data/msfcrawler/forms.rb

##
# $Id$
##

##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions. Please see the Metasploit
# Framework web site for more information on licensing and terms of use.
# http://metasploit.com/framework/
##

# $Revision$

require 'rubygems'
require 'pathname'
require 'nokogiri'
require 'uri'

class CrawlerForms < BaseParser

  def parse(request,result)

    if !result['Content-Type'].include? "text/html"
      return
    end

    hr = ''
    m = ''

    doc = Nokogiri::HTML(result.body.to_s)
    doc.css('form').each do |f|
      hr = f['action']

      fname = f['name']
      fname = "NONE" if fname.empty?

      m = f['method'].empty? ? 'GET' : f['method'].upcase

      htmlform = Nokogiri::HTML(f.inner_html)

      arrdata = []

      htmlform.css('input').each do |p|
        arrdata << "#{p['name']}=#{Rex::Text.uri_encode(p['value'])}"
      end

      data = arrdata.join("&").to_s

      begin
        hreq = urltohash(m, hr, request['uri'], data)
        hreq['ctype'] = 'application/x-www-form-urlencoded'
        insertnewpath(hreq)
      rescue URI::InvalidURIError
      end
    end
  end
end
more cleanups 2010-05-03 17:13:09 +00:00			`##`
			`# $Id$`
			`##`

			`##`
			`# This file is part of the Metasploit Framework and may be subject to`
			`# redistribution and commercial restrictions. Please see the Metasploit`
			`# Framework web site for more information on licensing and terms of use.`
			`# http://metasploit.com/framework/`
			`##`

			`# $Revision$`

start to parse forms 2010-03-26 02:39:19 +00:00			`require 'rubygems'`
			`require 'pathname'`
Replace hpricot by nokogiri 2014-07-17 00:14:07 +02:00			`require 'nokogiri'`
start to parse forms 2010-03-26 02:39:19 +00:00			`require 'uri'`

			`class CrawlerForms < BaseParser`

Retab all the things (except external/) 2013-09-30 13:47:53 -05:00			`def parse(request,result)`
more cleanups 2010-05-03 17:13:09 +00:00
Retab all the things (except external/) 2013-09-30 13:47:53 -05:00			`if !result['Content-Type'].include? "text/html"`
			`return`
			`end`
more cleanups 2010-05-03 17:13:09 +00:00
Retab all the things (except external/) 2013-09-30 13:47:53 -05:00			`hr = ''`
			`m = ''`
start to parse forms 2010-03-26 02:39:19 +00:00
Replace hpricot by nokogiri 2014-07-17 00:14:07 +02:00			`doc = Nokogiri::HTML(result.body.to_s)`
			`doc.css('form').each do \|f\|`
			`hr = f['action']`
Parsing fixes 2010-04-03 05:52:22 +00:00
Replace hpricot by nokogiri 2014-07-17 00:14:07 +02:00			`fname = f['name']`
			`fname = "NONE" if fname.empty?`
more cleanups 2010-05-03 17:13:09 +00:00
Replace hpricot by nokogiri 2014-07-17 00:14:07 +02:00			`m = f['method'].empty? ? 'GET' : f['method'].upcase`
more cleanups 2010-05-03 17:13:09 +00:00
Replace hpricot by nokogiri 2014-07-17 00:14:07 +02:00			`htmlform = Nokogiri::HTML(f.inner_html)`
more cleanups 2010-05-03 17:13:09 +00:00
Retab all the things (except external/) 2013-09-30 13:47:53 -05:00			`arrdata = []`
more cleanups 2010-05-03 17:13:09 +00:00
Replace hpricot by nokogiri 2014-07-17 00:14:07 +02:00			`htmlform.css('input').each do \|p\|`
			`arrdata << "#{p['name']}=#{Rex::Text.uri_encode(p['value'])}"`
Retab all the things (except external/) 2013-09-30 13:47:53 -05:00			`end`
more cleanups 2010-05-03 17:13:09 +00:00
Retab all the things (except external/) 2013-09-30 13:47:53 -05:00			`data = arrdata.join("&").to_s`
more cleanups 2010-05-03 17:13:09 +00:00
Retab all the things (except external/) 2013-09-30 13:47:53 -05:00			`begin`
Replace hpricot by nokogiri 2014-07-17 00:14:07 +02:00			`hreq = urltohash(m, hr, request['uri'], data)`
Retab all the things (except external/) 2013-09-30 13:47:53 -05:00			`hreq['ctype'] = 'application/x-www-form-urlencoded'`
			`insertnewpath(hreq)`
			`rescue URI::InvalidURIError`
			`end`
			`end`
			`end`
start to parse forms 2010-03-26 02:39:19 +00:00			`end`