Implement HttpClient options generation from URL

To address the complexity which comes with the flexibility offered by Rex::Proto::Http::Client and its Msf mixin descendant, a simple process needs to be implemented for issuing a request using only the URL string in order to provide ease of access to users who may not have the time to study how these clients work in detail. Implement :request_opts_from_url in Msf's HttpClient mixin such as to extract the options required for :send_request_* from a URL string passed into the method. This approach reduces HTTP requests in the mixin to `send_request_raw(request_opts_from_url(url))` when `url` is just a string. Implement this approach in the http_pdf_authors gather module to further reduce infrastructure complexity around the simple need to acquire PDF files via HTTP/S. Testing: Local to this module only, and in Pry of course. Seems to work...
2017-07-10 04:19:26 -04:00 · 2017-07-10 04:19:26 -04:00 · df697aa23c
parent 997150a215
commit df697aa23c
2 changed files with 18 additions and 18 deletions
--- a/lib/msf/core/exploit/http/client.rb
+++ b/lib/msf/core/exploit/http/client.rb
@ -508,6 +508,23 @@ module Exploit::Remote::HttpClient
    end
  end

+  #
+  # Returns a hash of request opts from a URL string
+  def request_opts_from_url(url)
+    tgt = URI.parse(url)
+    opts = { 'rhost' => tgt.host, 'rport' => tgt.port, 'uri' => tgt.request_uri }
+    opts['SSL'] = true if tgt.scheme == 'https'
+    if tgt.query and tgt.query.size > 13
+      # Assming that this is going to be mostly used for GET requests as string -> req
+      opts['vars_get'] = {}
+      tgt.query.split('&').each do |pair|
+        k,v = pair.split('=',2)
+        opts['vars_get'][k] = v
+      end
+    end
+    return opts
+  end
+
  # removes HTML tags from a provided string.
  # The string is html-unescaped before the tags are removed
  # Leading whitespaces and double linebreaks are removed too
--- a/modules/auxiliary/gather/http_pdf_authors.rb
+++ b/modules/auxiliary/gather/http_pdf_authors.rb
@ -88,25 +88,8 @@ class MetasploitModule < Msf::Auxiliary
  def download(url)
    print_status "Downloading '#{url}'"

-    begin
-      target = URI.parse url
-      raise 'Invalid URL' unless target.scheme =~ %r{https?}
-      raise 'Invalid URL' if target.host.to_s.eql? ''
-    rescue => e
-      print_error "Could not parse URL: #{e}"
-      return
-    end

-    options = {
-      'rhost'  =>  target.host,
-      'rport'  => target.port,
-      'method' => 'GET',
-      'uri'    => target.request_uri
-    }
-
-    options['SSL'] = true if target.scheme.eql? 'https'
-
-    res = send_request_raw(options)
+    res = send_request_raw(request_options_from_url(url))
    disconnect

    print_status "HTTP #{res.code} -- Downloaded PDF (#{res.body.length} bytes)"