librex 0.0.13 → 0.0.15
Sign up to get free protection for your applications and to get access to all the features.
- data/README.markdown +1 -1
- data/Rakefile +1 -0
- metadata +3 -435
- data/lib/rex/LICENSE +0 -29
- data/lib/rex/arch.rb +0 -103
- data/lib/rex/arch/sparc.rb +0 -75
- data/lib/rex/arch/sparc.rb.ut.rb +0 -18
- data/lib/rex/arch/x86.rb +0 -513
- data/lib/rex/arch/x86.rb.ut.rb +0 -93
- data/lib/rex/assembly/nasm.rb +0 -104
- data/lib/rex/assembly/nasm.rb.ut.rb +0 -22
- data/lib/rex/codepage.map +0 -104
- data/lib/rex/compat.rb +0 -311
- data/lib/rex/constants.rb +0 -113
- data/lib/rex/elfparsey.rb +0 -11
- data/lib/rex/elfparsey/elf.rb +0 -123
- data/lib/rex/elfparsey/elfbase.rb +0 -258
- data/lib/rex/elfparsey/exceptions.rb +0 -27
- data/lib/rex/elfscan.rb +0 -12
- data/lib/rex/elfscan/scanner.rb +0 -207
- data/lib/rex/elfscan/search.rb +0 -46
- data/lib/rex/encoder/alpha2.rb +0 -31
- data/lib/rex/encoder/alpha2/alpha_mixed.rb +0 -68
- data/lib/rex/encoder/alpha2/alpha_upper.rb +0 -79
- data/lib/rex/encoder/alpha2/generic.rb +0 -114
- data/lib/rex/encoder/alpha2/unicode_mixed.rb +0 -117
- data/lib/rex/encoder/alpha2/unicode_upper.rb +0 -129
- data/lib/rex/encoder/ndr.rb +0 -89
- data/lib/rex/encoder/ndr.rb.ut.rb +0 -44
- data/lib/rex/encoder/nonalpha.rb +0 -61
- data/lib/rex/encoder/nonupper.rb +0 -64
- data/lib/rex/encoder/xdr.rb +0 -106
- data/lib/rex/encoder/xdr.rb.ut.rb +0 -29
- data/lib/rex/encoder/xor.rb +0 -69
- data/lib/rex/encoder/xor/dword.rb +0 -13
- data/lib/rex/encoder/xor/dword_additive.rb +0 -13
- data/lib/rex/encoders/xor_dword.rb +0 -35
- data/lib/rex/encoders/xor_dword_additive.rb +0 -53
- data/lib/rex/encoders/xor_dword_additive.rb.ut.rb +0 -12
- data/lib/rex/encoding/xor.rb +0 -20
- data/lib/rex/encoding/xor.rb.ts.rb +0 -14
- data/lib/rex/encoding/xor/byte.rb +0 -15
- data/lib/rex/encoding/xor/byte.rb.ut.rb +0 -21
- data/lib/rex/encoding/xor/dword.rb +0 -21
- data/lib/rex/encoding/xor/dword.rb.ut.rb +0 -15
- data/lib/rex/encoding/xor/dword_additive.rb +0 -92
- data/lib/rex/encoding/xor/dword_additive.rb.ut.rb +0 -15
- data/lib/rex/encoding/xor/exceptions.rb +0 -17
- data/lib/rex/encoding/xor/generic.rb +0 -146
- data/lib/rex/encoding/xor/generic.rb.ut.rb +0 -120
- data/lib/rex/encoding/xor/qword.rb +0 -15
- data/lib/rex/encoding/xor/word.rb +0 -21
- data/lib/rex/encoding/xor/word.rb.ut.rb +0 -13
- data/lib/rex/exceptions.rb +0 -275
- data/lib/rex/exceptions.rb.ut.rb +0 -44
- data/lib/rex/exploitation/cmdstager.rb +0 -9
- data/lib/rex/exploitation/cmdstager/base.rb +0 -175
- data/lib/rex/exploitation/cmdstager/debug_asm.rb +0 -142
- data/lib/rex/exploitation/cmdstager/debug_write.rb +0 -136
- data/lib/rex/exploitation/cmdstager/tftp.rb +0 -63
- data/lib/rex/exploitation/cmdstager/vbs.rb +0 -128
- data/lib/rex/exploitation/egghunter.rb +0 -277
- data/lib/rex/exploitation/egghunter.rb.ut.rb +0 -25
- data/lib/rex/exploitation/encryptjs.rb +0 -77
- data/lib/rex/exploitation/heaplib.js.b64 +0 -331
- data/lib/rex/exploitation/heaplib.rb +0 -94
- data/lib/rex/exploitation/javascriptosdetect.rb +0 -897
- data/lib/rex/exploitation/obfuscatejs.rb +0 -335
- data/lib/rex/exploitation/omelet.rb +0 -320
- data/lib/rex/exploitation/omelet.rb.ut.rb +0 -13
- data/lib/rex/exploitation/opcodedb.rb +0 -818
- data/lib/rex/exploitation/opcodedb.rb.ut.rb +0 -279
- data/lib/rex/exploitation/seh.rb +0 -92
- data/lib/rex/exploitation/seh.rb.ut.rb +0 -19
- data/lib/rex/file.rb +0 -112
- data/lib/rex/file.rb.ut.rb +0 -16
- data/lib/rex/image_source.rb +0 -12
- data/lib/rex/image_source/disk.rb +0 -60
- data/lib/rex/image_source/image_source.rb +0 -46
- data/lib/rex/image_source/memory.rb +0 -37
- data/lib/rex/io/bidirectional_pipe.rb +0 -157
- data/lib/rex/io/datagram_abstraction.rb +0 -35
- data/lib/rex/io/stream.rb +0 -319
- data/lib/rex/io/stream_abstraction.rb +0 -197
- data/lib/rex/io/stream_server.rb +0 -211
- data/lib/rex/job_container.rb +0 -187
- data/lib/rex/logging.rb +0 -4
- data/lib/rex/logging/log_dispatcher.rb +0 -179
- data/lib/rex/logging/log_sink.rb +0 -42
- data/lib/rex/logging/sinks/flatfile.rb +0 -55
- data/lib/rex/logging/sinks/stderr.rb +0 -43
- data/lib/rex/machparsey.rb +0 -9
- data/lib/rex/machparsey/exceptions.rb +0 -34
- data/lib/rex/machparsey/mach.rb +0 -209
- data/lib/rex/machparsey/machbase.rb +0 -408
- data/lib/rex/machscan.rb +0 -9
- data/lib/rex/machscan/scanner.rb +0 -217
- data/lib/rex/mime.rb +0 -9
- data/lib/rex/mime/header.rb +0 -77
- data/lib/rex/mime/message.rb +0 -144
- data/lib/rex/mime/part.rb +0 -20
- data/lib/rex/nop/opty2.rb +0 -108
- data/lib/rex/nop/opty2.rb.ut.rb +0 -23
- data/lib/rex/nop/opty2_tables.rb +0 -300
- data/lib/rex/ole.rb +0 -205
- data/lib/rex/ole/clsid.rb +0 -47
- data/lib/rex/ole/difat.rb +0 -141
- data/lib/rex/ole/directory.rb +0 -231
- data/lib/rex/ole/direntry.rb +0 -240
- data/lib/rex/ole/docs/dependencies.txt +0 -8
- data/lib/rex/ole/docs/references.txt +0 -1
- data/lib/rex/ole/fat.rb +0 -99
- data/lib/rex/ole/header.rb +0 -204
- data/lib/rex/ole/minifat.rb +0 -77
- data/lib/rex/ole/propset.rb +0 -144
- data/lib/rex/ole/samples/create_ole.rb +0 -27
- data/lib/rex/ole/samples/dir.rb +0 -35
- data/lib/rex/ole/samples/dump_stream.rb +0 -34
- data/lib/rex/ole/samples/ole_info.rb +0 -23
- data/lib/rex/ole/storage.rb +0 -395
- data/lib/rex/ole/stream.rb +0 -53
- data/lib/rex/ole/substorage.rb +0 -49
- data/lib/rex/ole/util.rb +0 -157
- data/lib/rex/parser/arguments.rb +0 -97
- data/lib/rex/parser/arguments.rb.ut.rb +0 -67
- data/lib/rex/parser/ini.rb +0 -185
- data/lib/rex/parser/ini.rb.ut.rb +0 -29
- data/lib/rex/parser/ip360_aspl_xml.rb +0 -102
- data/lib/rex/parser/ip360_xml.rb +0 -93
- data/lib/rex/parser/nessus_xml.rb +0 -118
- data/lib/rex/parser/netsparker_xml.rb +0 -94
- data/lib/rex/parser/nexpose_xml.rb +0 -131
- data/lib/rex/parser/nmap_xml.rb +0 -121
- data/lib/rex/parser/retina_xml.rb +0 -109
- data/lib/rex/payloads.rb +0 -1
- data/lib/rex/payloads/win32.rb +0 -2
- data/lib/rex/payloads/win32/common.rb +0 -26
- data/lib/rex/payloads/win32/kernel.rb +0 -53
- data/lib/rex/payloads/win32/kernel/common.rb +0 -54
- data/lib/rex/payloads/win32/kernel/migration.rb +0 -12
- data/lib/rex/payloads/win32/kernel/recovery.rb +0 -50
- data/lib/rex/payloads/win32/kernel/stager.rb +0 -194
- data/lib/rex/peparsey.rb +0 -12
- data/lib/rex/peparsey/exceptions.rb +0 -32
- data/lib/rex/peparsey/pe.rb +0 -212
- data/lib/rex/peparsey/pe_memdump.rb +0 -63
- data/lib/rex/peparsey/pebase.rb +0 -1680
- data/lib/rex/peparsey/section.rb +0 -136
- data/lib/rex/pescan.rb +0 -13
- data/lib/rex/pescan/analyze.rb +0 -309
- data/lib/rex/pescan/scanner.rb +0 -206
- data/lib/rex/pescan/search.rb +0 -56
- data/lib/rex/platforms.rb +0 -1
- data/lib/rex/platforms/windows.rb +0 -51
- data/lib/rex/poly.rb +0 -132
- data/lib/rex/poly/block.rb +0 -477
- data/lib/rex/poly/register.rb +0 -100
- data/lib/rex/poly/register/x86.rb +0 -40
- data/lib/rex/post.rb +0 -8
- data/lib/rex/post/dir.rb +0 -51
- data/lib/rex/post/file.rb +0 -172
- data/lib/rex/post/file_stat.rb +0 -220
- data/lib/rex/post/gen.pl +0 -13
- data/lib/rex/post/io.rb +0 -182
- data/lib/rex/post/meterpreter.rb +0 -4
- data/lib/rex/post/meterpreter/channel.rb +0 -445
- data/lib/rex/post/meterpreter/channel_container.rb +0 -54
- data/lib/rex/post/meterpreter/channels/pool.rb +0 -160
- data/lib/rex/post/meterpreter/channels/pools/file.rb +0 -62
- data/lib/rex/post/meterpreter/channels/pools/stream_pool.rb +0 -103
- data/lib/rex/post/meterpreter/channels/stream.rb +0 -87
- data/lib/rex/post/meterpreter/client.rb +0 -364
- data/lib/rex/post/meterpreter/client_core.rb +0 -274
- data/lib/rex/post/meterpreter/dependencies.rb +0 -3
- data/lib/rex/post/meterpreter/extension.rb +0 -32
- data/lib/rex/post/meterpreter/extensions/espia/espia.rb +0 -58
- data/lib/rex/post/meterpreter/extensions/espia/tlv.rb +0 -16
- data/lib/rex/post/meterpreter/extensions/incognito/incognito.rb +0 -94
- data/lib/rex/post/meterpreter/extensions/incognito/tlv.rb +0 -21
- data/lib/rex/post/meterpreter/extensions/networkpug/networkpug.rb +0 -57
- data/lib/rex/post/meterpreter/extensions/networkpug/tlv.rb +0 -15
- data/lib/rex/post/meterpreter/extensions/priv/fs.rb +0 -118
- data/lib/rex/post/meterpreter/extensions/priv/passwd.rb +0 -61
- data/lib/rex/post/meterpreter/extensions/priv/priv.rb +0 -111
- data/lib/rex/post/meterpreter/extensions/priv/tlv.rb +0 -28
- data/lib/rex/post/meterpreter/extensions/sniffer/sniffer.rb +0 -101
- data/lib/rex/post/meterpreter/extensions/sniffer/tlv.rb +0 -26
- data/lib/rex/post/meterpreter/extensions/stdapi/constants.rb +0 -333
- data/lib/rex/post/meterpreter/extensions/stdapi/fs/dir.rb +0 -282
- data/lib/rex/post/meterpreter/extensions/stdapi/fs/file.rb +0 -266
- data/lib/rex/post/meterpreter/extensions/stdapi/fs/file_stat.rb +0 -103
- data/lib/rex/post/meterpreter/extensions/stdapi/fs/io.rb +0 -48
- data/lib/rex/post/meterpreter/extensions/stdapi/net/config.rb +0 -144
- data/lib/rex/post/meterpreter/extensions/stdapi/net/interface.rb +0 -73
- data/lib/rex/post/meterpreter/extensions/stdapi/net/route.rb +0 -56
- data/lib/rex/post/meterpreter/extensions/stdapi/net/socket.rb +0 -137
- data/lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/tcp_client_channel.rb +0 -180
- data/lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/tcp_server_channel.rb +0 -167
- data/lib/rex/post/meterpreter/extensions/stdapi/net/socket_subsystem/udp_channel.rb +0 -208
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun.rb.ts.rb +0 -6
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/api_constants.rb +0 -38106
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/api_constants.rb.ut.rb +0 -31
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/buffer_item.rb +0 -47
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/buffer_item.rb.ut.rb +0 -36
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_advapi32.rb +0 -1818
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_iphlpapi.rb +0 -96
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_kernel32.rb +0 -3848
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_netapi32.rb +0 -26
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_ntdll.rb +0 -153
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_shell32.rb +0 -21
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_user32.rb +0 -3169
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_ws2_32.rb +0 -599
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll.rb +0 -318
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_function.rb +0 -100
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_function.rb.ut.rb +0 -42
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_helper.rb +0 -148
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_helper.rb.ut.rb +0 -127
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/multicall.rb +0 -309
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/railgun.rb +0 -204
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/tlv.rb +0 -51
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/util.rb +0 -630
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/win_const_manager.rb +0 -75
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/win_const_manager.rb.ut.rb +0 -103
- data/lib/rex/post/meterpreter/extensions/stdapi/stdapi.rb +0 -149
- data/lib/rex/post/meterpreter/extensions/stdapi/sys/config.rb +0 -97
- data/lib/rex/post/meterpreter/extensions/stdapi/sys/event_log.rb +0 -192
- data/lib/rex/post/meterpreter/extensions/stdapi/sys/event_log_subsystem/event_record.rb +0 -41
- data/lib/rex/post/meterpreter/extensions/stdapi/sys/power.rb +0 -61
- data/lib/rex/post/meterpreter/extensions/stdapi/sys/process.rb +0 -370
- data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/image.rb +0 -129
- data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/io.rb +0 -55
- data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/memory.rb +0 -336
- data/lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/thread.rb +0 -141
- data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry.rb +0 -279
- data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/registry_key.rb +0 -193
- data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/registry_value.rb +0 -102
- data/lib/rex/post/meterpreter/extensions/stdapi/sys/thread.rb +0 -180
- data/lib/rex/post/meterpreter/extensions/stdapi/tlv.rb +0 -211
- data/lib/rex/post/meterpreter/extensions/stdapi/ui.rb +0 -227
- data/lib/rex/post/meterpreter/extensions/stdapi/webcam/webcam.rb +0 -63
- data/lib/rex/post/meterpreter/inbound_packet_handler.rb +0 -30
- data/lib/rex/post/meterpreter/object_aliases.rb +0 -83
- data/lib/rex/post/meterpreter/packet.rb +0 -688
- data/lib/rex/post/meterpreter/packet_dispatcher.rb +0 -431
- data/lib/rex/post/meterpreter/packet_parser.rb +0 -94
- data/lib/rex/post/meterpreter/packet_response_waiter.rb +0 -83
- data/lib/rex/post/meterpreter/ui/console.rb +0 -137
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher.rb +0 -62
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/core.rb +0 -730
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/espia.rb +0 -108
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/incognito.rb +0 -241
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/networkpug.rb +0 -231
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv.rb +0 -61
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/elevate.rb +0 -98
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/passwd.rb +0 -51
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/priv/timestomp.rb +0 -132
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/sniffer.rb +0 -187
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi.rb +0 -65
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/fs.rb +0 -442
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/net.rb +0 -298
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/sys.rb +0 -486
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/ui.rb +0 -315
- data/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/webcam.rb +0 -157
- data/lib/rex/post/meterpreter/ui/console/interactive_channel.rb +0 -95
- data/lib/rex/post/permission.rb +0 -26
- data/lib/rex/post/process.rb +0 -57
- data/lib/rex/post/thread.rb +0 -57
- data/lib/rex/post/ui.rb +0 -52
- data/lib/rex/proto.rb +0 -13
- data/lib/rex/proto.rb.ts.rb +0 -8
- data/lib/rex/proto/dcerpc.rb +0 -6
- data/lib/rex/proto/dcerpc.rb.ts.rb +0 -9
- data/lib/rex/proto/dcerpc/client.rb +0 -361
- data/lib/rex/proto/dcerpc/client.rb.ut.rb +0 -491
- data/lib/rex/proto/dcerpc/exceptions.rb +0 -150
- data/lib/rex/proto/dcerpc/handle.rb +0 -47
- data/lib/rex/proto/dcerpc/handle.rb.ut.rb +0 -85
- data/lib/rex/proto/dcerpc/ndr.rb +0 -72
- data/lib/rex/proto/dcerpc/ndr.rb.ut.rb +0 -41
- data/lib/rex/proto/dcerpc/packet.rb +0 -253
- data/lib/rex/proto/dcerpc/packet.rb.ut.rb +0 -56
- data/lib/rex/proto/dcerpc/response.rb +0 -187
- data/lib/rex/proto/dcerpc/response.rb.ut.rb +0 -15
- data/lib/rex/proto/dcerpc/uuid.rb +0 -84
- data/lib/rex/proto/dcerpc/uuid.rb.ut.rb +0 -46
- data/lib/rex/proto/dhcp.rb +0 -7
- data/lib/rex/proto/dhcp/constants.rb +0 -33
- data/lib/rex/proto/dhcp/server.rb +0 -292
- data/lib/rex/proto/drda.rb +0 -5
- data/lib/rex/proto/drda.rb.ts.rb +0 -17
- data/lib/rex/proto/drda/constants.rb +0 -49
- data/lib/rex/proto/drda/constants.rb.ut.rb +0 -23
- data/lib/rex/proto/drda/packet.rb +0 -252
- data/lib/rex/proto/drda/packet.rb.ut.rb +0 -109
- data/lib/rex/proto/drda/utils.rb +0 -123
- data/lib/rex/proto/drda/utils.rb.ut.rb +0 -84
- data/lib/rex/proto/http.rb +0 -5
- data/lib/rex/proto/http.rb.ts.rb +0 -12
- data/lib/rex/proto/http/client.rb +0 -821
- data/lib/rex/proto/http/client.rb.ut.rb +0 -95
- data/lib/rex/proto/http/handler.rb +0 -46
- data/lib/rex/proto/http/handler/erb.rb +0 -128
- data/lib/rex/proto/http/handler/erb.rb.ut.rb +0 -21
- data/lib/rex/proto/http/handler/erb.rb.ut.rb.rhtml +0 -1
- data/lib/rex/proto/http/handler/proc.rb +0 -60
- data/lib/rex/proto/http/handler/proc.rb.ut.rb +0 -24
- data/lib/rex/proto/http/header.rb +0 -161
- data/lib/rex/proto/http/header.rb.ut.rb +0 -46
- data/lib/rex/proto/http/packet.rb +0 -407
- data/lib/rex/proto/http/packet.rb.ut.rb +0 -165
- data/lib/rex/proto/http/request.rb +0 -356
- data/lib/rex/proto/http/request.rb.ut.rb +0 -214
- data/lib/rex/proto/http/response.rb +0 -90
- data/lib/rex/proto/http/response.rb.ut.rb +0 -149
- data/lib/rex/proto/http/server.rb +0 -369
- data/lib/rex/proto/http/server.rb.ut.rb +0 -79
- data/lib/rex/proto/ntlm.rb +0 -7
- data/lib/rex/proto/ntlm.rb.ut.rb +0 -177
- data/lib/rex/proto/ntlm/base.rb +0 -326
- data/lib/rex/proto/ntlm/constants.rb +0 -74
- data/lib/rex/proto/ntlm/crypt.rb +0 -415
- data/lib/rex/proto/ntlm/exceptions.rb +0 -9
- data/lib/rex/proto/ntlm/message.rb +0 -533
- data/lib/rex/proto/ntlm/utils.rb +0 -763
- data/lib/rex/proto/proxy/socks4a.rb +0 -440
- data/lib/rex/proto/rfb.rb +0 -19
- data/lib/rex/proto/rfb.rb.ut.rb +0 -37
- data/lib/rex/proto/rfb/cipher.rb +0 -84
- data/lib/rex/proto/rfb/client.rb +0 -207
- data/lib/rex/proto/rfb/constants.rb +0 -52
- data/lib/rex/proto/smb.rb +0 -7
- data/lib/rex/proto/smb.rb.ts.rb +0 -8
- data/lib/rex/proto/smb/client.rb +0 -1952
- data/lib/rex/proto/smb/client.rb.ut.rb +0 -223
- data/lib/rex/proto/smb/constants.rb +0 -1047
- data/lib/rex/proto/smb/constants.rb.ut.rb +0 -18
- data/lib/rex/proto/smb/crypt.rb +0 -36
- data/lib/rex/proto/smb/evasions.rb +0 -66
- data/lib/rex/proto/smb/exceptions.rb +0 -858
- data/lib/rex/proto/smb/simpleclient.rb +0 -306
- data/lib/rex/proto/smb/simpleclient.rb.ut.rb +0 -128
- data/lib/rex/proto/smb/utils.rb +0 -103
- data/lib/rex/proto/smb/utils.rb.ut.rb +0 -20
- data/lib/rex/proto/sunrpc.rb +0 -1
- data/lib/rex/proto/sunrpc/client.rb +0 -195
- data/lib/rex/proto/tftp.rb +0 -12
- data/lib/rex/proto/tftp/constants.rb +0 -39
- data/lib/rex/proto/tftp/server.rb +0 -497
- data/lib/rex/proto/tftp/server.rb.ut.rb +0 -28
- data/lib/rex/script.rb +0 -42
- data/lib/rex/script/base.rb +0 -59
- data/lib/rex/script/meterpreter.rb +0 -15
- data/lib/rex/script/shell.rb +0 -9
- data/lib/rex/service.rb +0 -48
- data/lib/rex/service_manager.rb +0 -141
- data/lib/rex/service_manager.rb.ut.rb +0 -32
- data/lib/rex/services/local_relay.rb +0 -423
- data/lib/rex/socket.rb +0 -684
- data/lib/rex/socket.rb.ut.rb +0 -107
- data/lib/rex/socket/comm.rb +0 -119
- data/lib/rex/socket/comm/local.rb +0 -412
- data/lib/rex/socket/comm/local.rb.ut.rb +0 -75
- data/lib/rex/socket/ip.rb +0 -130
- data/lib/rex/socket/parameters.rb +0 -345
- data/lib/rex/socket/parameters.rb.ut.rb +0 -51
- data/lib/rex/socket/range_walker.rb +0 -346
- data/lib/rex/socket/range_walker.rb.ut.rb +0 -55
- data/lib/rex/socket/ssl_tcp.rb +0 -184
- data/lib/rex/socket/ssl_tcp.rb.ut.rb +0 -39
- data/lib/rex/socket/ssl_tcp_server.rb +0 -122
- data/lib/rex/socket/ssl_tcp_server.rb.ut.rb +0 -61
- data/lib/rex/socket/subnet_walker.rb +0 -75
- data/lib/rex/socket/subnet_walker.rb.ut.rb +0 -28
- data/lib/rex/socket/switch_board.rb +0 -278
- data/lib/rex/socket/switch_board.rb.ut.rb +0 -52
- data/lib/rex/socket/tcp.rb +0 -76
- data/lib/rex/socket/tcp.rb.ut.rb +0 -64
- data/lib/rex/socket/tcp_server.rb +0 -67
- data/lib/rex/socket/tcp_server.rb.ut.rb +0 -44
- data/lib/rex/socket/udp.rb +0 -164
- data/lib/rex/socket/udp.rb.ut.rb +0 -44
- data/lib/rex/struct2.rb +0 -5
- data/lib/rex/struct2/c_struct.rb +0 -181
- data/lib/rex/struct2/c_struct_template.rb +0 -39
- data/lib/rex/struct2/constant.rb +0 -26
- data/lib/rex/struct2/element.rb +0 -44
- data/lib/rex/struct2/generic.rb +0 -73
- data/lib/rex/struct2/restraint.rb +0 -54
- data/lib/rex/struct2/s_string.rb +0 -72
- data/lib/rex/struct2/s_struct.rb +0 -111
- data/lib/rex/sync.rb +0 -6
- data/lib/rex/sync/event.rb +0 -94
- data/lib/rex/sync/read_write_lock.rb +0 -176
- data/lib/rex/sync/ref.rb +0 -57
- data/lib/rex/sync/thread_safe.rb +0 -82
- data/lib/rex/test.rb +0 -35
- data/lib/rex/text.rb +0 -1149
- data/lib/rex/text.rb.ut.rb +0 -190
- data/lib/rex/thread_factory.rb +0 -42
- data/lib/rex/time.rb +0 -65
- data/lib/rex/transformer.rb +0 -115
- data/lib/rex/transformer.rb.ut.rb +0 -38
- data/lib/rex/ui.rb +0 -21
- data/lib/rex/ui/interactive.rb +0 -254
- data/lib/rex/ui/output.rb +0 -78
- data/lib/rex/ui/output/none.rb +0 -18
- data/lib/rex/ui/progress_tracker.rb +0 -96
- data/lib/rex/ui/subscriber.rb +0 -149
- data/lib/rex/ui/text/color.rb +0 -97
- data/lib/rex/ui/text/color.rb.ut.rb +0 -18
- data/lib/rex/ui/text/dispatcher_shell.rb +0 -467
- data/lib/rex/ui/text/input.rb +0 -117
- data/lib/rex/ui/text/input/buffer.rb +0 -75
- data/lib/rex/ui/text/input/readline.rb +0 -129
- data/lib/rex/ui/text/input/socket.rb +0 -95
- data/lib/rex/ui/text/input/stdio.rb +0 -45
- data/lib/rex/ui/text/irb_shell.rb +0 -57
- data/lib/rex/ui/text/output.rb +0 -80
- data/lib/rex/ui/text/output/buffer.rb +0 -61
- data/lib/rex/ui/text/output/file.rb +0 -43
- data/lib/rex/ui/text/output/socket.rb +0 -43
- data/lib/rex/ui/text/output/stdio.rb +0 -40
- data/lib/rex/ui/text/progress_tracker.rb +0 -56
- data/lib/rex/ui/text/progress_tracker.rb.ut.rb +0 -34
- data/lib/rex/ui/text/shell.rb +0 -328
- data/lib/rex/ui/text/table.rb +0 -279
- data/lib/rex/ui/text/table.rb.ut.rb +0 -55
- data/lib/rex/zip.rb +0 -93
- data/lib/rex/zip/archive.rb +0 -184
- data/lib/rex/zip/blocks.rb +0 -182
- data/lib/rex/zip/entry.rb +0 -104
- data/lib/rex/zip/samples/comment.rb +0 -32
- data/lib/rex/zip/samples/mkwar.rb +0 -138
- data/lib/rex/zip/samples/mkzip.rb +0 -19
- data/lib/rex/zip/samples/recursive.rb +0 -58
@@ -1,165 +0,0 @@
|
|
1
|
-
#!/usr/bin/env ruby
|
2
|
-
|
3
|
-
$:.unshift(File.join(File.dirname(__FILE__), '..', '..', '..'))
|
4
|
-
|
5
|
-
require 'test/unit'
|
6
|
-
require 'rex/proto/http'
|
7
|
-
|
8
|
-
class Rex::Proto::Http::Packet::UnitTest < Test::Unit::TestCase
|
9
|
-
|
10
|
-
Klass = Rex::Proto::Http::Packet
|
11
|
-
|
12
|
-
def test_junk_headers
|
13
|
-
srand(0)
|
14
|
-
h = Klass.new
|
15
|
-
h.headers.cmd_string = "GET / HTTP/1.0\r\n"
|
16
|
-
h.headers['TestMe'] = 'bob'
|
17
|
-
h.headers.junk_headers = 1
|
18
|
-
expected = "GET / HTTP/1.0\r\nX-v1AD7DnJTVykXGYYM: BmnXuYRlZNIJUzQzFPvASjYxzdTTOngBJ5gfK0XjLy3ciAAk1Fmo0RPEpq6f4BBnp5jm3LuSbAOj1M5qULEGEv0DMk0oOPUj6XPN1VwxFpjAfFeAxykiwdDiqNwnVJAKyr6X7C5ije7DSujURybOp6BkKWroLCzQg2AmTuqz48oNeY9CDeirNwoITfIaC40Ds9OgEDtL8WN5tL4QYdVuZQ85219Thogk775GVfNH4YPpSo2PLmvd5Bf2sY9YDSvDqMmjW9FXrgLoUK2rl9cvoCbTZX1zuU1dDjnJJpXDuaysDfJKbtHn9VhsiiY\r\nX-FokALi: 1QI9BRwj4bo0kwZDn8jyedxhSRdU9CFlMs19CvbVnnLWeRGHScrTxpduVJZygbJcrRp6AWQqkeY0DzI4bd7uXgTIHXN6R403ALckZgqOWcUSEWj6THI9NFAIPP1LEnctaK0uxbzjpS1ize16r388StXBGq1we7Qa8j6xqJsN5GmnIN4HQ4W4PZIjGRHUZC8Q4ytXYE\r\nX-sxXe2ZUhl: Xbdhz13zW2HpxJ2AT4kRU1wDqBUkEQwvKtoebrfUGJ8bvjTMSxKihrDMk6BxAnY6kjFGDi5o8hcEag4tzJ1FhH9eI2UHDVbsDmUHTfAFbreJTHVlcIruAozmZKzi7XgTaOgzGhs75ytpE5dbRjCUt5P3kpExyNetXijJa3a2WMPiazmuQ98v6oAKLNHeGt1ePpm1rSHcBpCycOlb2kfdy8udyhMgpQCIz9Kwab44BAFYiPD8ulrTYGUGczGCccml7FtJk2NV7fRjtz6IZVtlWQZu3lBFGMaK72OIHtFv7qDKy5bZD9OSF6ERFeYDFok6x3YhShOxH1ruw0hRdM2u2gizX8Zuyr0puAM2JSEHDwMl0twtSzxHaxudDKUqB3UQqycaX0wCmJC0spZ81kaEpKMohlng6hajZyYSUecISZYnq7cYSDsTt2AKDGbj5GTiyymUr2AktpChMP2hXMFmBKG9GmmLyVyyzCMdJzIF01rBrPMvMV4SZNecspVGkwoaeFPll7xfgwQgKMdAdanWTFkTkFcMaxTMmH0QdAXPK8D9DQwJU0l44wR15JsPmOhEQkHXbuH9Wie2QbvvyLXOneai2RjHt7wlE1NlTrIgRF8kB9dFQm4oWeTEUqK7DW8l6dpo8Rzo7qedheulYQjnd8BXIAXlvaZZGY3PlpRQwruF2TvWtLLhH3awHv\r\nX-gkSXVCIKFmmkB17kFFmjYxPUyJ3: xYeCTDNLNkRaGviVUq65RlZ0V3kEviLihuTwLhZhftGZYtmzQXaDau6dCF5HPOj0n2Hzm5zd3xLDN63Y784E1zW5dmLOSZsDlHdOLJLQ87n7BS1cAVYJISLc1zR3PDqYVc6VO\r\nX-BMLZnLatiBQBQhhsmoIN: TygXEfWAlfPTPz5MtK0pQGVeDQABygr7SS5WPPcHbY56YMNSOOUH3sr1bsP9XLNdfuSEcBxxX5QpawCvRUmAGsWPKiom2Vi1gqsjp5nb7wK\r\nX-RDleXdm7e: Cd8Hz0JXAwRozVeaPwRKRDnJdDHQiE9akGgR321l3bzO7WfI4dcfi6RcvQI73sHMgUrLdoAUtcNlv9nyEuM53lwEpkQSle1ujwAx5JyhwxMG8zkjmkeyTmsjOdz84RDdbDh1z2bk4VnqKdxd96YyQAki7NB7CCT06MenVNxazMxABkKqgc6CcBNTvRkH1GJPSd18qSCdRj4T\r\nX-XMjt4CUDRsmqKlqovbEzW: jeHYYvPKTNn4lnSH8Ygsn0ov0kqQ0aoQugeUXPsT33ibtiRXbNwXeF5nhxic0BEVI8yh2jwjZFBjHBBHZkNsybgrTitkQwq5rDITuA0UgirFVYC99HsLzc2fBQySOVvvFhqCbo3TPHsdjhwxQ4Y6Fz69qTRtgWhmJFM9q3Q7RE8ZOt91RdGcKFkkU3yyW1Kr7e7Ozw494BoHFP3p0gXOidzZ1EA7aUF6YRE4gxRIJkfeJswjgO9Xg4crhyusIl4CRPDVwydl4WSH3xa4EtZa8zvTOS5gbkmUsDSNzxfhSMvbniHetQBYQtblyYwMEwzuoOxKbOmNEWPdOqZLfbWurU39CZ94Af4uGSWu7ZNMlTf3c74Too5Zvdc0qKURAnmiBwWt6xWncBVCgyGmj1kXz6SmZuPxbVBJzRLA3D592kUTvFU9EpQQ5FgWDIcpKmcfsLibxHnm36FJYMoh7OtPEW0CHtIFnPPpZWZZTdJL9janSIBjyxu3KKYfrbNO3FXqnxlmL14rYRVeSZdlxoxqfnL41OgB51Bk6ZMIyMYTDKH0cOIujjRX911MtH6vuneTqtyBrSO7Zl44IyiaLsLokxMRfKwKLdiKMxnwKC5vLuz0p6bDQANmEDTRQHYLW8bCIIZm0hYVEfzLlHW8q7f2JzzSXTZ5FZtvYz7sa4\r\nX-r5geOHg9B2v8t2raPEKVnqreWA: 6Mbr29vWf0iiqE6kTsRwvGGwJcN4JVCJu4kc0AK8NrClHXeRDviQzSy9qScj1axnquFcrTKKJbjLgmfzWb5Vh9spzrjp6X9o0X6Ipt8vPkBelqATGdDfdQDa9GplLR39rDUb3cOOQj1mrbmXU7XigBWV5EtonYWR0aIFhW6SKdLeH6eqVHZs22TZt5qD0UxT5lh8sZH8lU6iQtonhhBJXEYGhy8Y90735Kdv4cYDSVGUV3baZAuD1lH4QLLsC2FR69OFORpuseiDAdsssz9ARdbiyzk7Ve4lRmPBPpWtRs1WNyvCLJyo2zvEKxG2sIIIslSCFd5lkqdbR6LxIYDwL5yP5D2k8nVd1D4L3PtaPhL3Fe6E7glr98td6bnbdILhOmLK2ZgyoGeW7LjUEEx0d9bvToaaJyfeRH4zjJcvw3H1D7HIlFh3cumxI6BCQ9CLfKUkO40HdFOyuPzgX5bGJ4BLX8Go8kMjF6MSABUNawrVONoDpRFabrtpNtw46RWfZcNHaRErve9c5I6bGH134a7LldxUd3493cX5JAmTHymD8el4pF7Qa9fGZLRffUan1yKmE7nPNjm7LnLw2k\r\nX-Lzi6QcJlIRwscZe7l77e576: MBbKD9Qb8GAHZD740ksVx2IvmqhkEbNNpIGeMiDoQFo3d1WlX76kr7iGGYMRfwlAKxsEf8KdhpwNTpMszrQ4ylOkyEyvAxlLsFouQQKFXvDmwSeQfqvVh3KsfTCTfyTnn9hs0s2e6nMQQGEtU6eM71haSG4CauZNb5ltVr4F5xZM0Gv9JKIaQfelmw8GwG3BvB9VuAWkaUUnixu9ebkJI0UXwn7rqN4v5JbaliGptlG6VDLqLdOTarQj0RQK58JjZazPbEmVnx1XsmrrWcu\r\nX-GNNRo9eESwCbIrPz: veNcuOyuthE0K0SkI36JuNMdOoNJu8MldtLspxY7IP2gsQyzsyxLPZVWRc6bsIbcnrnje0p2J20rRyQAaH2S6L56MNIoSRqsiLXGOu2yrBOlG5vsJDJ707ieBmOQeyNWujXldtqaSWGKrBJawPRTTBbzkjJpN1GYK5rlFo0POVAjhOGY2DElofbypDipNxRqotKmqDb8PyikqnysU0ZLsRFT\r\nX-EfdqybgrpSdN: sJ2IZhRxvQxHeQW7lJuMY91W4OthEF9MpMAFWphxzBKG6QHbmrUpSzqGmixKnoobe7ki7Zb46fwrDAl3nMULM4ybv5VsMvRnfvd3BlAXNIU1SQNIGbljoaeM5tQ6XyqI32Q19SKPm9YkvADaUvvhYSoJIHcvpTWD3O3CXrYUj6ugiqclkS3qjnjBdUljuibx7OqebzEEGppDnskbNsAKdOAAg0LdFF5eSqQ3RLJJaMAnc2NX65wbrZUvMYFiM7rP7VkxsMwiFU8fiXTVv6GEJYvgKabQiW9ccxOlZFCjLzNj4feFdb51B9oacnnhpvtg5E2ALzjEaPxcqQ0G4fC8RyBghmEeE7PV5zmKQCu9uugnX9BkZIvbAjav0qWfBdDDi0kquUpFYT2lDTXweeZHqMEwbMvK8r1uKzrGHAzigXAHeSgCmMA8IDNaDmGGU6CVv06uSQ5rhqFdPZt1Yk85A9NMGxxDgzxjNLREXvKm01mwkdZjHAAIDGl8HzNS4RDIvr9DsL1xyKrPbmjS91jVc7hZKB6VZK4pNzCSUHo4VluTa3GAI8V7vlDuopc53knBz9tF6bfoJ14HjvFpc26VLDSjupRvb2vJTHHlrsuuihK3FcugTnefvvBgox3t3u2AlVWbFtjtj8oDcb7JrDrLzWqqEd8sCeFvMRP4pYVoD8uwfGzhvLnID3r2np2ZtGHodFmDHyrXYydzR4rhwOqqQv1Bq1Az4PQIpU92rZA7xnCGDeNU0LLFwQNIbGs2qEopP8AnlGzd6vZMA0yxc6HBswyHoao9wuWOfV0HkQGqUmEQiv47vOvnPYOK2EUpo0L81dD0sa8bC8C9Xtc51Sv7BEkRYZrMiV4yJkrpGRf6yvsGyQecLgmZmdCTMSApWRqEESFOKydTiDIaSEHqdjPutD6DGClY37jDHbyCwHKt7w5F0oW0rBGcFoKHdkSv87Cpdgx80ZkTg1ba44ctXSFBViBdtiOqeJ2bHMdkmcxVXlUNtoyp2BI\r\nContent-Length: 0\r\nTestMe: bob\r\n\r\n"
|
19
|
-
assert_equal(expected, h.to_s, 'junk headers')
|
20
|
-
h.headers.cmd_string = "HTTP/1.0 OK\r\n"
|
21
|
-
h.headers.fold = 1
|
22
|
-
expected = "HTTP/1.0 OK\r\nX-nsJxRxZX5o5zKaNf8VhtBgr3Gieuamk:\r\n\twM0v0nww3ZA8mepvkmcqXPmmWwHlyCNUudg03Tss4WWsl8i92mVcwi9B2tuR0irNRfVitBFvymfcm6ywElHD2VV5aCcvglhj6gnRJjsWFWJ2B9rFqEH2Tyzm13NLXm21Lo1fD39CHCZuFQyIR4ycO4GN4cDs7mvEALmGzU4GQAD7Fv9n7QZ5ebLoAhZ0Owi0oyyr3mTqimVUajbDZ8HEE1JEhxKX5wgNVcXwF9CAJHdVQOTlaMPTSqCQ4LjJ5JeWqUpTEuPhAvPNJxqKxninwssqBIALaerqTVvB68ScL7x0nJYEa0r2VOdBOAPhg9zlFe2pvy6J1HeVepIBtVI5tx0AbywZdHafO5TIndXNoBZYepQ8LnHmVYlr7kgJxoQj3Dnl6Do6jBDLDu7MgnyA22vXH7BiN4eVRXjhGYi3o5mJYdFwwZEumA7OJkvycPCkHRfrpPc202q4fW5yX8EARGELgQC6Knm28n93AJLs0RkpvFpwmkE7xLndrtLqgBsviqqsKq8ounPtaposwQrcAs9CW8YsTeNHTj11dUIKpiu9L9I13V0EvH44VWGTrGg7lWpV0LrDgdVRFvbBhorn5rzleS2P8ztodE4w4qUQ1VCUt4YrUtPhYYob9DTMysKJc1ufXNFtoHpuQynjqc\r\nX-RlBRei0DhrZBi4xnoSp2VvcBpm:\r\n\tPcZ7y1WbNhO1IEu2VtcWOAyl2yJh0oozHady5RKrhBm9TdGFEC3ooQHoYX06WpG4OznYfUSjgUYgbs6kSWifyS8OHLK56mpWAiRq0GDo7bMnVZAri9BwrlurZXqzE0HdBXXYZFWxQfwAyDhfG0AIYGLE1lH3ZzqFlE8q5MQ5FNLWqnAYwb3eYcYe50ug9ujWvIDk0O8k7R7TYYjyBMUHWs4PghNBDn4kmb6itmvZQwyJZAP1Qq9kHXxomtlxlEiW86xe7hbHNZlfk6xv1nISUZndCoyRonhDa1vYxez5BqSHrF6olTiVkYeBAYtv4EAk8y3UEF9OWPTM9ng5eUU6FKYLV8GB0NPvrVDdJ2Y3k8634xUl19uToDlDUmehZps3WlC5buzl64c8j\r\nX-hZ2KnIRZHzdnpUhx48KM:\r\n\tCgY1FTARXuU6kkMskPl2Yt0U68HuXUFHkvJFZhUAhTJCQX96yZ6qQRo8R69xlpmMGvYhOFJlmLZQT96Xy5wJqppna32qLHbg9eWdgCWvovY2zOCDhqkAYym3M9PaX4dQSth2D6mH5UwYC8KziYAGNmZbvFt9pXz2YNVNC4pB6t0A58OkHwJsxEQQ5QDo2Cg5GVcWb5xEEfCZeLKCLMUJ6jzGfbKwIZlPaFSAkglSNTCv5opAmAJxDFR8StLA1mspRsSGP28nAlkHtLEGm8oGQiQg4ckgxwIVyYQVKgI7lGaqb6tZUUNiEwOYBnrNkhMQ5Fh7fIh2AgfCqbQXCHltUAHZYBjeiciVXRFDZV7G9TWXVMW8KOs5pFn1zK9aaTu0QBTOJs8jjIa4zotN9Zs0OwN6Gr8ImzOucdfeIrC4P44cilqmlYFO4iLQfyM67A9i5A45QEkDFe7yqUwtPlp1cb377t39hLbiYNHYBjSuo3BqbPPpNG6gc40GOfGh66uazg87ufHxnBFlbmtXMJddNXYJEl4LW8Yloo01iuh6NhHMJudM\r\nX-w2ji68BRrw3J359QDpWvUYh76UVk:\r\n\tMaC66WuT5SifDAbwuW0D8gLwYcoJCO70KEJtar9Ilois2mbw66x1Tjk8KxSEYPxeNzQ3otL9iRGYddCL6uoRnJraU5EqC0nT0HfgE0bYq3Is1ambirMvIo4tgAvRMQ14LPczAuck8SRZoZEKhWhuSjwUF6jvNoneLI5aofaylT38fGzlLPs1EjyRsZ26MAgGjpoT7jdqXZU7sImWny1PELaLaMcAF5mNW77Y9aFSsucDXJzFahBgU59vbqMftb6DzUKzJFN8oR6tZDA2O0OXGPF2AnH9Rg6dfPLrfSrmWH0jTFxArBy186O05SpGkrxgLX7YyI1TCycm4urh0NthKzX9NzueArHDuAfIDLXUBGu8Eqj8vWemL0i3DxqAGhdVO0WbDxenuXYrNggy2xZJlsRXj75jiUFUGIA9sZmHJ6GdFkdnTvWDH4dUISWWVun4i8iQNc47Nh6aN59K6XVbt38VfmSb9aXHNUejKjFlWhSAfsetCVSQjMI8a8jJfsxrvAt82Ucmkehjp2auSYYOcypTCqx6dBV2R3ZO5WPySL2YFrG9p8rvMMtlSJI1oIAgM0U571yPX2sRXJtigpG3bjTmBhlhhDWl6yhDNiPrhepcJLZw85J8gVkLj45sCgck4Kjd9rpXldh9jqQUhDftkIYZZlKgDVoNgqFVoNbiA35snwvz7Rg4gLqGShz0FR2KMpRfDoiqeGAEEsAzjWendWXxa24LCVMQCbM155pjA9NlS\r\nX-KTsbJwm6:\r\n\tvmxmFWMC7AxYqdcgEIStcHIQWqPUwVXhCwaLYPvZFW2zidMs68UuhLueu4LGfipVKbRm5GL9wdNuT5H5QGoPCKpqodKKfR7jkk9RxVbZv2Ih6vJLwvcQwCIh7wOoBufWtAMo4Acf8c845Tzgqr3EyRdmaZSzUv5pHicgxmMYuuHJ8nthej8inCd4nWj1AaE1rvJGdFB8WadFQasaOYITd37LuVC95a1wrE5WSmBE9nTbHw1diY5MFsNwmPAxzEtWe9g3ftkD8jTiRsD8IBPpI40WKsMDWMZ1aopA37m0bokVVGMHD4Kb5xxYxuJsskIJjBmUtZsZFAn6GGnyRLRle5yxJMRkgD52M1vl0Hu9FRSSRhKxJaEoZylHhR8vnwRmIm6X3ilbECtxZGKTtPU1P2jvHo8kxcsuJkXjcSOnUkIwnN3roV7v9ggeJb9c4rXc4CUWgH4VUTZvlYT3qNsbWbD5hdVCmYRNJpZlOdvH6bcWEDYna6J7p03HULGctCn56bfjMAXF3AjKdRwoS70v9KTlN5DkDjH2KUcIIRR8Ffd7Q50WjyjQ1bgvCLSYYAt8IXB7dvmmsyyRT9ZF7uVihmybplx8ETzhVEzZ9zH4kzf99vC5ZM0959Fje00JxzR4dL9ir46rh6cWZbRhh0ZU7HAMxHsXmC7JeyaMSnxd6um3GC8xN4zQfIpnfZSTcB5azeV0Lji92A5Yugo6Edz240S0lnCzhZbtWqxG1dgnXlKJBADZ9oMDibxBImhrfdw88tNOcQjYtGS4h\r\nX-IOSp7nYMJwhxhyYPunG9RIvBHUoI0A3pC:\r\n\tW8KeIV35tDFbaMAD9rgoUOYDgJGD6cDPg\r\nX-sc1yFBRvIJ0:\r\n\twpYEHFnUDBJaBowmuVMGgqUMWUthgJ7kDpIczNXHzMCktNXn752JnPLJBaLfw6LB5IZ4ehsXUxIAiemUlW9qwWpUrHB4teMF4VFQrXolvwnomr6wAJ8P0s1EcxjUGpfZQEuNhRvBZvWqWRDTud2EUtesPh8ETl0ARRxnoSFiD6A3jZUdBOsmEGRd94BQCOqxYF5VIIhFg1ArzGOlcQ1d0Sd46lDqKpnggcOfi9ljDNSR9iiTyELVDxiTaIpOjMRqXRgxLoCwWEpqP78RnNfj8xD6tZzcSsfXuKNNNTBDMIzK9G0f3rfVNHtcSd9ayPuBtzZS1nwtWbLsmxAJWF9XGWXB33afT9ZoHL753R2oALkjN8ImKZpJ2UE7nQSuOXu0j7weDKgVp6uhShzM0CZqezcpRO78NhW09YeKDfxgNxnAuYUrpabXaJhapvfofIxkReB6d1QUI3kd7rsPNZlQyLuChcapBaITb5jWZYsUk1YeM03q4cyEBFsV6xYI4s6w6egVD51URRLS5j6VtrizhJbXpz7kwhLtIrudhvOeufXrVCakuJB4DRBweihvwK5GFqGpmF8e7IR3WDPmu0eGdWKcHbwTCzHMzTzeebPvX6eTINmmCqzEmF71uyhYscV9sOy0EpRPZkMm7deiTqTfpkpLHFNiuggcMdzKq3Jzx7TWXe80Nyf68QSBPgOJGzvDG2PdVzK6NbaapE7dwc98Pu5bogtxOEZgMsp7q0N0y4yxFXl0ec2VTY5vXtKegVo2eGZF3fvubZhbQQPei7FIQmzncFATX8e0umoiRPKSobz8qmOvR83psDw1ZYsfX9PV8dWYDJmAPspOFR6pDwTSrxxBHIf8OOUSvjsonfBa5Ympf4Lw7jLxvxxyvytdky5Kqa8L5pH90gbH3U\r\nContent-Length:\r\n\t0\r\nTestMe:\r\n\tbob\r\n\r\n"
|
23
|
-
assert_equal(expected, h.to_s, 'junk headers')
|
24
|
-
end
|
25
|
-
|
26
|
-
def test_pipeline
|
27
|
-
req_normalized =
|
28
|
-
"GET / HTTP/1.0\r\n" +
|
29
|
-
"Foo: Bar\r\n" +
|
30
|
-
"Content-Length: 10\r\n" +
|
31
|
-
"\r\n" +
|
32
|
-
"Super body"
|
33
|
-
|
34
|
-
req = req_normalized + req_normalized
|
35
|
-
|
36
|
-
req_base = req.dup
|
37
|
-
req_fold = req.gsub(/:/, ':' + Rex::Text.rand_base(rand(10) + 1,'',"\s","\t") + "\r\n" + Rex::Text.rand_base(rand(10) + 1,'',"\s","\t"))
|
38
|
-
req_nocr = req.gsub(/\r\n/, "\n")
|
39
|
-
req_junk = req + "junk"
|
40
|
-
|
41
|
-
{ 'base' => req_base, 'fold' => req_fold, 'no cr' => req_nocr, 'extra junk' => req_junk }.each_pair { |name, test|
|
42
|
-
h = Klass.new
|
43
|
-
h.auto_cl = false
|
44
|
-
assert_equal(Klass::ParseCode::Completed, h.parse(test), "parse #{name}")
|
45
|
-
assert_equal(req_normalized, h.to_s, "to string #{name}")
|
46
|
-
assert_equal(true, h.completed?, "completed parsing #{name}")
|
47
|
-
assert_equal('Bar', h.headers['Foo'], "first header #{name}")
|
48
|
-
assert_equal('10', h.headers['Content-Length'], "second header #{name}")
|
49
|
-
assert_equal("Super body", h.body, "body #{name}")
|
50
|
-
}
|
51
|
-
end
|
52
|
-
|
53
|
-
|
54
|
-
def test_chunked
|
55
|
-
req_start =
|
56
|
-
"GET / HTTP/1.0\r\n" +
|
57
|
-
"Transfer-Encoding: chunked\r\n" +
|
58
|
-
"Foo: Bar\r\n" +
|
59
|
-
"\r\n"
|
60
|
-
|
61
|
-
req_normalized = req_start + "Super body"
|
62
|
-
|
63
|
-
req = req_start + "1\r\nS\r\n1\r\nu\r\n1\r\np\r\n1\r\ne\r\n1\r\nr\r\n1\r\n \r\n1\r\nb\r\n1\r\no\r\n1\r\nd\r\n1\r\ny\r\n0\r\n\r\n"
|
64
|
-
|
65
|
-
req_base = req.dup
|
66
|
-
req_fold = req.gsub(/:/, ':' + Rex::Text.rand_base(rand(10) + 1,'',"\s","\t") + "\r\n" + Rex::Text.rand_base(rand(10) + 1,'',"\s","\t"))
|
67
|
-
req_nocr = req.gsub(/\r\n/, "\n")
|
68
|
-
req_junk = req + "junk"
|
69
|
-
|
70
|
-
{ 'base' => req_base, 'fold' => req_fold, 'no cr' => req_nocr, 'extra junk' => req_junk }.each_pair { |name, test|
|
71
|
-
h = Klass.new
|
72
|
-
h.auto_cl = false
|
73
|
-
assert_equal(Klass::ParseCode::Completed, h.parse(test), "parse #{name}")
|
74
|
-
assert_equal(req_normalized, h.to_s, "to string #{name}")
|
75
|
-
assert_equal(true, h.completed?, "completed parsing #{name}")
|
76
|
-
assert_equal('Bar', h.headers['Foo'], "first header #{name}")
|
77
|
-
assert_equal('chunked', h.headers['Transfer-Encoding'], "second header #{name}")
|
78
|
-
assert_equal("Super body", h.body, "body #{name}")
|
79
|
-
}
|
80
|
-
end
|
81
|
-
|
82
|
-
def test_content_length
|
83
|
-
req =
|
84
|
-
"GET / HTTP/1.0\r\n" +
|
85
|
-
"Foo: Bar\r\n" +
|
86
|
-
"Content-Length: 10\r\n" +
|
87
|
-
"\r\n" +
|
88
|
-
"Super body"
|
89
|
-
|
90
|
-
req_base = req.dup
|
91
|
-
req_fold = req.gsub(/:/, ':' + Rex::Text.rand_base(rand(10) + 1,'',"\s","\t") + "\r\n" + Rex::Text.rand_base(rand(10) + 1,'',"\s","\t"))
|
92
|
-
req_nocr = req.gsub(/\r\n/, "\n")
|
93
|
-
req_junk = req + "junk"
|
94
|
-
|
95
|
-
{ 'base' => req_base, 'fold' => req_fold, 'no cr' => req_nocr, 'extra junk' => req_junk }.each_pair { |name, test|
|
96
|
-
h = Klass.new
|
97
|
-
h.auto_cl = false
|
98
|
-
assert_equal(Klass::ParseCode::Completed, h.parse(test), "parse #{name}")
|
99
|
-
assert_equal(req, h.to_s, "to string #{name}")
|
100
|
-
assert_equal(true, h.completed?, "completed parsing #{name}")
|
101
|
-
assert_equal('Bar', h.headers['Foo'], "first header #{name}")
|
102
|
-
assert_equal('10', h.headers['Content-Length'], "second header #{name}")
|
103
|
-
assert_equal("Super body", h.body, "body #{name}")
|
104
|
-
}
|
105
|
-
end
|
106
|
-
|
107
|
-
def test_parse_connection_close
|
108
|
-
req =
|
109
|
-
"GET / HTTP/1.0\r\n" +
|
110
|
-
"Foo: Bar\r\n" +
|
111
|
-
"Connection: close\r\n" +
|
112
|
-
"\r\n" +
|
113
|
-
"Super body"
|
114
|
-
|
115
|
-
req_base = req.dup
|
116
|
-
req_fold = req.gsub(/:/, ':' + Rex::Text.rand_base(rand(10) + 1,'',"\s","\t") + "\r\n" + Rex::Text.rand_base(rand(10) + 1,'',"\s","\t"))
|
117
|
-
req_nocr = req.gsub(/\r\n/, "\n")
|
118
|
-
|
119
|
-
{ 'base' => req_base, 'fold' => req_fold, 'no cr' => req_nocr }.each_pair { |name, test|
|
120
|
-
h = Klass.new
|
121
|
-
h.auto_cl = false
|
122
|
-
assert_equal(Klass::ParseCode::Completed, h.parse(test), "parse #{name}")
|
123
|
-
assert_equal(req, h.to_s, "to string #{name}")
|
124
|
-
assert_equal(true, h.completed?, "completed parsing #{name}")
|
125
|
-
assert_equal('Bar', h.headers['Foo'], "first header #{name}")
|
126
|
-
assert_equal('close', h.headers['Connection'], "second header #{name}")
|
127
|
-
assert_equal("Super body", h.body, "body #{name}")
|
128
|
-
}
|
129
|
-
end
|
130
|
-
|
131
|
-
def test_to_s
|
132
|
-
h = Klass.new
|
133
|
-
|
134
|
-
h.headers['Foo'] = 'Fishing'
|
135
|
-
h.headers['Chicken'] = 47
|
136
|
-
|
137
|
-
assert_equal(
|
138
|
-
"Foo: Fishing\r\n" +
|
139
|
-
"Content-Length: 0\r\n" +
|
140
|
-
"Chicken: 47\r\n\r\n", h.to_s)
|
141
|
-
end
|
142
|
-
|
143
|
-
def test_from_s
|
144
|
-
h = Klass.new
|
145
|
-
|
146
|
-
h.from_s(
|
147
|
-
"HTTP/1.0 200 OK\r\n" +
|
148
|
-
"Lucifer: Beast\r\n" +
|
149
|
-
"HoHo: Satan\r\n" +
|
150
|
-
"Eat: Babies\r\n" +
|
151
|
-
"\r\n")
|
152
|
-
|
153
|
-
assert_equal('Babies', h['Eat'])
|
154
|
-
h['Eat'] = "fish"
|
155
|
-
assert_equal('fish', h['Eat'])
|
156
|
-
end
|
157
|
-
|
158
|
-
# XXX
|
159
|
-
def test_no_headers
|
160
|
-
h = Klass.new
|
161
|
-
h.from_s("GET / HTTP/1.0\r\n\r\n")
|
162
|
-
assert_equal("GET / HTTP/1.0\r\n", h.headers.cmd_string, 'cmd string')
|
163
|
-
end
|
164
|
-
|
165
|
-
end
|
@@ -1,356 +0,0 @@
|
|
1
|
-
require 'uri'
|
2
|
-
require 'rex/proto/http'
|
3
|
-
|
4
|
-
module Rex
|
5
|
-
module Proto
|
6
|
-
module Http
|
7
|
-
|
8
|
-
###
|
9
|
-
#
|
10
|
-
# HTTP request class.
|
11
|
-
#
|
12
|
-
###
|
13
|
-
class Request < Packet
|
14
|
-
|
15
|
-
PostRequests = ['POST', 'SEARCH']
|
16
|
-
|
17
|
-
##
|
18
|
-
#
|
19
|
-
# Some individual request types.
|
20
|
-
#
|
21
|
-
##
|
22
|
-
|
23
|
-
#
|
24
|
-
# HTTP GET request class wrapper.
|
25
|
-
#
|
26
|
-
class Get < Request
|
27
|
-
def initialize(uri = '/', proto = DefaultProtocol)
|
28
|
-
super('GET', uri, proto)
|
29
|
-
end
|
30
|
-
end
|
31
|
-
|
32
|
-
#
|
33
|
-
# HTTP POST request class wrapper.
|
34
|
-
#
|
35
|
-
class Post < Request
|
36
|
-
def initialize(uri = '/', proto = DefaultProtocol)
|
37
|
-
super('POST', uri, proto)
|
38
|
-
end
|
39
|
-
end
|
40
|
-
|
41
|
-
#
|
42
|
-
# HTTP PUT request class wrapper.
|
43
|
-
#
|
44
|
-
class Put < Request
|
45
|
-
def initialize(uri = '/', proto = DefaultProtocol)
|
46
|
-
super('PUT', uri, proto)
|
47
|
-
end
|
48
|
-
end
|
49
|
-
|
50
|
-
#
|
51
|
-
# Initializes an instance of an HTTP request with the supplied method, URI,
|
52
|
-
# and protocol.
|
53
|
-
#
|
54
|
-
def initialize(method = 'GET', uri = '/', proto = DefaultProtocol)
|
55
|
-
super()
|
56
|
-
|
57
|
-
self.method = method
|
58
|
-
self.raw_uri = uri
|
59
|
-
self.uri_parts = {}
|
60
|
-
self.proto = proto || DefaultProtocol
|
61
|
-
self.chunk_min_size = 1
|
62
|
-
self.chunk_max_size = 10
|
63
|
-
self.uri_encode_mode = 'hex-normal'
|
64
|
-
|
65
|
-
update_uri_parts
|
66
|
-
end
|
67
|
-
|
68
|
-
#
|
69
|
-
# Updates the command parts for this specific packet type.
|
70
|
-
#
|
71
|
-
def update_cmd_parts(str)
|
72
|
-
if (md = str.match(/^(.+?)\s+(.+?)\s+HTTP\/(.+?)\r?\n?$/))
|
73
|
-
self.method = md[1]
|
74
|
-
self.raw_uri = URI.decode(md[2])
|
75
|
-
self.proto = md[3]
|
76
|
-
|
77
|
-
update_uri_parts
|
78
|
-
else
|
79
|
-
raise RuntimeError, "Invalid request command string", caller
|
80
|
-
end
|
81
|
-
end
|
82
|
-
|
83
|
-
#
|
84
|
-
# Split the URI into the resource being requested and its query string.
|
85
|
-
#
|
86
|
-
def update_uri_parts
|
87
|
-
# If it has a query string, get the parts.
|
88
|
-
if ((self.raw_uri) and (md = self.raw_uri.match(/(.+?)\?(.*)$/)))
|
89
|
-
self.uri_parts['QueryString'] = parse_cgi_qstring(md[2])
|
90
|
-
self.uri_parts['Resource'] = md[1]
|
91
|
-
# Otherwise, just assume that the URI is equal to the resource being
|
92
|
-
# requested.
|
93
|
-
else
|
94
|
-
self.uri_parts['QueryString'] = {}
|
95
|
-
self.uri_parts['Resource'] = self.raw_uri
|
96
|
-
end
|
97
|
-
|
98
|
-
self.normalize!(resource)
|
99
|
-
# Set the relative resource to the actual resource.
|
100
|
-
self.relative_resource = resource
|
101
|
-
end
|
102
|
-
|
103
|
-
# normalize out multiple slashes, directory traversal, and self referrential directories
|
104
|
-
def normalize!(str)
|
105
|
-
i = 0
|
106
|
-
while (str.gsub!(/(\/\.\/|\/\w+\/\.\.\/|\/\/)/,'/')); i += 1; end
|
107
|
-
i
|
108
|
-
end
|
109
|
-
|
110
|
-
# Puts a URI back together based on the URI parts
|
111
|
-
def uri
|
112
|
-
str = self.uri_parts['Resource'].dup || '/'
|
113
|
-
|
114
|
-
# /././././
|
115
|
-
if self.junk_self_referring_directories
|
116
|
-
str.gsub!(/\//) {
|
117
|
-
'/.' * (rand(3) + 1) + '/'
|
118
|
-
}
|
119
|
-
end
|
120
|
-
|
121
|
-
# /%3faaa=bbbbb
|
122
|
-
# which could possibly decode to "/?aaa=bbbbb", which if the IDS normalizes first, then splits the URI on ?, then it can be bypassed
|
123
|
-
if self.junk_param_start
|
124
|
-
str.sub!(/\//, '/%3f' + Rex::Text.rand_text_alpha(rand(5) + 1) + '=' + Rex::Text.rand_text_alpha(rand(10) + 1) + '/../')
|
125
|
-
end
|
126
|
-
|
127
|
-
# /RAND/../RAND../
|
128
|
-
if self.junk_directories
|
129
|
-
str.gsub!(/\//) {
|
130
|
-
dirs = ''
|
131
|
-
(rand(5)+5).times {
|
132
|
-
dirs << '/' + Rex::Text.rand_text_alpha(rand(5) + 1) + '/..'
|
133
|
-
}
|
134
|
-
dirs + '/'
|
135
|
-
}
|
136
|
-
end
|
137
|
-
|
138
|
-
# ////
|
139
|
-
#
|
140
|
-
# NOTE: this must be done after all other odd directory junk, since they would cancel this out, except junk_end_of_uri, since that a specific slash in a specific place
|
141
|
-
if self.junk_slashes
|
142
|
-
str.gsub!(/\//) {
|
143
|
-
'/' * (rand(3) + 2)
|
144
|
-
}
|
145
|
-
str.sub!(/^[\/]+/, '/') # only one beginning slash!
|
146
|
-
end
|
147
|
-
|
148
|
-
# /%20HTTP/1.0%0d%0a/../../
|
149
|
-
# which decodes to "/ HTTP/1.0\r\n"
|
150
|
-
if self.junk_end_of_uri
|
151
|
-
str.sub!(/^\//, '/%20HTTP/1.0%0d%0a/../../')
|
152
|
-
end
|
153
|
-
|
154
|
-
Rex::Text.uri_encode(str, self.uri_encode_mode)
|
155
|
-
|
156
|
-
if !PostRequests.include?(self.method)
|
157
|
-
if param_string.size > 0
|
158
|
-
str << '?' + param_string
|
159
|
-
end
|
160
|
-
end
|
161
|
-
str
|
162
|
-
end
|
163
|
-
|
164
|
-
def param_string
|
165
|
-
params=[]
|
166
|
-
self.uri_parts['QueryString'].each_pair { |param, value|
|
167
|
-
# inject a random number of params in between each param
|
168
|
-
if self.junk_params
|
169
|
-
rand(10)+5.times {
|
170
|
-
params.push(Rex::Text.rand_text_alpha(rand(16) + 5) + '=' + Rex::Text.rand_text_alpha(rand(10) + 1))
|
171
|
-
}
|
172
|
-
end
|
173
|
-
if value.kind_of?(Array)
|
174
|
-
value.each { |subvalue|
|
175
|
-
params.push(Rex::Text.uri_encode(param, self.uri_encode_mode) + '=' + Rex::Text.uri_encode(subvalue, self.uri_encode_mode))
|
176
|
-
}
|
177
|
-
else
|
178
|
-
if !value.nil?
|
179
|
-
params.push(Rex::Text.uri_encode(param, self.uri_encode_mode) + '=' + Rex::Text.uri_encode(value, self.uri_encode_mode))
|
180
|
-
else
|
181
|
-
params.push(Rex::Text.uri_encode(param, self.uri_encode_mode))
|
182
|
-
end
|
183
|
-
end
|
184
|
-
}
|
185
|
-
|
186
|
-
# inject some junk params at the end of the param list, just to be sure :P
|
187
|
-
if self.junk_params
|
188
|
-
rand(10)+5.times {
|
189
|
-
params.push(Rex::Text.rand_text_alpha(rand(32) + 5) + '=' + Rex::Text.rand_text_alpha(rand(64) + 5))
|
190
|
-
}
|
191
|
-
end
|
192
|
-
params.join('&')
|
193
|
-
end
|
194
|
-
|
195
|
-
# Updates the underlying URI structure
|
196
|
-
def uri=(str)
|
197
|
-
self.raw_uri = str
|
198
|
-
update_uri_parts
|
199
|
-
end
|
200
|
-
|
201
|
-
# Returns a request packet
|
202
|
-
def to_s
|
203
|
-
str = ''
|
204
|
-
if self.junk_pipeline
|
205
|
-
host = ''
|
206
|
-
if self.headers['Host']
|
207
|
-
host = "Host: #{self.headers['Host']}\r\n"
|
208
|
-
end
|
209
|
-
str << "GET / HTTP/1.1\r\n#{host}Connection: Keep-Alive\r\n\r\n" * self.junk_pipeline
|
210
|
-
self.headers['Connection'] = 'Closed'
|
211
|
-
end
|
212
|
-
str + super
|
213
|
-
end
|
214
|
-
|
215
|
-
def body
|
216
|
-
str = super || ''
|
217
|
-
if str.length > 0
|
218
|
-
return str
|
219
|
-
end
|
220
|
-
|
221
|
-
if PostRequests.include?(self.method)
|
222
|
-
return param_string
|
223
|
-
end
|
224
|
-
''
|
225
|
-
end
|
226
|
-
|
227
|
-
#
|
228
|
-
# Returns the command string derived from the three values.
|
229
|
-
#
|
230
|
-
def cmd_string
|
231
|
-
proto_str = (self.proto =~ /^\d/) ? "HTTP/#{self.proto}" : self.proto
|
232
|
-
|
233
|
-
"#{self.method} #{self.uri} #{proto_str}\r\n"
|
234
|
-
end
|
235
|
-
|
236
|
-
#
|
237
|
-
# Returns the resource that is being requested.
|
238
|
-
#
|
239
|
-
def resource
|
240
|
-
self.uri_parts['Resource']
|
241
|
-
end
|
242
|
-
|
243
|
-
#
|
244
|
-
# Changes the resource URI. This is used when making a request relative to
|
245
|
-
# a given mount point.
|
246
|
-
#
|
247
|
-
def resource=(rsrc)
|
248
|
-
self.uri_parts['Resource'] = rsrc
|
249
|
-
end
|
250
|
-
|
251
|
-
#
|
252
|
-
# If there were CGI parameters in the URI, this will hold a hash of each
|
253
|
-
# variable to value. If there is more than one value for a given variable,
|
254
|
-
# an array of each value is returned.
|
255
|
-
#
|
256
|
-
def qstring
|
257
|
-
self.uri_parts['QueryString']
|
258
|
-
end
|
259
|
-
|
260
|
-
#
|
261
|
-
# Returns a hash of variables that contain information about the request,
|
262
|
-
# such as the remote host information.
|
263
|
-
#
|
264
|
-
# TODO
|
265
|
-
#
|
266
|
-
def meta_vars
|
267
|
-
end
|
268
|
-
|
269
|
-
#
|
270
|
-
# The method being used for the request (e.g. GET).
|
271
|
-
#
|
272
|
-
attr_accessor :method
|
273
|
-
#
|
274
|
-
# The raw URI being requested, before any mucking gets to it
|
275
|
-
#
|
276
|
-
attr_accessor :raw_uri
|
277
|
-
|
278
|
-
#
|
279
|
-
# The split up parts of the URI.
|
280
|
-
#
|
281
|
-
attr_accessor :uri_parts
|
282
|
-
#
|
283
|
-
# The protocol to be sent with the request.
|
284
|
-
#
|
285
|
-
attr_accessor :proto
|
286
|
-
|
287
|
-
#
|
288
|
-
# The resource path relative to the root of a server mount point.
|
289
|
-
#
|
290
|
-
attr_accessor :relative_resource
|
291
|
-
|
292
|
-
# add junk directories
|
293
|
-
attr_accessor :junk_directories
|
294
|
-
|
295
|
-
# add junk slashes
|
296
|
-
attr_accessor :junk_slashes
|
297
|
-
|
298
|
-
# add junk self referring directories (aka /././././)
|
299
|
-
attr_accessor :junk_self_referring_directories
|
300
|
-
|
301
|
-
# add junk params
|
302
|
-
attr_accessor :junk_params
|
303
|
-
|
304
|
-
# add junk pipeline requests
|
305
|
-
attr_accessor :junk_pipeline
|
306
|
-
|
307
|
-
# add junk start of params
|
308
|
-
attr_accessor :junk_param_start
|
309
|
-
|
310
|
-
# add junk end of URI
|
311
|
-
attr_accessor :junk_end_of_uri
|
312
|
-
|
313
|
-
# encoding uri
|
314
|
-
attr_accessor :uri_encode_mode
|
315
|
-
|
316
|
-
|
317
|
-
protected
|
318
|
-
|
319
|
-
#
|
320
|
-
# Parses a CGI query string into the var/val combinations.
|
321
|
-
#
|
322
|
-
def parse_cgi_qstring(str)
|
323
|
-
qstring = {}
|
324
|
-
|
325
|
-
# Delimit on each variable
|
326
|
-
str.split(/[;&]/).each { |vv|
|
327
|
-
var = vv
|
328
|
-
val = ''
|
329
|
-
|
330
|
-
if (md = vv.match(/(.+?)=(.*)/))
|
331
|
-
var = md[1]
|
332
|
-
val = md[2]
|
333
|
-
end
|
334
|
-
|
335
|
-
# Add the item to the hash with logic to convert values to an array
|
336
|
-
# if so desired.
|
337
|
-
if (qstring.include?(var))
|
338
|
-
if (qstring[var].kind_of?(Array))
|
339
|
-
qstring[var] << val
|
340
|
-
else
|
341
|
-
curr = self.qstring[var]
|
342
|
-
qstring[var] = [ curr, val ]
|
343
|
-
end
|
344
|
-
else
|
345
|
-
qstring[var] = val
|
346
|
-
end
|
347
|
-
}
|
348
|
-
|
349
|
-
return qstring
|
350
|
-
end
|
351
|
-
|
352
|
-
end
|
353
|
-
|
354
|
-
end
|
355
|
-
end
|
356
|
-
end
|