Updated code style as per @hmoore-r7's instructions
parent
b8f7c80fd2
commit
62d67469da
|
@ -40,12 +40,18 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
|
|
||||||
def run_host(target_host)
|
def run_host(target_host)
|
||||||
begin
|
begin
|
||||||
|
# Send a normal GET request
|
||||||
res = send_request_cgi('uri' => '/',
|
res = send_request_cgi('uri' => '/',
|
||||||
'method' => 'GET')
|
'method' => 'GET')
|
||||||
|
|
||||||
|
# If no response, quit now
|
||||||
if res.nil?
|
if res.nil?
|
||||||
print_error("No response from #{target_host}:#{rport}") if datastore['SHOW_ERRORS'] == true
|
print_error("[#{target_host}:#{rport}] No response") if datastore['SHOW_ERRORS'] == true
|
||||||
else
|
return
|
||||||
|
end
|
||||||
|
|
||||||
|
# Retrieve the headers to capture the Location and Server header
|
||||||
|
# Note that they are case-insensitive but stored in a hash
|
||||||
server_header = nil
|
server_header = nil
|
||||||
location_header = nil
|
location_header = nil
|
||||||
if !res.headers.nil?
|
if !res.headers.nil?
|
||||||
|
@ -54,13 +60,24 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
server_header = val if key.downcase == 'server'
|
server_header = val if key.downcase == 'server'
|
||||||
end
|
end
|
||||||
else
|
else
|
||||||
print_error("No headers from #{target_host}:#{rport}") if datastore['SHOW_ERRORS'] == true
|
print_error("[#{target_host}:#{rport}] No HTTP headers") if datastore['SHOW_ERRORS'] == true
|
||||||
end
|
end
|
||||||
|
|
||||||
if !res.body.nil?
|
# If the body is blank, just stop now as there is no chance of a title
|
||||||
# Very basic, just match the first title tag we come to.
|
if res.body.nil?
|
||||||
|
print_error("[#{target_host}:#{rport}] No webpage body") if datastore['SHOW_ERRORS'] == true
|
||||||
|
return
|
||||||
|
end
|
||||||
|
|
||||||
|
# Very basic, just match the first title tag we come to. If the match fails,
|
||||||
|
# there is no chance that we will have a title
|
||||||
rx = %r{<title>[\n\t\s]*(?<title>.+?)[\s\n\t]*</title>}im.match(res.body.to_s)
|
rx = %r{<title>[\n\t\s]*(?<title>.+?)[\s\n\t]*</title>}im.match(res.body.to_s)
|
||||||
if rx
|
unless rx
|
||||||
|
print_error("[#{target_host}:#{rport}] No webpage title") if datastore['SHOW_ERRORS'] == true
|
||||||
|
return
|
||||||
|
end
|
||||||
|
|
||||||
|
# Last bit of logic to capture the title
|
||||||
rx[:title].strip!
|
rx[:title].strip!
|
||||||
if rx[:title] != ''
|
if rx[:title] != ''
|
||||||
rx_title = CGI.unescapeHTML(rx[:title])
|
rx_title = CGI.unescapeHTML(rx[:title])
|
||||||
|
@ -70,18 +87,11 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
report_note(host: target_host, type: "http.title", data: notedata)
|
report_note(host: target_host, type: "http.title", data: notedata)
|
||||||
end
|
end
|
||||||
else
|
else
|
||||||
print_error("No webpage title from #{target_host}:#{rport}") if datastore['SHOW_ERRORS'] == true
|
print_error("[#{target_host}:#{rport}] No webpage title") if datastore['SHOW_ERRORS'] == true
|
||||||
end
|
|
||||||
else
|
|
||||||
print_error("No webpage title from #{target_host}:#{rport}") if datastore['SHOW_ERRORS'] == true
|
|
||||||
end
|
|
||||||
else
|
|
||||||
print_error("No webpage body from #{target_host}:#{rport}") if datastore['SHOW_ERRORS'] == true
|
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
rescue ::Rex::ConnectionRefused, ::Rex::HostUnreachable, ::Rex::ConnectionTimeout
|
rescue ::Rex::ConnectionRefused, ::Rex::HostUnreachable, ::Rex::ConnectionTimeout
|
||||||
rescue ::Timeout::Error, ::Errno::EPIPE
|
rescue ::Timeout::Error, ::Errno::EPIPE
|
||||||
end
|
end
|
||||||
end
|
|
||||||
end
|
end
|
||||||
|
|
Loading…
Reference in New Issue