-5f16-0410-b530-b9f4589650da 2010-03-26 02:39:19 +00:00
			`htmlform = Hpricot(f.inner_html)`
more detail in form parsing git-svn-id: file:///home/svn/framework3/trunk@8930 4d416f70-5f16-0410-b530-b9f4589650da 2010-03-26 03:15:00 +00:00
			`arrdata = []`

start to parse forms git-svn-id: file:///home/svn/framework3/trunk@8929 4d416f70-5f16-0410-b530-b9f4589650da 2010-03-26 02:39:19 +00:00			`htmlform.search('input').each do \|p\|`
			`#puts p.attributes['name']`
			`#puts p.attributes['type']`
			`#puts p.attributes['value']`
more detail in form parsing git-svn-id: file:///home/svn/framework3/trunk@8930 4d416f70-5f16-0410-b530-b9f4589650da 2010-03-26 03:15:00 +00:00			`arrdata << (p.attributes['name'] + "=" + p.attributes['value'])`
start to parse forms git-svn-id: file:///home/svn/framework3/trunk@8929 4d416f70-5f16-0410-b530-b9f4589650da 2010-03-26 02:39:19 +00:00			`end`
more detail in form parsing git-svn-id: file:///home/svn/framework3/trunk@8930 4d416f70-5f16-0410-b530-b9f4589650da 2010-03-26 03:15:00 +00:00
			`data = arrdata.join("&").to_s`

start to parse forms git-svn-id: file:///home/svn/framework3/trunk@8929 4d416f70-5f16-0410-b530-b9f4589650da 2010-03-26 02:39:19 +00:00
more detail in form parsing git-svn-id: file:///home/svn/framework3/trunk@8930 4d416f70-5f16-0410-b530-b9f4589650da 2010-03-26 03:15:00 +00:00			`begin`
			`uri = URI.parse(hr)`

			`tssl = false`
			`if uri.scheme == "https"`
			`tssl = true`
			`else`
			`tssl = false`
			`end`

			`if !uri.host or uri.host == nil`
			`thost = request['rhost']`
			`tssl = self.targetssl`
			`else`
			`thost = uri.host`
			`end`

			`if !uri.port or uri.port == nil`
			`tport = request['rport']`
			`else`
			`tport = uri.port`
			`end`

			`if !uri.path or uri.path == nil`
			`tpath = "/"`
			`else`
			`tpath = uri.path`
			`end`

			`newp = Pathname.new(tpath)`
			`oldp = Pathname.new(request['uri'])`
			`if !oldp.absolute?`
			`if !newp.absolute?`
			`newp = oldp + newp.cleanpath`
			`end`
			`end`

			`hreq = {`
			`'rhost' => thost,`
			`'rport' => tport,`
			`'uri' => newp.to_s,`
			`'method' => m,`
			`'ctype' => 'text/plain',`
			`'ssl' => tssl,`
			`'query' => uri.query,`
			`'data' => data`

			`}`
			`#puts hreq`
			`insertnewpath(hreq)`


			`rescue URI::InvalidURIError`
			`#puts "Parse error"`
			`#puts "Error: #{link[0]}"`
			`end`
			`end`
start to parse forms git-svn-id: file:///home/svn/framework3/trunk@8929 4d416f70-5f16-0410-b530-b9f4589650da 2010-03-26 02:39:19 +00:00			`end`
			`end`