metasploit-framework/lib/rex/proto/http/header.rb

174 lines
3.0 KiB
Ruby
Raw Normal View History

require 'rex/proto/http'
module Rex
module Proto
module Http
###
#
# Represents the logical HTTP header portion of an HTTP packet (request or
# response).
#
###
class Packet::Header < Hash
#
# Initializes an HTTP packet header class that inherits from a Hash base
# class.
#
def initialize
self.dcase_hash = {}
reset
end
#
# Parses a header from a string.
#
# XXX - Putting : in a header value breaks this badly
def from_s(header)
reset
# ghettoooooo!
# If we don't have any newlines..., put one there.
if (header.size > 0 && header !~ /\r\n/)
header << "\r\n"
end
* add junk pipelined request support * fix socket creation on pipelined requests * when a server says that the connection should be closed (Connection: closed), then close the connection, since its going to regardless, and we don't want to loose our state * support non-standard line termination in headers. ie \n instead of \r\n * add junk headers (X-rand: rand) * add header folding (for evasion) * add parse_header_re (still leaving parse_header around, though its dead code ATM) that does the right thing on non-standard line endings * move 'gzip' to a 'compression' option * add 'deflate' compression option (really, just raw zlib, and only firefox does deflate right) * fix a bunch of TE:chunked decoding bugs based based on the fact that Apache doesn't always close chunks appropriately * modify parse_body to not return state, since it doesn't always do that, and the return isn't used... self.state is. * add TE:chunked request support * normalize URIs in requests before saving them * Move params out of the URI, but when the uri is requested, and the method is GET, and there are params, return a URI that has the params that are approrpiately encoded (needed for junk_params, see below) * move request.to_s support of params to use the request params array when a POST, allows use of junk params support (see below). NOTE: If the body is provided, use the body instead of params, in case you want to hardcode the params in a POST request, eg: php_xmlrpc_eval.rb * Add junk params when building a param list, eg: a=b becomes asdfasdf=asdrt32a&asdfad=okhgasd&a=b&hjklasdf=hkasgd * add URI junk slash support (eg: /////foo.html) * param splitting now supports both '&', and ';', which CGI.pm and PHP both allow * add URI junk directory support, eg: /asdf/../foo.html * add param encoding support, eg: param A with value '=' is A=%3d * add URI junk self referring directory support, eg: /././foo.html git-svn-id: file:///home/svn/incoming/trunk@3457 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-27 21:57:44 +00:00
# put the non-standard line terminations back to normal
# gah. not having look behinds suck,
* add junk pipelined request support * fix socket creation on pipelined requests * when a server says that the connection should be closed (Connection: closed), then close the connection, since its going to regardless, and we don't want to loose our state * support non-standard line termination in headers. ie \n instead of \r\n * add junk headers (X-rand: rand) * add header folding (for evasion) * add parse_header_re (still leaving parse_header around, though its dead code ATM) that does the right thing on non-standard line endings * move 'gzip' to a 'compression' option * add 'deflate' compression option (really, just raw zlib, and only firefox does deflate right) * fix a bunch of TE:chunked decoding bugs based based on the fact that Apache doesn't always close chunks appropriately * modify parse_body to not return state, since it doesn't always do that, and the return isn't used... self.state is. * add TE:chunked request support * normalize URIs in requests before saving them * Move params out of the URI, but when the uri is requested, and the method is GET, and there are params, return a URI that has the params that are approrpiately encoded (needed for junk_params, see below) * move request.to_s support of params to use the request params array when a POST, allows use of junk params support (see below). NOTE: If the body is provided, use the body instead of params, in case you want to hardcode the params in a POST request, eg: php_xmlrpc_eval.rb * Add junk params when building a param list, eg: a=b becomes asdfasdf=asdrt32a&asdfad=okhgasd&a=b&hjklasdf=hkasgd * add URI junk slash support (eg: /////foo.html) * param splitting now supports both '&', and ';', which CGI.pm and PHP both allow * add URI junk directory support, eg: /asdf/../foo.html * add param encoding support, eg: param A with value '=' is A=%3d * add URI junk self referring directory support, eg: /././foo.html git-svn-id: file:///home/svn/incoming/trunk@3457 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-27 21:57:44 +00:00
header.gsub!(/([^\r])\n/,'\1' + "\r\n")
# undo folding, kinda ugly but works for now.
* add junk pipelined request support * fix socket creation on pipelined requests * when a server says that the connection should be closed (Connection: closed), then close the connection, since its going to regardless, and we don't want to loose our state * support non-standard line termination in headers. ie \n instead of \r\n * add junk headers (X-rand: rand) * add header folding (for evasion) * add parse_header_re (still leaving parse_header around, though its dead code ATM) that does the right thing on non-standard line endings * move 'gzip' to a 'compression' option * add 'deflate' compression option (really, just raw zlib, and only firefox does deflate right) * fix a bunch of TE:chunked decoding bugs based based on the fact that Apache doesn't always close chunks appropriately * modify parse_body to not return state, since it doesn't always do that, and the return isn't used... self.state is. * add TE:chunked request support * normalize URIs in requests before saving them * Move params out of the URI, but when the uri is requested, and the method is GET, and there are params, return a URI that has the params that are approrpiately encoded (needed for junk_params, see below) * move request.to_s support of params to use the request params array when a POST, allows use of junk params support (see below). NOTE: If the body is provided, use the body instead of params, in case you want to hardcode the params in a POST request, eg: php_xmlrpc_eval.rb * Add junk params when building a param list, eg: a=b becomes asdfasdf=asdrt32a&asdfad=okhgasd&a=b&hjklasdf=hkasgd * add URI junk slash support (eg: /////foo.html) * param splitting now supports both '&', and ';', which CGI.pm and PHP both allow * add URI junk directory support, eg: /asdf/../foo.html * add param encoding support, eg: param A with value '=' is A=%3d * add URI junk self referring directory support, eg: /././foo.html git-svn-id: file:///home/svn/incoming/trunk@3457 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-27 21:57:44 +00:00
header.gsub!(/:\s*\r\n\s+/smi,': ')
# Extract the command string
* add junk pipelined request support * fix socket creation on pipelined requests * when a server says that the connection should be closed (Connection: closed), then close the connection, since its going to regardless, and we don't want to loose our state * support non-standard line termination in headers. ie \n instead of \r\n * add junk headers (X-rand: rand) * add header folding (for evasion) * add parse_header_re (still leaving parse_header around, though its dead code ATM) that does the right thing on non-standard line endings * move 'gzip' to a 'compression' option * add 'deflate' compression option (really, just raw zlib, and only firefox does deflate right) * fix a bunch of TE:chunked decoding bugs based based on the fact that Apache doesn't always close chunks appropriately * modify parse_body to not return state, since it doesn't always do that, and the return isn't used... self.state is. * add TE:chunked request support * normalize URIs in requests before saving them * Move params out of the URI, but when the uri is requested, and the method is GET, and there are params, return a URI that has the params that are approrpiately encoded (needed for junk_params, see below) * move request.to_s support of params to use the request params array when a POST, allows use of junk params support (see below). NOTE: If the body is provided, use the body instead of params, in case you want to hardcode the params in a POST request, eg: php_xmlrpc_eval.rb * Add junk params when building a param list, eg: a=b becomes asdfasdf=asdrt32a&asdfad=okhgasd&a=b&hjklasdf=hkasgd * add URI junk slash support (eg: /////foo.html) * param splitting now supports both '&', and ';', which CGI.pm and PHP both allow * add URI junk directory support, eg: /asdf/../foo.html * add param encoding support, eg: param A with value '=' is A=%3d * add URI junk self referring directory support, eg: /././foo.html git-svn-id: file:///home/svn/incoming/trunk@3457 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-27 21:57:44 +00:00
self.cmd_string = header.slice!(/.+\r\n/)
# Extract each header value pair
header.split(/\r\n/m).each { |str|
if (md = str.match(/^(.+?): (.+?)$/))
if (self[md[1]])
self[md[1]] << ", " + md[2]
else
self[md[1]] = md[2]
end
end
}
end
#
# More advanced [] that does downcase comparison.
#
def [](key)
begin
rv = self.fetch(key)
rescue IndexError
rv = nil
end
if (rv == nil)
begin
rv = self.dcase_hash[key.downcase]
rescue IndexError
rv = nil
end
end
return rv
end
#
# More advanced []= that does downcase storage.
#
def []=(key, value)
stored = false
self.each_key { |k|
if (k.downcase == key.downcase)
self.store(k, value)
stored = true
end
}
self.store(key, value) if (stored == false)
self.dcase_hash[key.downcase] = value
end
#
# Converts the header to a string.
#
def to_s(prefix = '')
str = prefix
* add junk pipelined request support * fix socket creation on pipelined requests * when a server says that the connection should be closed (Connection: closed), then close the connection, since its going to regardless, and we don't want to loose our state * support non-standard line termination in headers. ie \n instead of \r\n * add junk headers (X-rand: rand) * add header folding (for evasion) * add parse_header_re (still leaving parse_header around, though its dead code ATM) that does the right thing on non-standard line endings * move 'gzip' to a 'compression' option * add 'deflate' compression option (really, just raw zlib, and only firefox does deflate right) * fix a bunch of TE:chunked decoding bugs based based on the fact that Apache doesn't always close chunks appropriately * modify parse_body to not return state, since it doesn't always do that, and the return isn't used... self.state is. * add TE:chunked request support * normalize URIs in requests before saving them * Move params out of the URI, but when the uri is requested, and the method is GET, and there are params, return a URI that has the params that are approrpiately encoded (needed for junk_params, see below) * move request.to_s support of params to use the request params array when a POST, allows use of junk params support (see below). NOTE: If the body is provided, use the body instead of params, in case you want to hardcode the params in a POST request, eg: php_xmlrpc_eval.rb * Add junk params when building a param list, eg: a=b becomes asdfasdf=asdrt32a&asdfad=okhgasd&a=b&hjklasdf=hkasgd * add URI junk slash support (eg: /////foo.html) * param splitting now supports both '&', and ';', which CGI.pm and PHP both allow * add URI junk directory support, eg: /asdf/../foo.html * add param encoding support, eg: param A with value '=' is A=%3d * add URI junk self referring directory support, eg: /././foo.html git-svn-id: file:///home/svn/incoming/trunk@3457 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-27 21:57:44 +00:00
if self.junk_headers
while str.length < 4096
if self.fold
str << "X-#{Rex::Text.rand_text_alphanumeric(rand(30) + 5)}:\r\n\t#{Rex::Text.rand_text_alphanumeric(rand(1024) + 1)}\r\n"
else
str << "X-#{Rex::Text.rand_text_alphanumeric(rand(30) + 5)}: #{Rex::Text.rand_text_alphanumeric(rand(1024) + 1)}\r\n"
* add junk pipelined request support * fix socket creation on pipelined requests * when a server says that the connection should be closed (Connection: closed), then close the connection, since its going to regardless, and we don't want to loose our state * support non-standard line termination in headers. ie \n instead of \r\n * add junk headers (X-rand: rand) * add header folding (for evasion) * add parse_header_re (still leaving parse_header around, though its dead code ATM) that does the right thing on non-standard line endings * move 'gzip' to a 'compression' option * add 'deflate' compression option (really, just raw zlib, and only firefox does deflate right) * fix a bunch of TE:chunked decoding bugs based based on the fact that Apache doesn't always close chunks appropriately * modify parse_body to not return state, since it doesn't always do that, and the return isn't used... self.state is. * add TE:chunked request support * normalize URIs in requests before saving them * Move params out of the URI, but when the uri is requested, and the method is GET, and there are params, return a URI that has the params that are approrpiately encoded (needed for junk_params, see below) * move request.to_s support of params to use the request params array when a POST, allows use of junk params support (see below). NOTE: If the body is provided, use the body instead of params, in case you want to hardcode the params in a POST request, eg: php_xmlrpc_eval.rb * Add junk params when building a param list, eg: a=b becomes asdfasdf=asdrt32a&asdfad=okhgasd&a=b&hjklasdf=hkasgd * add URI junk slash support (eg: /////foo.html) * param splitting now supports both '&', and ';', which CGI.pm and PHP both allow * add URI junk directory support, eg: /asdf/../foo.html * add param encoding support, eg: param A with value '=' is A=%3d * add URI junk self referring directory support, eg: /././foo.html git-svn-id: file:///home/svn/incoming/trunk@3457 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-27 21:57:44 +00:00
end
end
end
each_pair { |var, val|
* add junk pipelined request support * fix socket creation on pipelined requests * when a server says that the connection should be closed (Connection: closed), then close the connection, since its going to regardless, and we don't want to loose our state * support non-standard line termination in headers. ie \n instead of \r\n * add junk headers (X-rand: rand) * add header folding (for evasion) * add parse_header_re (still leaving parse_header around, though its dead code ATM) that does the right thing on non-standard line endings * move 'gzip' to a 'compression' option * add 'deflate' compression option (really, just raw zlib, and only firefox does deflate right) * fix a bunch of TE:chunked decoding bugs based based on the fact that Apache doesn't always close chunks appropriately * modify parse_body to not return state, since it doesn't always do that, and the return isn't used... self.state is. * add TE:chunked request support * normalize URIs in requests before saving them * Move params out of the URI, but when the uri is requested, and the method is GET, and there are params, return a URI that has the params that are approrpiately encoded (needed for junk_params, see below) * move request.to_s support of params to use the request params array when a POST, allows use of junk params support (see below). NOTE: If the body is provided, use the body instead of params, in case you want to hardcode the params in a POST request, eg: php_xmlrpc_eval.rb * Add junk params when building a param list, eg: a=b becomes asdfasdf=asdrt32a&asdfad=okhgasd&a=b&hjklasdf=hkasgd * add URI junk slash support (eg: /////foo.html) * param splitting now supports both '&', and ';', which CGI.pm and PHP both allow * add URI junk directory support, eg: /asdf/../foo.html * add param encoding support, eg: param A with value '=' is A=%3d * add URI junk self referring directory support, eg: /././foo.html git-svn-id: file:///home/svn/incoming/trunk@3457 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-27 21:57:44 +00:00
if self.fold
str << "#{var}:\r\n\t#{val}\r\n"
* add junk pipelined request support * fix socket creation on pipelined requests * when a server says that the connection should be closed (Connection: closed), then close the connection, since its going to regardless, and we don't want to loose our state * support non-standard line termination in headers. ie \n instead of \r\n * add junk headers (X-rand: rand) * add header folding (for evasion) * add parse_header_re (still leaving parse_header around, though its dead code ATM) that does the right thing on non-standard line endings * move 'gzip' to a 'compression' option * add 'deflate' compression option (really, just raw zlib, and only firefox does deflate right) * fix a bunch of TE:chunked decoding bugs based based on the fact that Apache doesn't always close chunks appropriately * modify parse_body to not return state, since it doesn't always do that, and the return isn't used... self.state is. * add TE:chunked request support * normalize URIs in requests before saving them * Move params out of the URI, but when the uri is requested, and the method is GET, and there are params, return a URI that has the params that are approrpiately encoded (needed for junk_params, see below) * move request.to_s support of params to use the request params array when a POST, allows use of junk params support (see below). NOTE: If the body is provided, use the body instead of params, in case you want to hardcode the params in a POST request, eg: php_xmlrpc_eval.rb * Add junk params when building a param list, eg: a=b becomes asdfasdf=asdrt32a&asdfad=okhgasd&a=b&hjklasdf=hkasgd * add URI junk slash support (eg: /////foo.html) * param splitting now supports both '&', and ';', which CGI.pm and PHP both allow * add URI junk directory support, eg: /asdf/../foo.html * add param encoding support, eg: param A with value '=' is A=%3d * add URI junk self referring directory support, eg: /././foo.html git-svn-id: file:///home/svn/incoming/trunk@3457 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-27 21:57:44 +00:00
else
str << "#{var}: #{val}\r\n"
* add junk pipelined request support * fix socket creation on pipelined requests * when a server says that the connection should be closed (Connection: closed), then close the connection, since its going to regardless, and we don't want to loose our state * support non-standard line termination in headers. ie \n instead of \r\n * add junk headers (X-rand: rand) * add header folding (for evasion) * add parse_header_re (still leaving parse_header around, though its dead code ATM) that does the right thing on non-standard line endings * move 'gzip' to a 'compression' option * add 'deflate' compression option (really, just raw zlib, and only firefox does deflate right) * fix a bunch of TE:chunked decoding bugs based based on the fact that Apache doesn't always close chunks appropriately * modify parse_body to not return state, since it doesn't always do that, and the return isn't used... self.state is. * add TE:chunked request support * normalize URIs in requests before saving them * Move params out of the URI, but when the uri is requested, and the method is GET, and there are params, return a URI that has the params that are approrpiately encoded (needed for junk_params, see below) * move request.to_s support of params to use the request params array when a POST, allows use of junk params support (see below). NOTE: If the body is provided, use the body instead of params, in case you want to hardcode the params in a POST request, eg: php_xmlrpc_eval.rb * Add junk params when building a param list, eg: a=b becomes asdfasdf=asdrt32a&asdfad=okhgasd&a=b&hjklasdf=hkasgd * add URI junk slash support (eg: /////foo.html) * param splitting now supports both '&', and ';', which CGI.pm and PHP both allow * add URI junk directory support, eg: /asdf/../foo.html * add param encoding support, eg: param A with value '=' is A=%3d * add URI junk self referring directory support, eg: /././foo.html git-svn-id: file:///home/svn/incoming/trunk@3457 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-27 21:57:44 +00:00
end
}
str << "\r\n"
return str
end
#
# Brings in from an array like yo.
#
def from_a(ary)
ary.each { |e|
self[e[0]] = e[1]
}
end
#
# Flushes all header pairs.
#
def reset
self.cmd_string = ''
self.clear
self.dcase_hash.clear
end
#
# Overrides the builtin 'each' operator to avoid the following exception on Ruby 1.9.2+
# "can't add a new key into hash during iteration"
#
def each(&block)
list = []
self.keys.sort.each do |sidx|
list << [sidx, self[sidx]]
end
list.each(&block)
end
#
# The raw command string associated with the header which will vary between
# requests and responses.
#
* add junk pipelined request support * fix socket creation on pipelined requests * when a server says that the connection should be closed (Connection: closed), then close the connection, since its going to regardless, and we don't want to loose our state * support non-standard line termination in headers. ie \n instead of \r\n * add junk headers (X-rand: rand) * add header folding (for evasion) * add parse_header_re (still leaving parse_header around, though its dead code ATM) that does the right thing on non-standard line endings * move 'gzip' to a 'compression' option * add 'deflate' compression option (really, just raw zlib, and only firefox does deflate right) * fix a bunch of TE:chunked decoding bugs based based on the fact that Apache doesn't always close chunks appropriately * modify parse_body to not return state, since it doesn't always do that, and the return isn't used... self.state is. * add TE:chunked request support * normalize URIs in requests before saving them * Move params out of the URI, but when the uri is requested, and the method is GET, and there are params, return a URI that has the params that are approrpiately encoded (needed for junk_params, see below) * move request.to_s support of params to use the request params array when a POST, allows use of junk params support (see below). NOTE: If the body is provided, use the body instead of params, in case you want to hardcode the params in a POST request, eg: php_xmlrpc_eval.rb * Add junk params when building a param list, eg: a=b becomes asdfasdf=asdrt32a&asdfad=okhgasd&a=b&hjklasdf=hkasgd * add URI junk slash support (eg: /////foo.html) * param splitting now supports both '&', and ';', which CGI.pm and PHP both allow * add URI junk directory support, eg: /asdf/../foo.html * add param encoding support, eg: param A with value '=' is A=%3d * add URI junk self referring directory support, eg: /././foo.html git-svn-id: file:///home/svn/incoming/trunk@3457 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-27 21:57:44 +00:00
attr_accessor :junk_headers
attr_accessor :cmd_string
* add junk pipelined request support * fix socket creation on pipelined requests * when a server says that the connection should be closed (Connection: closed), then close the connection, since its going to regardless, and we don't want to loose our state * support non-standard line termination in headers. ie \n instead of \r\n * add junk headers (X-rand: rand) * add header folding (for evasion) * add parse_header_re (still leaving parse_header around, though its dead code ATM) that does the right thing on non-standard line endings * move 'gzip' to a 'compression' option * add 'deflate' compression option (really, just raw zlib, and only firefox does deflate right) * fix a bunch of TE:chunked decoding bugs based based on the fact that Apache doesn't always close chunks appropriately * modify parse_body to not return state, since it doesn't always do that, and the return isn't used... self.state is. * add TE:chunked request support * normalize URIs in requests before saving them * Move params out of the URI, but when the uri is requested, and the method is GET, and there are params, return a URI that has the params that are approrpiately encoded (needed for junk_params, see below) * move request.to_s support of params to use the request params array when a POST, allows use of junk params support (see below). NOTE: If the body is provided, use the body instead of params, in case you want to hardcode the params in a POST request, eg: php_xmlrpc_eval.rb * Add junk params when building a param list, eg: a=b becomes asdfasdf=asdrt32a&asdfad=okhgasd&a=b&hjklasdf=hkasgd * add URI junk slash support (eg: /////foo.html) * param splitting now supports both '&', and ';', which CGI.pm and PHP both allow * add URI junk directory support, eg: /asdf/../foo.html * add param encoding support, eg: param A with value '=' is A=%3d * add URI junk self referring directory support, eg: /././foo.html git-svn-id: file:///home/svn/incoming/trunk@3457 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-27 21:57:44 +00:00
attr_accessor :fold
protected
attr_accessor :dcase_hash # :nodoc:
end
end
end
end