2005-07-25 02:18:37 +00:00
|
|
|
require 'uri'
|
2005-07-24 20:53:54 +00:00
|
|
|
require 'rex/proto/http'
|
|
|
|
|
|
|
|
module Rex
|
|
|
|
module Proto
|
|
|
|
module Http
|
|
|
|
|
|
|
|
###
|
|
|
|
#
|
|
|
|
# HTTP request class.
|
|
|
|
#
|
|
|
|
###
|
|
|
|
class Request < Packet
|
|
|
|
|
|
|
|
##
|
|
|
|
#
|
|
|
|
# Some individual request types.
|
|
|
|
#
|
|
|
|
##
|
2005-11-15 05:22:13 +00:00
|
|
|
|
|
|
|
#
|
|
|
|
# HTTP GET request class wrapper.
|
|
|
|
#
|
2005-07-24 20:53:54 +00:00
|
|
|
class Get < Request
|
|
|
|
def initialize(uri = '/', proto = DefaultProtocol)
|
|
|
|
super('GET', uri, proto)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2005-11-15 05:22:13 +00:00
|
|
|
#
|
|
|
|
# HTTP POST request class wrapper.
|
|
|
|
#
|
2005-07-24 20:53:54 +00:00
|
|
|
class Post < Request
|
|
|
|
def initialize(uri = '/', proto = DefaultProtocol)
|
|
|
|
super('POST', uri, proto)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2005-11-15 05:22:13 +00:00
|
|
|
#
|
|
|
|
# HTTP PUT request class wrapper.
|
|
|
|
#
|
2005-07-24 20:53:54 +00:00
|
|
|
class Put < Request
|
|
|
|
def initialize(uri = '/', proto = DefaultProtocol)
|
|
|
|
super('PUT', uri, proto)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2005-11-15 05:22:13 +00:00
|
|
|
#
|
|
|
|
# Initializes an instance of an HTTP request with the supplied method, URI,
|
|
|
|
# and protocol.
|
|
|
|
#
|
2005-07-24 20:53:54 +00:00
|
|
|
def initialize(method = 'GET', uri = '/', proto = DefaultProtocol)
|
|
|
|
super()
|
|
|
|
|
2005-07-25 02:18:37 +00:00
|
|
|
self.method = method
|
|
|
|
self.uri = uri
|
|
|
|
self.uri_parts = {}
|
2005-09-15 23:37:38 +00:00
|
|
|
self.proto = proto || DefaultProtocol
|
|
|
|
|
2005-07-24 20:53:54 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
#
|
|
|
|
# Updates the command parts for this specific packet type.
|
|
|
|
#
|
|
|
|
def update_cmd_parts(str)
|
|
|
|
if (md = str.match(/^(.+?)\s+(.+?)\s+HTTP\/(.+?)\r?\n?$/))
|
2005-07-25 02:18:37 +00:00
|
|
|
self.method = md[1]
|
|
|
|
self.uri = URI.decode(md[2])
|
|
|
|
self.proto = md[3]
|
|
|
|
|
|
|
|
# If it has a query string, get the parts.
|
|
|
|
if ((self.uri) and (md = self.uri.match(/(.+?)\?(.*)$/)))
|
|
|
|
self.uri_parts['QueryString'] = parse_cgi_qstring(md[2])
|
|
|
|
self.uri_parts['Resource'] = md[1]
|
|
|
|
# Otherwise, just assume that the URI is equal to the resource being
|
|
|
|
# requested.
|
|
|
|
else
|
|
|
|
self.uri_parts['QueryString'] = nil
|
|
|
|
self.uri_parts['Resource'] = self.uri
|
|
|
|
end
|
|
|
|
else
|
|
|
|
raise RuntimeError, "Invalid request command string", caller
|
2005-07-24 20:53:54 +00:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
#
|
2005-11-15 05:22:13 +00:00
|
|
|
# Returns the command string derived from the three values.
|
2005-07-24 20:53:54 +00:00
|
|
|
#
|
|
|
|
def cmd_string
|
|
|
|
"#{self.method} #{self.uri} HTTP/#{self.proto}\r\n"
|
|
|
|
end
|
|
|
|
|
2005-07-25 02:18:37 +00:00
|
|
|
#
|
|
|
|
# Returns the resource that is being requested.
|
|
|
|
#
|
|
|
|
def resource
|
|
|
|
self.uri_parts['Resource']
|
|
|
|
end
|
|
|
|
|
|
|
|
#
|
|
|
|
# If there were CGI parameters in the URI, this will hold a hash of each
|
|
|
|
# variable to value. If there is more than one value for a given variable,
|
|
|
|
# and array of each value is returned.
|
|
|
|
#
|
|
|
|
def qstring
|
|
|
|
self.uri_parts['QueryString']
|
|
|
|
end
|
|
|
|
|
2005-11-15 05:22:13 +00:00
|
|
|
#
|
|
|
|
# The method being used for the request (e.g. GET).
|
|
|
|
#
|
2005-07-24 20:53:54 +00:00
|
|
|
attr_accessor :method
|
2005-11-15 05:22:13 +00:00
|
|
|
#
|
|
|
|
# The URI being requested.
|
|
|
|
#
|
2005-07-24 20:53:54 +00:00
|
|
|
attr_accessor :uri
|
2005-11-15 05:22:13 +00:00
|
|
|
#
|
|
|
|
# The split up parts of the URI.
|
|
|
|
#
|
2005-07-25 02:18:37 +00:00
|
|
|
attr_accessor :uri_parts
|
2005-11-15 05:22:13 +00:00
|
|
|
#
|
|
|
|
# The protocol to be sent with the request.
|
|
|
|
#
|
2005-07-24 20:53:54 +00:00
|
|
|
attr_accessor :proto
|
|
|
|
|
2005-07-25 02:18:37 +00:00
|
|
|
protected
|
|
|
|
|
|
|
|
#
|
|
|
|
# Parses a CGI query string into the var/val combinations.
|
|
|
|
#
|
|
|
|
def parse_cgi_qstring(str)
|
|
|
|
qstring = {}
|
|
|
|
|
|
|
|
# Delimit on each variable
|
|
|
|
str.split(/&/).each { |vv|
|
|
|
|
var = vv
|
|
|
|
val = ''
|
|
|
|
|
2005-11-22 03:20:09 +00:00
|
|
|
if (md = vv.match(/(.+?)=(.*)/))
|
2005-07-25 02:18:37 +00:00
|
|
|
var = md[1]
|
|
|
|
val = md[2]
|
|
|
|
end
|
|
|
|
|
|
|
|
# Add the item to the hash with logic to convert values to an array
|
|
|
|
# if so desired.
|
|
|
|
if (qstring.include?(var))
|
|
|
|
if (qstring[var].kind_of?(Array))
|
|
|
|
qstring[var] << val
|
|
|
|
else
|
|
|
|
curr = self.qstring[var]
|
|
|
|
qstring[var] = [ curr, val ]
|
|
|
|
end
|
|
|
|
else
|
|
|
|
qstring[var] = val
|
|
|
|
end
|
|
|
|
}
|
|
|
|
|
|
|
|
return qstring
|
|
|
|
end
|
|
|
|
|
2005-07-24 20:53:54 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|