infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Handle the usage of // (same-scheme) URLs.

bug/bundler_fix
Joe Vennix 2015-01-15 15:09:50 -06:00
parent 7876401419
commit 35c9a13199
1 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
modules/auxiliary/gather/apple_safari_webarchive_uxss.rb
View File

@ -47,7 +47,7 @@ class Metasploit3 < Msf::Auxiliary
register_options(
[
OptString.new('FILENAME', [ true, 'The file name.', 'msf.webarchive']),
OptString.new('URLS', [ true, 'A space-delimited list of URLs to UXSS (eg http://browserscan.rapid7.com/']),
OptString.new('URLS', [ true, 'A space-delimited list of URLs to UXSS (eg http://rapid7.com http://example.com']),
OptString.new('URIPATH', [false, 'The URI to receive the UXSS\'ed data', '/grab']),
OptString.new('DOWNLOAD_PATH', [ true, 'The path to download the webarhive.', '/msf.webarchive']),
OptString.new('URLS', [ true, 'The URLs to steal cookie and form data from.', '']),
@ -768,8 +768,11 @@ class Metasploit3 < Msf::Auxiliary
if script_uri.relative?
url = page_uri + url
end
if url.to_s.starts_with? '//'
url = "#{page_uri.scheme}:"+url
end
io = open(url)
rescue URI::InvalidURIError => e
rescue URI::InvalidURIError, OpenURI::HTTPError
next
end