Handle the usage of // (same-scheme) URLs.

bug/bundler_fix
Joe Vennix 2015-01-15 15:09:50 -06:00
parent 7876401419
commit 35c9a13199
1 changed files with 5 additions and 2 deletions

View File

@ -47,7 +47,7 @@ class Metasploit3 < Msf::Auxiliary
register_options( register_options(
[ [
OptString.new('FILENAME', [ true, 'The file name.', 'msf.webarchive']), OptString.new('FILENAME', [ true, 'The file name.', 'msf.webarchive']),
OptString.new('URLS', [ true, 'A space-delimited list of URLs to UXSS (eg http://browserscan.rapid7.com/']), OptString.new('URLS', [ true, 'A space-delimited list of URLs to UXSS (eg http://rapid7.com http://example.com']),
OptString.new('URIPATH', [false, 'The URI to receive the UXSS\'ed data', '/grab']), OptString.new('URIPATH', [false, 'The URI to receive the UXSS\'ed data', '/grab']),
OptString.new('DOWNLOAD_PATH', [ true, 'The path to download the webarhive.', '/msf.webarchive']), OptString.new('DOWNLOAD_PATH', [ true, 'The path to download the webarhive.', '/msf.webarchive']),
OptString.new('URLS', [ true, 'The URLs to steal cookie and form data from.', '']), OptString.new('URLS', [ true, 'The URLs to steal cookie and form data from.', '']),
@ -768,8 +768,11 @@ class Metasploit3 < Msf::Auxiliary
if script_uri.relative? if script_uri.relative?
url = page_uri + url url = page_uri + url
end end
if url.to_s.starts_with? '//'
url = "#{page_uri.scheme}:"+url
end
io = open(url) io = open(url)
rescue URI::InvalidURIError => e rescue URI::InvalidURIError, OpenURI::HTTPError
next next
end end