infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Updated code style as per @hmoore-r7's instructions

bug/bundler_fix
Stuart Morgan 2015-05-11 19:34:23 +01:00
parent b8f7c80fd2
commit 62d67469da
1 changed files with 35 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

60
modules/auxiliary/scanner/http/title.rb
View File

@ -40,12 +40,18 @@ class Metasploit3 < Msf::Auxiliary
def run_host(target_host) def run_host(target_host)
begin begin
res = send_request_cgi('uri' => '/', # Send a normal GET request
'method' => 'GET') res = send_request_cgi('uri' => '/',
'method' => 'GET')
if res.nil? # If no response, quit now
print_error("No response from #{target_host}:#{rport}") if datastore['SHOW_ERRORS'] == true if res.nil?
else print_error("[#{target_host}:#{rport}] No response") if datastore['SHOW_ERRORS'] == true
return
end
# Retrieve the headers to capture the Location and Server header
# Note that they are case-insensitive but stored in a hash
server_header = nil server_header = nil
location_header = nil location_header = nil
if !res.headers.nil? if !res.headers.nil?
@ -54,34 +60,38 @@ class Metasploit3 < Msf::Auxiliary
server_header = val if key.downcase == 'server' server_header = val if key.downcase == 'server'
end end
else else
print_error("No headers from #{target_host}:#{rport}") if datastore['SHOW_ERRORS'] == true print_error("[#{target_host}:#{rport}] No HTTP headers") if datastore['SHOW_ERRORS'] == true
end end
if !res.body.nil? # If the body is blank, just stop now as there is no chance of a title
# Very basic, just match the first title tag we come to. if res.body.nil?
rx = %r{<title>[\n\t\s]*(?<title>.+?)[\s\n\t]*</title>}im.match(res.body.to_s) print_error("[#{target_host}:#{rport}] No webpage body") if datastore['SHOW_ERRORS'] == true
if rx return
rx[:title].strip! end
if rx[:title] != ''
rx_title = CGI.unescapeHTML(rx[:title]) # Very basic, just match the first title tag we come to. If the match fails,
print_status("[#{target_host}:#{rport}] [C:#{res.code}] [R:#{location_header}] [S:#{server_header}] #{rx_title}") if datastore['SHOW_TITLES'] == true # there is no chance that we will have a title
if datastore['STORE_NOTES'] == true rx = %r{<title>[\n\t\s]*(?<title>.+?)[\s\n\t]*</title>}im.match(res.body.to_s)
notedata = { code: res.code, port: rport, server: server_header, title: rx_title, redirect: location_header } unless rx
report_note(host: target_host, type: "http.title", data: notedata) print_error("[#{target_host}:#{rport}] No webpage title") if datastore['SHOW_ERRORS'] == true
end return
else end
print_error("No webpage title from #{target_host}:#{rport}") if datastore['SHOW_ERRORS'] == true
end # Last bit of logic to capture the title
else rx[:title].strip!
print_error("No webpage title from #{target_host}:#{rport}") if datastore['SHOW_ERRORS'] == true if rx[:title] != ''
rx_title = CGI.unescapeHTML(rx[:title])
print_status("[#{target_host}:#{rport}] [C:#{res.code}] [R:#{location_header}] [S:#{server_header}] #{rx_title}") if datastore['SHOW_TITLES'] == true
if datastore['STORE_NOTES'] == true
notedata = { code: res.code, port: rport, server: server_header, title: rx_title, redirect: location_header }
report_note(host: target_host, type: "http.title", data: notedata)
end end
else else
print_error("No webpage body from #{target_host}:#{rport}") if datastore['SHOW_ERRORS'] == true print_error("[#{target_host}:#{rport}] No webpage title") if datastore['SHOW_ERRORS'] == true
end end
end end
rescue ::Rex::ConnectionRefused, ::Rex::HostUnreachable, ::Rex::ConnectionTimeout rescue ::Rex::ConnectionRefused, ::Rex::HostUnreachable, ::Rex::ConnectionTimeout
rescue ::Timeout::Error, ::Errno::EPIPE rescue ::Timeout::Error, ::Errno::EPIPE
end
end end
end end