Remove open-uri usage in msf.

2015-03-05 23:45:28 -06:00 · 2015-03-05 23:45:28 -06:00 · d7295959ca
parent 141e2e732f
commit d7295959ca
4 changed files with 12 additions and 14 deletions
--- a/data/exploits/capture/http/forms/extractforms.rb
+++ b/data/exploits/capture/http/forms/extractforms.rb
@ -11,7 +11,6 @@

 require 'rubygems'  # install rubygems
 require 'hpricot'   # gem install hpricot
-require 'open-uri'
 require 'timeout'

 def usage
--- a/data/exploits/capture/http/forms/grabforms.rb
+++ b/data/exploits/capture/http/forms/grabforms.rb
@ -11,7 +11,7 @@

 require 'rubygems'  # install rubygems
 require 'hpricot'   # gem install hpricot
-require 'open-uri'
+require 'uri'
 require 'timeout'

 def usage
@ -26,17 +26,17 @@ File.readlines(sitelist).each do |site|
  site.strip!
  next if site.length == 0
  next if site =~ /^#/
-  
+
  out = File.join(output, site + ".txt")
  File.unlink(out) if File.exists?(out)
-  
+
  fd  = File.open(out, "a")
-  
+

  ["", "www."].each do |prefix|
    begin
-      Timeout.timeout(10) do 
-        doc = Hpricot(open("http://#{prefix}#{site}/"))
+      Timeout.timeout(10) do
+        doc = Hpricot(URI.parse("http://#{prefix}#{site}/").open)
        doc.search("//form").each do |form|

          # Extract the form
@ -78,9 +78,9 @@ File.readlines(sitelist).each do |site|
      $stderr.puts "#{prefix}#{site} #{e.class} #{e}"
    end
  end
-  
+
  fd.close
-  
+
  File.unlink(out) if (File.size(out) == 0)

 end
--- a/modules/auxiliary/gather/apple_safari_webarchive_uxss.rb
+++ b/modules/auxiliary/gather/apple_safari_webarchive_uxss.rb
@ -4,7 +4,7 @@
 ##

 require 'msf/core'
-require 'open-uri'
+require 'uri'

 class Metasploit3 < Msf::Auxiliary

@ -732,7 +732,7 @@ class Metasploit3 < Msf::Auxiliary
      results = []
      print_status "Fetching URL #{url}..."
      # fetch and parse the HTML document
-      doc = Nokogiri::HTML(open(url))
+      doc = Nokogiri::HTML(URI.parse(url).open)
      # recursively add scripts from iframes
      doc.css('iframe').each do |iframe|
        print_status "Checking iframe..."
@ -771,7 +771,7 @@ class Metasploit3 < Msf::Auxiliary
            if url.to_s.starts_with? '//'
              url = "#{page_uri.scheme}:#{url}"
            end
-            io = open(url)
+            io = URI.parse(url).open
          rescue URI::InvalidURIError, OpenURI::HTTPError
            next
          end
--- a/modules/auxiliary/gather/flash_rosetta_jsonp_url_disclosure.rb
+++ b/modules/auxiliary/gather/flash_rosetta_jsonp_url_disclosure.rb
@ -4,7 +4,6 @@
 ##

 require 'msf/core'
-require 'open-uri'
 require 'uri'

 class Metasploit3 < Msf::Auxiliary
@ -66,7 +65,7 @@ class Metasploit3 < Msf::Auxiliary

  def check
    test_string = Rex::Text.rand_text_alphanumeric(encoded_swf.length)
-    io = open(exploit_url(test_string))
+    io = URI.parse(exploit_url(test_string)).open
    if io.read.start_with? test_string
      Msf::Exploit::CheckCode::Vulnerable
    else