2005-12-17 06:46:23 +00:00
|
|
|
#!/usr/bin/env ruby
|
2005-07-24 20:53:54 +00:00
|
|
|
|
|
|
|
|
$:.unshift(File.join(File.dirname(__FILE__), '..', '..', '..'))
|
|
|
|
|
|
|
|
|
|
require 'test/unit'
|
|
|
|
|
require 'rex/proto/http'
|
|
|
|
|
|
|
|
|
|
class Rex::Proto::Http::Client::UnitTest < Test::Unit::TestCase
|
|
|
|
|
|
|
|
|
|
Klass = Rex::Proto::Http::Client
|
|
|
|
|
|
|
|
|
|
def test_parse
|
|
|
|
|
c = Klass.new('www.google.com')
|
2005-09-15 23:37:38 +00:00
|
|
|
|
|
|
|
|
# Set request factory parameters
|
|
|
|
|
c.config(
|
|
|
|
|
'vhost' => 'www.google.com',
|
|
|
|
|
'user-agent' => 'Metasploit Framework/3.0',
|
|
|
|
|
'proto' => '1.1',
|
|
|
|
|
'cookie' => 'NoCookie=NotACookie'
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
# Set client parameters
|
|
|
|
|
c.config(
|
|
|
|
|
'max-data' => 1024 * 1024
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
#
|
|
|
|
|
# Request the main web pagfe
|
|
|
|
|
#
|
|
|
|
|
r = c.request(
|
|
|
|
|
'method' => 'GET',
|
|
|
|
|
'uri' => '/'
|
|
|
|
|
)
|
2005-07-24 20:53:54 +00:00
|
|
|
|
|
|
|
|
resp = c.send_request(r)
|
|
|
|
|
|
|
|
|
|
assert_equal(200, resp.code)
|
|
|
|
|
assert_equal('OK', resp.message)
|
2005-09-15 23:37:38 +00:00
|
|
|
assert_equal('1.1', resp.proto)
|
|
|
|
|
|
|
|
|
|
#
|
|
|
|
|
# Request a file that does not exist
|
|
|
|
|
#
|
|
|
|
|
r = c.request(
|
|
|
|
|
'method' => 'GET',
|
|
|
|
|
'uri' => '/NoFileHere.404'
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
resp = c.send_request(r)
|
|
|
|
|
|
|
|
|
|
assert_equal(404, resp.code)
|
|
|
|
|
assert_equal('Not Found', resp.message)
|
|
|
|
|
assert_equal('1.1', resp.proto)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
#
|
|
|
|
|
# Send a POST request that results in a 302
|
|
|
|
|
#
|
|
|
|
|
c = Klass.new('beta.microsoft.com')
|
|
|
|
|
c.request_option('vhost', 'beta.microsoft.com')
|
|
|
|
|
|
|
|
|
|
r = c.request(
|
|
|
|
|
'method' => 'POST',
|
|
|
|
|
'uri' => '/',
|
|
|
|
|
'data' => 'var=val',
|
|
|
|
|
'content-type' => 'application/x-www-form-urlencoded'
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
resp = c.send_request(r)
|
|
|
|
|
|
|
|
|
|
assert_equal(302, resp.code)
|
|
|
|
|
assert_equal('Object moved', resp.message)
|
|
|
|
|
assert_equal('1.1', resp.proto)
|
2005-07-24 20:53:54 +00:00
|
|
|
end
|
|
|
|
|
|
2006-01-20 18:59:24 +00:00
|
|
|
def test_ssl
|
|
|
|
|
c = Klass.new('www.geotrust.com', '443', {}, 'true')
|
|
|
|
|
c.request_option('vhost', 'www.geotrust.com')
|
|
|
|
|
r = c.request(
|
|
|
|
|
'method' => 'GET',
|
|
|
|
|
'uri' => '/'
|
|
|
|
|
)
|
|
|
|
|
resp = c.send_request(r)
|
|
|
|
|
assert_equal(200, resp.code)
|
|
|
|
|
assert_equal('OK', resp.message)
|
|
|
|
|
assert_equal('1.1', resp.proto)
|
|
|
|
|
c.close
|
2006-01-27 05:33:08 +00:00
|
|
|
end
|
2006-01-20 18:59:24 +00:00
|
|
|
|
* add junk pipelined request support
* fix socket creation on pipelined requests
* when a server says that the connection should be closed (Connection: closed), then close the connection, since its going to regardless, and we don't want to loose our state
* support non-standard line termination in headers. ie \n instead of \r\n
* add junk headers (X-rand: rand)
* add header folding (for evasion)
* add parse_header_re (still leaving parse_header around, though its dead code ATM) that does the right thing on non-standard line endings
* move 'gzip' to a 'compression' option
* add 'deflate' compression option (really, just raw zlib, and only firefox does deflate right)
* fix a bunch of TE:chunked decoding bugs based based on the fact that Apache doesn't always close chunks appropriately
* modify parse_body to not return state, since it doesn't always do that, and the return isn't used... self.state is.
* add TE:chunked request support
* normalize URIs in requests before saving them
* Move params out of the URI, but when the uri is requested, and the method is GET, and there are params, return a URI that has the params that are approrpiately encoded (needed for junk_params, see below)
* move request.to_s support of params to use the request params array when a POST, allows use of junk params support (see below). NOTE: If the body is provided, use the body instead of params, in case you want to hardcode the params in a POST request, eg: php_xmlrpc_eval.rb
* Add junk params when building a param list, eg: a=b becomes asdfasdf=asdrt32a&asdfad=okhgasd&a=b&hjklasdf=hkasgd
* add URI junk slash support (eg: /////foo.html)
* param splitting now supports both '&', and ';', which CGI.pm and PHP both allow
* add URI junk directory support, eg: /asdf/../foo.html
* add param encoding support, eg: param A with value '=' is A=%3d
* add URI junk self referring directory support, eg: /././foo.html
git-svn-id: file:///home/svn/incoming/trunk@3457 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-27 21:57:44 +00:00
|
|
|
def test_junk_pipeline
|
|
|
|
|
host = 'www.apache.org'
|
|
|
|
|
client = Klass.new(host)
|
|
|
|
|
client.junk_pipeline = 5
|
|
|
|
|
client.request_option('vhost', host)
|
|
|
|
|
request = client.request('method' => 'GET', 'uri' => '/no-such-uri.html')
|
|
|
|
|
response = client.send_request(request)
|
|
|
|
|
assert_equal(404, response.code, 'pipeline response')
|
|
|
|
|
client.close
|
|
|
|
|
end
|
|
|
|
|
|
2005-07-24 20:53:54 +00:00
|
|
|
end
|
