A few more updates to the HTTP exploit mixin, still needs some work before it is completed

git-svn-id: file:///home/svn/framework3/trunk@4481 4d416f70-5f16-0410-b530-b9f4589650da

lib/msf/core/exploit/http.rb

@@ -34,19 +34,29 @@ module Exploit::Remote::HttpClient
 	    
 		register_evasion_options(
 			[
-				OptEnum.new('HTTP::uri_encode', [false, 'Enable URI encoding', 'none', ['none','hex-normal', 'hex-all', 'u-normal', 'u-all'], 'hex-normal'])
+				OptEnum.new('HTTP::uri_encode', [false, 'Enable URI encoding', 'hex-normal', ['none', 'hex-normal', 'hex-all', 'hex-random', 'u-normal', 'u-all', 'u-random']]),
+				OptBool.new('HTTP::uri_full_url', [false, 'Use the full URL for all HTTP requests', false]),
+				OptInt.new('HTTP::pad_method_uri_count', [false, 'How many whitespace characters to use between the method and uri', 1]),
+				OptInt.new('HTTP::pad_uri_version_count', [false, 'How many whitespace characters to use between the uri and version', 1]),
+				OptEnum.new('HTTP::pad_method_uri_type', [false, 'What type of whitespace to use between the method and uri', 'space', ['space', 'tab', 'apache']]),
+				OptEnum.new('HTTP::pad_uri_version_type', [false, 'What type of whitespace to use between the uri and version', 'space', ['space', 'tab', 'apache']]),
+				OptBool.new('HTTP::method_random_valid', [false, 'Use a random, but valid, HTTP method for request', false]),
+				OptBool.new('HTTP::method_random_invalid', [false, 'Use a random invalid, HTTP method for request', false]),
+				OptBool.new('HTTP::method_random_case', [false, 'Use random casing for the HTTP method', false]),
+				OptBool.new('HTTP::uri_dir_self_reference', [false, 'Insert self-referential directories into the uri', false]),
+				OptBool.new('HTTP::uri_dir_fake_relative', [false, 'Insert fake relative directories into the uri', false]),
+				OptBool.new('HTTP::uri_use_backslaces', [false, 'Use back slashes instead of forward slashes in the uri ', false]),
+				OptBool.new('HTTP::pad_fake_headers', [false, 'Insert random, fake headers into the HTTP request', false]),
+				OptInt.new('HTTP::pad_fake_headers_count', [false, 'How many fake headers to insert into the HTTP request', 0])
 
 #
-# Still re-implementing the following options
+# Remaining evasions to implement
 #
-
+			
 #				OptBool.new('HTTP::chunked', [false, 'Enable chunking of HTTP request via "Transfer-Encoding: chunked"', 'false']),
 #				OptBool.new('HTTP::header_folding', [false, 'Enable folding of HTTP headers', 'false']),
-#				OptBool.new('HTTP::junk_headers', [false, 'Enable insertion of random junk HTTP headers', 'false']),
-#				OptBool.new('HTTP::junk_slashes', [false, 'Enable insertion of random junk HTTP headers', 'false']),
 #				OptBool.new('HTTP::junk_directories', [false, 'Enable insertion of random junk directories in the URI', 'false']),
 #				OptBool.new('HTTP::junk_params', [false, 'Enable insertion of random junk parameters', 'false']),
-#        		OptBool.new('HTTP::junk_self_referring_directories', [false, 'Enable insertion of random self referring directories (eg: /./././)', 'false']),
 #               OptInt.new('HTTP::junk_pipeline', [true, 'Insert the specified number of junk pipeline requests', 0]),
 #				OptBool.new('HTTP::fake_uri_end', [false, 'Add a fake end of URI (eg: /%20HTTP/1.0/../../)', 'false']),
 #				OptBool.new('HTTP::fake_param_start', [false, 'Add a fake start of params to the URI (eg: /%3fa=b/../)', 'false']),