Mirror of metasploit
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

forms.rb 1.2KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758
  1. ##
  2. # $Id$
  3. ##
  4. ##
  5. # This file is part of the Metasploit Framework and may be subject to
  6. # redistribution and commercial restrictions. Please see the Metasploit
  7. # Framework web site for more information on licensing and terms of use.
  8. # http://metasploit.com/framework/
  9. ##
  10. # $Revision$
  11. require 'rubygems'
  12. require 'pathname'
  13. require 'nokogiri'
  14. require 'uri'
  15. class CrawlerForms < BaseParser
  16. def parse(request,result)
  17. if !result['Content-Type'].include? "text/html"
  18. return
  19. end
  20. hr = ''
  21. m = ''
  22. doc = Nokogiri::HTML(result.body.to_s)
  23. doc.css('form').each do |f|
  24. hr = f['action']
  25. fname = f['name']
  26. fname = "NONE" if fname.empty?
  27. m = f['method'].empty? ? 'GET' : f['method'].upcase
  28. htmlform = Nokogiri::HTML(f.inner_html)
  29. arrdata = []
  30. htmlform.css('input').each do |p|
  31. arrdata << "#{p['name']}=#{Rex::Text.uri_encode(p['value'])}"
  32. end
  33. data = arrdata.join("&").to_s
  34. begin
  35. hreq = urltohash(m, hr, request['uri'], data)
  36. hreq['ctype'] = 'application/x-www-form-urlencoded'
  37. insertnewpath(hreq)
  38. rescue URI::InvalidURIError
  39. end
  40. end
  41. end
  42. end