Add #send_request to Metasploit::Framework::LoginScanner::HTTP

2015-03-25 01:40:02 -05:00 · 2015-03-25 01:40:02 -05:00 · 8f95624bf7
parent 376bf13f1e
commit 8f95624bf7
1 changed files with 34 additions and 0 deletions
--- a/lib/metasploit/framework/login_scanner/http.rb
+++ b/lib/metasploit/framework/login_scanner/http.rb
@ -187,6 +187,40 @@ module Metasploit
          error_message
        end

+        # Sends a HTTP request with Rex
+        #
+        # @param (see Rex::Proto::Http::Request#request_raw)
+        # @raise [Rex::ConnectionError] Something has gone wrong while sending the HTTP request
+        # @return [Rex::Proto::Http::Response] The HTTP response
+        def send_request(opts)
+          res = nil
+          cli = Rex::Proto::Http::Client.new(host, port,
+            {
+              'Msf' => framework,
+              'MsfExploit' => framework_module
+            },
+            ssl,
+            ssl_version,
+            proxies
+          )
+          configure_http_client(cli)
+          begin
+            cli.connect
+            req = cli.request_cgi(opts)
+            res = cli.send_recv(req)
+          rescue ::Errno::EPIPE, ::Timeout::Error => e
+            # We are trying to mimic the same type of exception rescuing in
+            # Msf::Exploit::Remote::HttpClient. But instead of returning nil, we'll consistently
+            # raise Rex::ConnectionError so the #attempt_login can return the error message back
+            # to the login module.
+            raise Rex::ConnectionError, e.message
+          ensure
+            cli.close
+          end
+
+          res
+        end
+
        # Attempt a single login with a single credential against the target.
        #
        # @param credential [Credential] The credential object to attempt to