Browse Source

Fix #7170, Add HttpTrace option for HttpClient

Fix #7170
wchen-r7 3 years ago
parent
commit
7538b3dcf8
1 changed files with 10 additions and 3 deletions
  1. 10
    3
      lib/msf/core/exploit/http/client.rb

+ 10
- 3
lib/msf/core/exploit/http/client.rb View File

@@ -54,7 +54,8 @@ module Exploit::Remote::HttpClient
54 54
         Opt::SSLVersion,
55 55
         OptBool.new('FingerprintCheck', [ false, 'Conduct a pre-exploit fingerprint verification', true]),
56 56
         OptString.new('DOMAIN', [ true, 'The domain to use for windows authentification', 'WORKSTATION']),
57
-        OptInt.new('HttpClientTimeout', [false, 'HTTP connection and receive timeout'])
57
+        OptInt.new('HttpClientTimeout', [false, 'HTTP connection and receive timeout']),
58
+        OptBool.new('HttpTrace', [false, 'Show the raw HTTP requests and responses', false])
58 59
       ], self.class
59 60
     )
60 61
 
@@ -324,7 +325,10 @@ module Exploit::Remote::HttpClient
324 325
     begin
325 326
       c = connect(opts)
326 327
       r = c.request_raw(opts)
327
-      c.send_recv(r, actual_timeout)
328
+      print_line(r.to_s) if datastore['HttpTrace']
329
+      res = c.send_recv(r, actual_timeout)
330
+      print_line(res.to_s) if datastore['HttpTrace']
331
+      res
328 332
     rescue ::Errno::EPIPE, ::Timeout::Error
329 333
       nil
330 334
     end
@@ -346,7 +350,10 @@ module Exploit::Remote::HttpClient
346 350
     begin
347 351
       c = connect(opts)
348 352
       r = c.request_cgi(opts)
349
-      c.send_recv(r, actual_timeout)
353
+      print_line(r.to_s) if datastore['HttpTrace']
354
+      res = c.send_recv(r, actual_timeout)
355
+      print_line(res.to_s) if datastore['HttpTrace']
356
+      res
350 357
     rescue ::Errno::EPIPE, ::Timeout::Error
351 358
       nil
352 359
     end

Loading…
Cancel
Save