adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
c3f5bd3de2d1affa01e2f6c2066c6bb0fc6413bc
metasploit-gs/api/Msf/Exploit/Remote/HttpServer/HTML.html
T

1452 lines
80 KiB
HTML
Raw Normal View History

Reboot gh-pages
2026-05-08 17:08:43 +00:00
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>
Module: Msf::Exploit::Remote::HttpServer::HTML
&mdash; Documentation by YARD 0.9.37
</title>
<link rel="stylesheet" href="../../../../css/style.css" type="text/css" />
<link rel="stylesheet" href="../../../../css/common.css" type="text/css" />
<script type="text/javascript">
pathId = "Msf::Exploit::Remote::HttpServer::HTML";
relpath = '../../../../';
</script>
<script type="text/javascript" charset="utf-8" src="../../../../js/jquery.js"></script>
<script type="text/javascript" charset="utf-8" src="../../../../js/app.js"></script>
</head>
<body>
<div class="nav_wrap">
<iframe id="nav" src="../../../../class_list.html?1"></iframe>
<div id="resizer"></div>
</div>
<div id="main" tabindex="-1">
<div id="header">
<div id="menu">
<a href="../../../../_index.html">Index (H)</a> &raquo;
<span class='title'><span class='object_link'><a href="../../../../Msf.html" title="Msf (module)">Msf</a></span></span> &raquo; <span class='title'><span class='object_link'><a href="../../../Exploit.html" title="Msf::Exploit (class)">Exploit</a></span></span> &raquo; <span class='title'><span class='object_link'><a href="../../Remote.html" title="Msf::Exploit::Remote (class)">Remote</a></span></span> &raquo; <span class='title'><span class='object_link'><a href="../HttpServer.html" title="Msf::Exploit::Remote::HttpServer (module)">HttpServer</a></span></span>
&raquo;
<span class="title">HTML</span>
</div>
<div id="search">
<a class="full_list_link" id="class_list_link"
href="../../../../class_list.html">
<svg width="24" height="24">
<rect x="0" y="4" width="24" height="4" rx="1" ry="1"></rect>
<rect x="0" y="12" width="24" height="4" rx="1" ry="1"></rect>
<rect x="0" y="20" width="24" height="4" rx="1" ry="1"></rect>
</svg>
</a>
</div>
<div class="clear"></div>
</div>
<div id="content"><h1>Module: Msf::Exploit::Remote::HttpServer::HTML
</h1>
<div class="box_info">
<dl>
<dt>Includes:</dt>
<dd><span class='object_link'><a href="../HttpServer.html" title="Msf::Exploit::Remote::HttpServer (module)">Msf::Exploit::Remote::HttpServer</a></span></dd>
</dl>
<dl>
<dt>Included in:</dt>
<dd><span class='object_link'><a href="../BrowserExploitServer.html" title="Msf::Exploit::Remote::BrowserExploitServer (module)">BrowserExploitServer</a></span></dd>
</dl>
<dl>
<dt>Defined in:</dt>
<dd>lib/msf/core/exploit/remote/http_server/html.rb</dd>
</dl>
</div>
<h2>Overview</h2><div class="docstring">
<div class="discussion">
<p>This module provides methods for exploiting an HTTP client by acting as an HTTP server.</p>
</div>
</div>
<div class="tags">
</div>
<h2>
Constant Summary
<small><a href="#" class="constants_summary_toggle">collapse</a></small>
</h2>
<dl class="constants">
<dt id="UTF_NONE-constant" class="">UTF_NONE =
</dt>
<dd><pre class="code"><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>none</span><span class='tstring_end'>&#39;</span></span></pre></dd>
<dt id="UTF_7-constant" class="">UTF_7 =
</dt>
<dd><pre class="code"><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>utf-7</span><span class='tstring_end'>&#39;</span></span></pre></dd>
<dt id="UTF_7_ALL-constant" class="">UTF_7_ALL =
</dt>
<dd><pre class="code"><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>utf-7-all</span><span class='tstring_end'>&#39;</span></span></pre></dd>
<dt id="UTF_8-constant" class="">UTF_8 =
</dt>
<dd><pre class="code"><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>utf-8</span><span class='tstring_end'>&#39;</span></span></pre></dd>
<dt id="UTF_16_LE-constant" class="">UTF_16_LE =
</dt>
<dd><pre class="code"><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>utf-16le</span><span class='tstring_end'>&#39;</span></span></pre></dd>
<dt id="UTF_16_BE-constant" class="">UTF_16_BE =
</dt>
<dd><pre class="code"><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>utf-16be</span><span class='tstring_end'>&#39;</span></span></pre></dd>
<dt id="UTF_16_BE_MARKER-constant" class="">UTF_16_BE_MARKER =
</dt>
<dd><pre class="code"><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>utf-16be-marker</span><span class='tstring_end'>&#39;</span></span></pre></dd>
<dt id="UTF_32_LE-constant" class="">UTF_32_LE =
</dt>
<dd><pre class="code"><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>utf-32le</span><span class='tstring_end'>&#39;</span></span></pre></dd>
<dt id="UTF_32_BE-constant" class="">UTF_32_BE =
</dt>
<dd><pre class="code"><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>utf-32be</span><span class='tstring_end'>&#39;</span></span></pre></dd>
</dl>
<h2>Instance Attribute Summary</h2>
<h3 class="inherited">Attributes included from <span class='object_link'><a href="../SocketServer.html" title="Msf::Exploit::Remote::SocketServer (module)">SocketServer</a></span></h3>
<p class="inherited"><span class='object_link'><a href="../SocketServer.html#service-instance_method" title="Msf::Exploit::Remote::SocketServer#service (method)">#service</a></span></p>
<h2>
Instance Method Summary
<small><a href="#" class="summary_toggle">collapse</a></small>
</h2>
<ul class="summary">
<li class="protected ">
<span class="summary_signature">
<a href="#encrypt_js-instance_method" title="#encrypt_js (instance method)">#<strong>encrypt_js</strong>(javascript, key) &#x21d2; Object </a>
</span>
<span class="note title protected">protected</span>
<span class="summary_desc"><div class='inline'>
<p>Encrypts a given javascript string using the provided key.</p>
</div></span>
</li>
<li class="protected ">
<span class="summary_signature">
<a href="#heaplib-instance_method" title="#heaplib (instance method)">#<strong>heaplib</strong>(custom_js = &#39;&#39;, opts = {}) &#x21d2; Object </a>
</span>
<span class="note title protected">protected</span>
<span class="summary_desc"><div class='inline'>
<p>Returns the heaplib javascript, including any custom javascript supplied by the caller.</p>
</div></span>
</li>
<li class="protected ">
<span class="summary_signature">
<a href="#initialize-instance_method" title="#initialize (instance method)">#<strong>initialize</strong>(info = {}) &#x21d2; Object </a>
</span>
<span class="note title protected">protected</span>
<span class="summary_desc"><div class='inline'></div></span>
</li>
<li class="protected ">
<span class="summary_signature">
<a href="#js_ajax_download-instance_method" title="#js_ajax_download (instance method)">#<strong>js_ajax_download</strong> &#x21d2; Object </a>
</span>
<span class="note title protected">protected</span>
<span class="summary_desc"><div class='inline'>
<p>Downloads data using ajax.</p>
</div></span>
</li>
<li class="protected ">
<span class="summary_signature">
<a href="#js_ajax_post-instance_method" title="#js_ajax_post (instance method)">#<strong>js_ajax_post</strong> &#x21d2; Object </a>
</span>
<span class="note title protected">protected</span>
<span class="summary_desc"><div class='inline'>
<p>Transfers data using a POST request.</p>
</div></span>
</li>
<li class="protected ">
<span class="summary_signature">
<a href="#js_base64-instance_method" title="#js_base64 (instance method)">#<strong>js_base64</strong> &#x21d2; Object </a>
</span>
<span class="note title protected">protected</span>
<span class="summary_desc"><div class='inline'></div></span>
</li>
<li class="protected ">
<span class="summary_signature">
<a href="#js_explib2-instance_method" title="#js_explib2 (instance method)">#<strong>js_explib2</strong> &#x21d2; Object </a>
</span>
<span class="note title protected">protected</span>
<span class="summary_desc"><div class='inline'></div></span>
</li>
<li class="protected ">
<span class="summary_signature">
<a href="#js_explib2_payload-instance_method" title="#js_explib2_payload (instance method)">#<strong>js_explib2_payload</strong>(payload = &quot;exec&quot;) &#x21d2; Object </a>
</span>
<span class="note title protected">protected</span>
<span class="summary_desc"><div class='inline'></div></span>
</li>
<li class="protected ">
<span class="summary_signature">
<a href="#js_heap_spray-instance_method" title="#js_heap_spray (instance method)">#<strong>js_heap_spray</strong> &#x21d2; Object </a>
</span>
<span class="note title protected">protected</span>
<span class="summary_desc"><div class='inline'></div></span>
</li>
<li class="protected ">
<span class="summary_signature">
<a href="#js_heaplib2-instance_method" title="#js_heaplib2 (instance method)">#<strong>js_heaplib2</strong>(custom_js = &#39;&#39;, opts = {}) &#x21d2; Object </a>
</span>
<span class="note title protected">protected</span>
<span class="summary_desc"><div class='inline'>
<p>Returns the heaplib2 javascript.</p>
</div></span>
</li>
<li class="protected ">
<span class="summary_signature">
<a href="#js_ie_addons_detect-instance_method" title="#js_ie_addons_detect (instance method)">#<strong>js_ie_addons_detect</strong> &#x21d2; Object </a>
</span>
<span class="note title protected">protected</span>
<span class="summary_desc"><div class='inline'></div></span>
</li>
<li class="protected ">
<span class="summary_signature">
<a href="#js_misc_addons_detect-instance_method" title="#js_misc_addons_detect (instance method)">#<strong>js_misc_addons_detect</strong> &#x21d2; Object </a>
</span>
<span class="note title protected">protected</span>
<span class="summary_desc"><div class='inline'></div></span>
</li>
<li class="protected ">
<span class="summary_signature">
<a href="#js_mstime_malloc-instance_method" title="#js_mstime_malloc (instance method)">#<strong>js_mstime_malloc</strong> &#x21d2; Object </a>
</span>
<span class="note title protected">protected</span>
<span class="summary_desc"><div class='inline'>
<p>This function takes advantage of MSTIMEs CTIMEAnimationBase::put_values function thats suitable for a no-spray technique.</p>
</div></span>
</li>
<li class="protected ">
<span class="summary_signature">
<a href="#js_os_detect-instance_method" title="#js_os_detect (instance method)">#<strong>js_os_detect</strong> &#x21d2; Object </a>
</span>
<span class="note title protected">protected</span>
<span class="summary_desc"><div class='inline'></div></span>
</li>
<li class="protected ">
<span class="summary_signature">
<a href="#js_property_spray-instance_method" title="#js_property_spray (instance method)">#<strong>js_property_spray</strong> &#x21d2; Object </a>
</span>
<span class="note title protected">protected</span>
<span class="summary_desc"><div class='inline'>
<p>This heap spray technique takes advantage of MSHTMLs SetStringProperty (or SetProperty) function to trigger allocations by ntdll!RtlAllocateHeap.</p>
</div></span>
</li>
<li class="protected ">
<span class="summary_signature">
<a href="#obfuscate_js-instance_method" title="#obfuscate_js (instance method)">#<strong>obfuscate_js</strong>(javascript, opts) &#x21d2; Object </a>
</span>
<span class="note title protected">protected</span>
<span class="summary_desc"><div class='inline'>
<p>Obfuscates symbols found within a javascript string.</p>
</div></span>
</li>
<li class="protected ">
<span class="summary_signature">
<a href="#send_response_html-instance_method" title="#send_response_html (instance method)">#<strong>send_response_html</strong>(cli, body, headers = {}) &#x21d2; Object </a>
</span>
<span class="note title protected">protected</span>
<span class="summary_desc"><div class='inline'>
<p>Transmits a html response to the supplied client.</p>
</div></span>
</li>
</ul>
<h3 class="inherited">Methods included from <span class='object_link'><a href="../HttpServer.html" title="Msf::Exploit::Remote::HttpServer (module)">Msf::Exploit::Remote::HttpServer</a></span></h3>
<p class="inherited"><span class='object_link'><a href="../HttpServer.html#add_resource-instance_method" title="Msf::Exploit::Remote::HttpServer#add_resource (method)">#add_resource</a></span>, <span class='object_link'><a href="../HttpServer.html#add_robots_resource-instance_method" title="Msf::Exploit::Remote::HttpServer#add_robots_resource (method)">#add_robots_resource</a></span>, <span class='object_link'><a href="../HttpServer.html#autofilter-instance_method" title="Msf::Exploit::Remote::HttpServer#autofilter (method)">#autofilter</a></span>, <span class='object_link'><a href="../HttpServer.html#check_dependencies-instance_method" title="Msf::Exploit::Remote::HttpServer#check_dependencies (method)">#check_dependencies</a></span>, <span class='object_link'><a href="../HttpServer.html#cleanup-instance_method" title="Msf::Exploit::Remote::HttpServer#cleanup (method)">#cleanup</a></span>, <span class='object_link'><a href="../HttpServer.html#cli-instance_method" title="Msf::Exploit::Remote::HttpServer#cli (method)">#cli</a></span>, <span class='object_link'><a href="../HttpServer.html#cli=-instance_method" title="Msf::Exploit::Remote::HttpServer#cli= (method)">#cli=</a></span>, <span class='object_link'><a href="../HttpServer.html#close_client-instance_method" title="Msf::Exploit::Remote::HttpServer#close_client (method)">#close_client</a></span>, <span class='object_link'><a href="../HttpServer.html#create_response-instance_method" title="Msf::Exploit::Remote::HttpServer#create_response (method)">#create_response</a></span>, <span class='object_link'><a href="../HttpServer.html#fingerprint_user_agent-instance_method" title="Msf::Exploit::Remote::HttpServer#fingerprint_user_agent (method)">#fingerprint_user_agent</a></span>, <span class='object_link'><a href="../HttpServer.html#get_resource-instance_method" title="Msf::Exploit::Remote::HttpServer#get_resource (method)">#get_resource</a></span>, <span class='object_link'><a href="../HttpServer.html#get_uri-instance_method" title="Msf::Exploit::Remote::HttpServer#get_uri (method)">#get_uri</a></span>, <span class='object_link'><a href="../HttpServer.html#hardcoded_uripath-instance_method" title="Msf::Exploit::Remote::HttpServer#hardcoded_uripath (method)">#hardcoded_uripath</a></span>, <span class='object_link'><a href="../HttpServer.html#on_request_uri-instance_method" title="Msf::Exploit::Remote::HttpServer#on_request_uri (method)">#on_request_uri</a></span>, <span class='object_link'><a href="../HttpServer.html#print_prefix-instance_method" title="Msf::Exploit::Remote::HttpServer#print_prefix (method)">#print_prefix</a></span>, <span class='object_link'><a href="../HttpServer.html#random_uri-instance_method" title="Msf::Exploit::Remote::HttpServer#random_uri (method)">#random_uri</a></span>, <span class='object_link'><a href="../HttpServer.html#regenerate_payload-instance_method" title="Msf::Exploit::Remote::HttpServer#regenerate_payload (method)">#regenerate_payload</a></span>, <span class='object_link'><a href="../HttpServer.html#remove_resource-instance_method" title="Msf::Exploit::Remote::HttpServer#remove_resource (method)">#remove_resource</a></span>, <span class='object_link'><a href="../HttpServer.html#report_user_agent-instance_method" title="Msf::Exploit::Remote::HttpServer#report_user_agent (method)">#report_user_agent</a></span>, <span class='object_link'><a href="../HttpServer.html#resource_uri-instance_method" title="Msf::Exploit::Remote::HttpServer#resource_uri (method)">#resource_uri</a></span>, <span class='object_link'><a href="../HttpServer.html#send_local_redirect-instance_method" title="Msf::Exploit::Remote::HttpServer#send_local_redirect (method)">#send_local_redirect</a></span>, <span class='object_link'><a href="../HttpServer.html#send_not_found-instance_method" title="Msf::Exploit::Remote::HttpServer#send_not_found (method)">#send_not_found</a></span>, <span class='object_link'><a href="../HttpServer.html#send_redirect-instance_method" title="Msf::Exploit::Remote::HttpServer#send_redirect (method)">#send_redirect</a></span>, <span class='ob
<h3 class="inherited">Methods included from <span class='object_link'><a href="../../../Auxiliary/Report.html" title="Msf::Auxiliary::Report (module)">Auxiliary::Report</a></span></h3>
<p class="inherited"><span class='object_link'><a href="../../../Auxiliary/Report.html#active_db%3F-instance_method" title="Msf::Auxiliary::Report#active_db? (method)">#active_db?</a></span>, <span class='object_link'><a href="../../../Auxiliary/Report.html#create_cracked_credential-instance_method" title="Msf::Auxiliary::Report#create_cracked_credential (method)">#create_cracked_credential</a></span>, <span class='object_link'><a href="../../../Auxiliary/Report.html#create_credential-instance_method" title="Msf::Auxiliary::Report#create_credential (method)">#create_credential</a></span>, <span class='object_link'><a href="../../../Auxiliary/Report.html#create_credential_and_login-instance_method" title="Msf::Auxiliary::Report#create_credential_and_login (method)">#create_credential_and_login</a></span>, <span class='object_link'><a href="../../../Auxiliary/Report.html#create_credential_login-instance_method" title="Msf::Auxiliary::Report#create_credential_login (method)">#create_credential_login</a></span>, <span class='object_link'><a href="../../../Auxiliary/Report.html#db-instance_method" title="Msf::Auxiliary::Report#db (method)">#db</a></span>, <span class='object_link'><a href="../../../Auxiliary/Report.html#db_warning_given%3F-instance_method" title="Msf::Auxiliary::Report#db_warning_given? (method)">#db_warning_given?</a></span>, <span class='object_link'><a href="../../../Auxiliary/Report.html#get_client-instance_method" title="Msf::Auxiliary::Report#get_client (method)">#get_client</a></span>, <span class='object_link'><a href="../../../Auxiliary/Report.html#get_host-instance_method" title="Msf::Auxiliary::Report#get_host (method)">#get_host</a></span>, <span class='object_link'><a href="../../../Auxiliary/Report.html#inside_workspace_boundary%3F-instance_method" title="Msf::Auxiliary::Report#inside_workspace_boundary? (method)">#inside_workspace_boundary?</a></span>, <span class='object_link'><a href="../../../Auxiliary/Report.html#invalidate_login-instance_method" title="Msf::Auxiliary::Report#invalidate_login (method)">#invalidate_login</a></span>, <span class='object_link'><a href="../../../Auxiliary/Report.html#mytask-instance_method" title="Msf::Auxiliary::Report#mytask (method)">#mytask</a></span>, <span class='object_link'><a href="../../../Auxiliary/Report.html#myworkspace-instance_method" title="Msf::Auxiliary::Report#myworkspace (method)">#myworkspace</a></span>, <span class='object_link'><a href="../../../Auxiliary/Report.html#myworkspace_id-instance_method" title="Msf::Auxiliary::Report#myworkspace_id (method)">#myworkspace_id</a></span>, <span class='object_link'><a href="../../../Auxiliary/Report.html#report_auth_info-instance_method" title="Msf::Auxiliary::Report#report_auth_info (method)">#report_auth_info</a></span>, <span class='object_link'><a href="../../../Auxiliary/Report.html#report_client-instance_method" title="Msf::Auxiliary::Report#report_client (method)">#report_client</a></span>, <span class='object_link'><a href="../../../Auxiliary/Report.html#report_exploit-instance_method" title="Msf::Auxiliary::Report#report_exploit (method)">#report_exploit</a></span>, <span class='object_link'><a href="../../../Auxiliary/Report.html#report_host-instance_method" title="Msf::Auxiliary::Report#report_host (method)">#report_host</a></span>, <span class='object_link'><a href="../../../Auxiliary/Report.html#report_loot-instance_method" title="Msf::Auxiliary::Report#report_loot (method)">#report_loot</a></span>, <span class='object_link'><a href="../../../Auxiliary/Report.html#report_note-instance_method" title="Msf::Auxiliary::Report#report_note (method)">#report_note</a></span>, <span class='object_link'><a href="../../../Auxiliary/Report.html#report_service-instance_method" title="Msf::Auxiliary::Report#report_service (method)">#report_service</a></span>, <span class='object_link'><a href="../../../Auxiliary/Report.html#report_vuln-instance_method" title="Msf::Auxiliary::Report#report_vuln (method)">#report_vuln</a></span>, <span class='object_link'><a href="../../../Auxiliary/Report.html#rep
<h3 class="inherited">Methods included from <span class='object_link'><a href="../../../../Metasploit/Framework/Require.html" title="Metasploit::Framework::Require (module)">Metasploit::Framework::Require</a></span></h3>
<p class="inherited"><span class='object_link'><a href="../../../../Metasploit/Framework/Require.html#optionally-class_method" title="Metasploit::Framework::Require.optionally (method)">optionally</a></span>, <span class='object_link'><a href="../../../../Metasploit/Framework/Require.html#optionally_active_record_railtie-class_method" title="Metasploit::Framework::Require.optionally_active_record_railtie (method)">optionally_active_record_railtie</a></span>, <span class='object_link'><a href="../../../../Metasploit/Framework/Require.html#optionally_include_metasploit_credential_creation-class_method" title="Metasploit::Framework::Require.optionally_include_metasploit_credential_creation (method)">optionally_include_metasploit_credential_creation</a></span>, <span class='object_link'><a href="../../../../Metasploit/Framework/Require.html#optionally_include_metasploit_credential_creation-instance_method" title="Metasploit::Framework::Require#optionally_include_metasploit_credential_creation (method)">#optionally_include_metasploit_credential_creation</a></span>, <span class='object_link'><a href="../../../../Metasploit/Framework/Require.html#optionally_require_metasploit_db_gem_engines-class_method" title="Metasploit::Framework::Require.optionally_require_metasploit_db_gem_engines (method)">optionally_require_metasploit_db_gem_engines</a></span></p>
<h3 class="inherited">Methods included from <span class='object_link'><a href="../TcpServer.html" title="Msf::Exploit::Remote::TcpServer (module)">TcpServer</a></span></h3>
<p class="inherited"><span class='object_link'><a href="../TcpServer.html#on_client_close-instance_method" title="Msf::Exploit::Remote::TcpServer#on_client_close (method)">#on_client_close</a></span>, <span class='object_link'><a href="../TcpServer.html#on_client_connect-instance_method" title="Msf::Exploit::Remote::TcpServer#on_client_connect (method)">#on_client_connect</a></span>, <span class='object_link'><a href="../TcpServer.html#ssl-instance_method" title="Msf::Exploit::Remote::TcpServer#ssl (method)">#ssl</a></span>, <span class='object_link'><a href="../TcpServer.html#ssl_cert-instance_method" title="Msf::Exploit::Remote::TcpServer#ssl_cert (method)">#ssl_cert</a></span>, <span class='object_link'><a href="../TcpServer.html#ssl_cipher-instance_method" title="Msf::Exploit::Remote::TcpServer#ssl_cipher (method)">#ssl_cipher</a></span>, <span class='object_link'><a href="../TcpServer.html#ssl_compression-instance_method" title="Msf::Exploit::Remote::TcpServer#ssl_compression (method)">#ssl_compression</a></span>, <span class='object_link'><a href="../TcpServer.html#ssl_version-instance_method" title="Msf::Exploit::Remote::TcpServer#ssl_version (method)">#ssl_version</a></span>, <span class='object_link'><a href="../TcpServer.html#start_service-instance_method" title="Msf::Exploit::Remote::TcpServer#start_service (method)">#start_service</a></span></p>
<h3 class="inherited">Methods included from <span class='object_link'><a href="../SocketServer.html" title="Msf::Exploit::Remote::SocketServer (module)">SocketServer</a></span></h3>
<p class="inherited"><span class='object_link'><a href="../SocketServer.html#_determine_server_comm-instance_method" title="Msf::Exploit::Remote::SocketServer#_determine_server_comm (method)">#_determine_server_comm</a></span>, <span class='object_link'><a href="../SocketServer.html#bindhost-instance_method" title="Msf::Exploit::Remote::SocketServer#bindhost (method)">#bindhost</a></span>, <span class='object_link'><a href="../SocketServer.html#bindport-instance_method" title="Msf::Exploit::Remote::SocketServer#bindport (method)">#bindport</a></span>, <span class='object_link'><a href="../SocketServer.html#cleanup-instance_method" title="Msf::Exploit::Remote::SocketServer#cleanup (method)">#cleanup</a></span>, <span class='object_link'><a href="../SocketServer.html#cleanup_service-instance_method" title="Msf::Exploit::Remote::SocketServer#cleanup_service (method)">#cleanup_service</a></span>, <span class='object_link'><a href="../SocketServer.html#exploit-instance_method" title="Msf::Exploit::Remote::SocketServer#exploit (method)">#exploit</a></span>, <span class='object_link'><a href="../SocketServer.html#on_client_data-instance_method" title="Msf::Exploit::Remote::SocketServer#on_client_data (method)">#on_client_data</a></span>, <span class='object_link'><a href="../SocketServer.html#primer-instance_method" title="Msf::Exploit::Remote::SocketServer#primer (method)">#primer</a></span>, <span class='object_link'><a href="../SocketServer.html#regenerate_payload-instance_method" title="Msf::Exploit::Remote::SocketServer#regenerate_payload (method)">#regenerate_payload</a></span>, <span class='object_link'><a href="../SocketServer.html#srvhost-instance_method" title="Msf::Exploit::Remote::SocketServer#srvhost (method)">#srvhost</a></span>, <span class='object_link'><a href="../SocketServer.html#srvhost_addr-instance_method" title="Msf::Exploit::Remote::SocketServer#srvhost_addr (method)">#srvhost_addr</a></span>, <span class='object_link'><a href="../SocketServer.html#srvport-instance_method" title="Msf::Exploit::Remote::SocketServer#srvport (method)">#srvport</a></span>, <span class='object_link'><a href="../SocketServer.html#start_service-instance_method" title="Msf::Exploit::Remote::SocketServer#start_service (method)">#start_service</a></span>, <span class='object_link'><a href="../SocketServer.html#via_string-instance_method" title="Msf::Exploit::Remote::SocketServer#via_string (method)">#via_string</a></span></p>
<div id="instance_method_details" class="method_details_list">
<h2>Instance Method Details</h2>
<div class="method_details first">
<h3 class="signature first" id="encrypt_js-instance_method">
#<strong>encrypt_js</strong>(javascript, key) &#x21d2; <tt>Object</tt> <span class="extras">(protected)</span>
</h3><div class="docstring">
<div class="discussion">
<p>Encrypts a given javascript string using the provided key.</p>
<p>Returns a string containing the encrypted string and a loader</p>
</div>
</div>
<div class="tags">
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
57
58
59</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/http_server/html.rb', line 57</span>
<span class='kw'>def</span> <span class='id identifier rubyid_encrypt_js'>encrypt_js</span><span class='lparen'>(</span><span class='id identifier rubyid_javascript'>javascript</span><span class='comma'>,</span> <span class='id identifier rubyid_key'>key</span><span class='rparen'>)</span>
<span class='const'><span class='object_link'><a href="../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'>Exploitation</span><span class='op'>::</span><span class='const'>EncryptJS</span><span class='period'>.</span><span class='id identifier rubyid_encrypt'>encrypt</span><span class='lparen'>(</span><span class='id identifier rubyid_javascript'>javascript</span><span class='comma'>,</span> <span class='id identifier rubyid_key'>key</span><span class='rparen'>)</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="heaplib-instance_method">
#<strong>heaplib</strong>(custom_js = &#39;&#39;, opts = {}) &#x21d2; <tt>Object</tt> <span class="extras">(protected)</span>
</h3><div class="docstring">
<div class="discussion">
<p>Returns the heaplib javascript, including any custom javascript supplied by the caller.</p>
</div>
</div>
<div class="tags">
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
65
66
67</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/http_server/html.rb', line 65</span>
<span class='kw'>def</span> <span class='id identifier rubyid_heaplib'>heaplib</span><span class='lparen'>(</span><span class='id identifier rubyid_custom_js'>custom_js</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='id identifier rubyid_opts'>opts</span> <span class='op'>=</span> <span class='lbrace'>{</span><span class='rbrace'>}</span><span class='rparen'>)</span>
<span class='const'><span class='object_link'><a href="../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'>Exploitation</span><span class='op'>::</span><span class='const'>HeapLib</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span><span class='lparen'>(</span><span class='id identifier rubyid_custom_js'>custom_js</span><span class='comma'>,</span> <span class='id identifier rubyid_opts'>opts</span><span class='rparen'>)</span><span class='period'>.</span><span class='id identifier rubyid_to_s'>to_s</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="initialize-instance_method">
#<strong>initialize</strong>(info = {}) &#x21d2; <tt>Object</tt> <span class="extras">(protected)</span>
</h3><table class="source_code">
<tr>
<td>
<pre class="lines">
26
27
28
29
30
31
32
33
34
35
36
37
38
39</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/http_server/html.rb', line 26</span>
<span class='kw'>def</span> <span class='id identifier rubyid_initialize'>initialize</span><span class='lparen'>(</span><span class='id identifier rubyid_info'>info</span> <span class='op'>=</span> <span class='lbrace'>{</span><span class='rbrace'>}</span><span class='rparen'>)</span>
<span class='kw'>super</span>
<span class='id identifier rubyid_register_evasion_options'>register_evasion_options</span><span class='lparen'>(</span>
<span class='lbracket'>[</span>
<span class='comment'># utf-8, utf-7 and utf-7-all are currently not supported by
</span> <span class='comment'># most browsers. as such, they are not added by default. The
</span> <span class='comment'># mixin supports encoding using them, however they are not
</span> <span class='comment'># listed in the Option.
</span> <span class='const'><span class='object_link'><a href="../../../OptEnum.html" title="Msf::OptEnum (class)">OptEnum</a></span></span><span class='period'>.</span><span class='id identifier rubyid_new'><span class='object_link'><a href="../../../OptEnum.html#initialize-instance_method" title="Msf::OptEnum#initialize (method)">new</a></span></span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>HTML::unicode</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='lbracket'>[</span><span class='kw'>false</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Enable HTTP obfuscation via unicode</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='const'><span class='object_link'><a href="#UTF_NONE-constant" title="Msf::Exploit::Remote::HttpServer::HTML::UTF_NONE (constant)">UTF_NONE</a></span></span><span class='comma'>,</span> <span class='lbracket'>[</span><span class='const'><span class='object_link'><a href="#UTF_NONE-constant" title="Msf::Exploit::Remote::HttpServer::HTML::UTF_NONE (constant)">UTF_NONE</a></span></span><span class='comma'>,</span> <span class='const'><span class='object_link'><a href="#UTF_16_LE-constant" title="Msf::Exploit::Remote::HttpServer::HTML::UTF_16_LE (constant)">UTF_16_LE</a></span></span><span class='comma'>,</span> <span class='const'><span class='object_link'><a href="#UTF_16_BE-constant" title="Msf::Exploit::Remote::HttpServer::HTML::UTF_16_BE (constant)">UTF_16_BE</a></span></span><span class='comma'>,</span> <span class='const'><span class='object_link'><a href="#UTF_16_BE_MARKER-constant" title="Msf::Exploit::Remote::HttpServer::HTML::UTF_16_BE_MARKER (constant)">UTF_16_BE_MARKER</a></span></span><span class='comma'>,</span> <span class='const'><span class='object_link'><a href="#UTF_32_LE-constant" title="Msf::Exploit::Remote::HttpServer::HTML::UTF_32_LE (constant)">UTF_32_LE</a></span></span><span class='comma'>,</span> <span class='const'><span class='object_link'><a href="#UTF_32_BE-constant" title="Msf::Exploit::Remote::HttpServer::HTML::UTF_32_BE (constant)">UTF_32_BE</a></span></span><span class='rbracket'>]</span><span class='rbracket'>]</span><span class='rparen'>)</span><span class='comma'>,</span>
<span class='const'><span class='object_link'><a href="../../../OptEnum.html" title="Msf::OptEnum (class)">OptEnum</a></span></span><span class='period'>.</span><span class='id identifier rubyid_new'><span class='object_link'><a href="../../../OptEnum.html#initialize-instance_method" title="Msf::OptEnum#initialize (method)">new</a></span></span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>HTML::base64</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='lbracket'>[</span><span class='kw'>false</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Enable HTML obfuscation via an embedded base64 html object (IE not supported)</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>none</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>none</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>plain</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>single_pad</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>double_pad</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>random_space_injection</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span><span class='rbracket'>]</span><span class='rparen'>)</span><span class='comma'>,</span>
<span class='const'><span class='object_link'><a href="../../../OptInt.html" title="Msf::OptInt (class)">OptInt</a></span></span><span class='period'>.</span><span class='id identifier rubyid_new'><span class='object_link'><a href="../../../OptBase.html#initialize-instance_method" title="Msf::OptBase#initialize (method)">new</a></span></span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>HTML::javascript::escape</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='lbracket'>[</span><span class='kw'>false</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Enable HTML obfuscation via HTML escaping (number of iterations)</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='int'>0</span><span class='rbracket'>]</span><span class='rparen'>)</span><span class='comma'>,</span>
<span class='rbracket'>]</span><span class='comma'>,</span> <span class='const'><span class='object_link'><a href="../../../Exploit.html" title="Msf::Exploit (class)">Exploit</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Remote.html" title="Msf::Exploit::Remote (class)">Remote</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../HttpServer.html" title="Msf::Exploit::Remote::HttpServer (module)">HttpServer</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="" title="Msf::Exploit::Remote::HttpServer::HTML (module)">HTML</a></span></span><span class='rparen'>)</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="js_ajax_download-instance_method">
#<strong>js_ajax_download</strong> &#x21d2; <tt>Object</tt> <span class="extras">(protected)</span>
</h3><div class="docstring">
<div class="discussion">
<p>Downloads data using ajax</p>
<p>Supported arguments: method =&gt; Optional. HTTP Verb (eg. GET/POST) path =&gt; Relative path to the file. In IE, you can actually use an URI. But in Firefox, you</p>
<pre class="code ruby"><code class="ruby">must use a relative path, otherwise you will be blocked by the browser.
</code></pre>
<p>data =&gt; Optional. Data to pass to the server</p>
<p>Example of using the ajax_download() function: For IE, your web server has to return this header to download binary data: “text/plain; charset=x-user-defined”</p>
<pre class="code ruby"><code class="ruby">&lt;script&gt;
#{js_ajax_download}
ajax_download({path:&quot;/test.bin&quot;});
&lt;/script&gt;
</code></pre>
</div>
</div>
<div class="tags">
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
99
100
101</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/http_server/html.rb', line 99</span>
<span class='kw'>def</span> <span class='id identifier rubyid_js_ajax_download'>js_ajax_download</span>
<span class='ivar'>@cache_ajax_download</span> <span class='op'>||=</span> <span class='const'><span class='object_link'><a href="../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'>Exploitation</span><span class='op'>::</span><span class='const'>Js</span><span class='op'>::</span><span class='const'>Network</span><span class='period'>.</span><span class='id identifier rubyid_ajax_download'>ajax_download</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="js_ajax_post-instance_method">
#<strong>js_ajax_post</strong> &#x21d2; <tt>Object</tt> <span class="extras">(protected)</span>
</h3><div class="docstring">
<div class="discussion">
<p>Transfers data using a POST request</p>
</div>
</div>
<div class="tags">
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
107
108
109</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/http_server/html.rb', line 107</span>
<span class='kw'>def</span> <span class='id identifier rubyid_js_ajax_post'>js_ajax_post</span>
<span class='ivar'>@cache_ajax_post</span> <span class='op'>||=</span> <span class='const'><span class='object_link'><a href="../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'>Exploitation</span><span class='op'>::</span><span class='const'>Js</span><span class='op'>::</span><span class='const'>Network</span><span class='period'>.</span><span class='id identifier rubyid_ajax_post'>ajax_post</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="js_base64-instance_method">
#<strong>js_base64</strong> &#x21d2; <tt>Object</tt> <span class="extras">(protected)</span>
</h3><table class="source_code">
<tr>
<td>
<pre class="lines">
76
77
78</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/http_server/html.rb', line 76</span>
<span class='kw'>def</span> <span class='id identifier rubyid_js_base64'>js_base64</span>
<span class='ivar'>@cache_base64</span> <span class='op'>||=</span> <span class='const'><span class='object_link'><a href="../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'>Exploitation</span><span class='op'>::</span><span class='const'>Js</span><span class='op'>::</span><span class='const'>Utils</span><span class='period'>.</span><span class='id identifier rubyid_base64'>base64</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="js_explib2-instance_method">
#<strong>js_explib2</strong> &#x21d2; <tt>Object</tt> <span class="extras">(protected)</span>
</h3><table class="source_code">
<tr>
<td>
<pre class="lines">
176
177
178</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/http_server/html.rb', line 176</span>
<span class='kw'>def</span> <span class='id identifier rubyid_js_explib2'>js_explib2</span>
<span class='ivar'>@explib2</span> <span class='op'>||=</span> <span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'>Exploitation</span><span class='op'>::</span><span class='const'>Js</span><span class='op'>::</span><span class='const'>Memory</span><span class='period'>.</span><span class='id identifier rubyid_explib2'>explib2</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="js_explib2_payload-instance_method">
#<strong>js_explib2_payload</strong>(payload = &quot;exec&quot;) &#x21d2; <tt>Object</tt> <span class="extras">(protected)</span>
</h3><table class="source_code">
<tr>
<td>
<pre class="lines">
180
181
182</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/http_server/html.rb', line 180</span>
<span class='kw'>def</span> <span class='id identifier rubyid_js_explib2_payload'>js_explib2_payload</span><span class='lparen'>(</span><span class='id identifier rubyid_payload'>payload</span><span class='op'>=</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>exec</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='ivar'>@explib2_payload</span> <span class='op'>||=</span> <span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'>Exploitation</span><span class='op'>::</span><span class='const'>Js</span><span class='op'>::</span><span class='const'>Memory</span><span class='period'>.</span><span class='id identifier rubyid_explib2_payload'>explib2_payload</span><span class='lparen'>(</span><span class='id identifier rubyid_payload'>payload</span><span class='rparen'>)</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="js_heap_spray-instance_method">
#<strong>js_heap_spray</strong> &#x21d2; <tt>Object</tt> <span class="extras">(protected)</span>
</h3><table class="source_code">
<tr>
<td>
<pre class="lines">
172
173
174</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/http_server/html.rb', line 172</span>
<span class='kw'>def</span> <span class='id identifier rubyid_js_heap_spray'>js_heap_spray</span>
<span class='ivar'>@cache_heap_spray</span> <span class='op'>||=</span> <span class='const'><span class='object_link'><a href="../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'>Exploitation</span><span class='op'>::</span><span class='const'>Js</span><span class='op'>::</span><span class='const'>Memory</span><span class='period'>.</span><span class='id identifier rubyid_heap_spray'>heap_spray</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="js_heaplib2-instance_method">
#<strong>js_heaplib2</strong>(custom_js = &#39;&#39;, opts = {}) &#x21d2; <tt>Object</tt> <span class="extras">(protected)</span>
</h3><div class="docstring">
<div class="discussion">
<p>Returns the heaplib2 javascript</p>
</div>
</div>
<div class="tags">
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
72
73
74</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/http_server/html.rb', line 72</span>
<span class='kw'>def</span> <span class='id identifier rubyid_js_heaplib2'>js_heaplib2</span><span class='lparen'>(</span><span class='id identifier rubyid_custom_js'>custom_js</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='id identifier rubyid_opts'>opts</span> <span class='op'>=</span> <span class='lbrace'>{</span><span class='rbrace'>}</span><span class='rparen'>)</span>
<span class='ivar'>@cache_heaplib2</span> <span class='op'>||=</span> <span class='const'><span class='object_link'><a href="../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'>Exploitation</span><span class='op'>::</span><span class='const'>Js</span><span class='op'>::</span><span class='const'>Memory</span><span class='period'>.</span><span class='id identifier rubyid_heaplib2'>heaplib2</span><span class='lparen'>(</span><span class='id identifier rubyid_custom_js'>custom_js</span><span class='comma'>,</span> <span class='id identifier rubyid_opts'>opts</span><span class='op'>=</span><span class='lbrace'>{</span><span class='rbrace'>}</span><span class='rparen'>)</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="js_ie_addons_detect-instance_method">
#<strong>js_ie_addons_detect</strong> &#x21d2; <tt>Object</tt> <span class="extras">(protected)</span>
</h3><table class="source_code">
<tr>
<td>
<pre class="lines">
188
189
190</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/http_server/html.rb', line 188</span>
<span class='kw'>def</span> <span class='id identifier rubyid_js_ie_addons_detect'>js_ie_addons_detect</span>
<span class='ivar'>@cache_ie_addons_detect</span> <span class='op'>||=</span> <span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'>Exploitation</span><span class='op'>::</span><span class='const'>Js</span><span class='op'>::</span><span class='const'>Detect</span><span class='period'>.</span><span class='id identifier rubyid_ie_addons'>ie_addons</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="js_misc_addons_detect-instance_method">
#<strong>js_misc_addons_detect</strong> &#x21d2; <tt>Object</tt> <span class="extras">(protected)</span>
</h3><table class="source_code">
<tr>
<td>
<pre class="lines">
192
193
194</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/http_server/html.rb', line 192</span>
<span class='kw'>def</span> <span class='id identifier rubyid_js_misc_addons_detect'>js_misc_addons_detect</span>
<span class='ivar'>@cache_misc_addons_detect</span> <span class='op'>||=</span> <span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'>Exploitation</span><span class='op'>::</span><span class='const'>Js</span><span class='op'>::</span><span class='const'>Detect</span><span class='period'>.</span><span class='id identifier rubyid_misc_addons'>misc_addons</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="js_mstime_malloc-instance_method">
#<strong>js_mstime_malloc</strong> &#x21d2; <tt>Object</tt> <span class="extras">(protected)</span>
</h3><div class="docstring">
<div class="discussion">
<p>This function takes advantage of MSTIMEs CTIMEAnimationBase::put_values function thats suitable for a no-spray technique. There should be an allocation that contains an array of pointers to strings that we control, and each string should reside in its own buffer. Please note newer IEs (such as IE9), no longer support SMIL, therefore this only works on Internet Explorer 8 or prior. Note that “mstime_malloc” also requires a rather specific writing style, so make sure you have the following before using:</p>
<pre class="code ruby"><code class="ruby">* You must have the following at the beginning of your HTML file:
&lt;!doctype html&gt;
&lt;HTML XMLNS:t =&quot;urn:schemas-microsoft-com:time&quot;&gt;
* You must have the following in &lt;meta&gt;:
&lt;meta&gt;
&lt;?IMPORT namespace=&quot;t&quot; implementation=&quot;#default#time2&quot;&gt;
&lt;/meta&gt;
</code></pre>
<p>The “mstime_malloc” JavaScript function supports the following arguments:</p>
<pre class="code ruby"><code class="ruby">shellcode =&gt; The shellcode to place.
offset =&gt; Optional. The pointer index that points to the shellcode.
heapBlockSize =&gt; Object size.
objId =&gt; The ID to your ANIMATECOLOR element.
</code></pre>
<p>Example of using “js_mstime_malloc”:</p>
<pre class="code ruby"><code class="ruby">&lt;script&gt;
#{js_mstime_malloc}
shellcode = unescape(&quot;%u4141%u4141%u4141%u4141%u4141&quot;);
offset = 3;
s = 0x58;
mstime_malloc({shellcode:shellcode,offset:offset,heapBlockSize:s,objId:oId});
&lt;/script&gt;
</code></pre>
</div>
</div>
<div class="tags">
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
142
143
144</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/http_server/html.rb', line 142</span>
<span class='kw'>def</span> <span class='id identifier rubyid_js_mstime_malloc'>js_mstime_malloc</span>
<span class='ivar'>@cache_mstime_malloc</span> <span class='op'>||=</span> <span class='const'><span class='object_link'><a href="../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'>Exploitation</span><span class='op'>::</span><span class='const'>Js</span><span class='op'>::</span><span class='const'>Memory</span><span class='period'>.</span><span class='id identifier rubyid_mstime_malloc'>mstime_malloc</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="js_os_detect-instance_method">
#<strong>js_os_detect</strong> &#x21d2; <tt>Object</tt> <span class="extras">(protected)</span>
</h3><table class="source_code">
<tr>
<td>
<pre class="lines">
184
185
186</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/http_server/html.rb', line 184</span>
<span class='kw'>def</span> <span class='id identifier rubyid_js_os_detect'>js_os_detect</span>
<span class='ivar'>@cache_os_detect</span> <span class='op'>||=</span> <span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'>Exploitation</span><span class='op'>::</span><span class='const'>Js</span><span class='op'>::</span><span class='const'>Detect</span><span class='period'>.</span><span class='id identifier rubyid_os'>os</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="js_property_spray-instance_method">
#<strong>js_property_spray</strong> &#x21d2; <tt>Object</tt> <span class="extras">(protected)</span>
</h3><div class="docstring">
<div class="discussion">
<p>This heap spray technique takes advantage of MSHTMLs SetStringProperty (or SetProperty) function to trigger allocations by ntdll!RtlAllocateHeap. It is based on Corelans publication on “DEPS Precise Heap Spray on Firefox and IE10”. In IE, the shellcode should land at address 0x0c0d2020, as this is the most consistent location across various versions.</p>
<p>The “sprayHeap” JavaScript function supports the following arguments:</p>
<pre class="code ruby"><code class="ruby">shellcode =&gt; The shellcode to spray in JavaScript. Note: Avoid null bytes.
objId =&gt; Optional. The ID for a &lt;div&gt; HTML tag.
offset =&gt; Optional. Number of bytes to align the shellcode, default: 0x00
heapBlockSize =&gt; Optional. Allocation size, default: 0x80000
maxAllocs =&gt; Optional. Number of allocation calls, default: 0x350
</code></pre>
<p>Example of using the sprayHeap function:</p>
<pre class="code ruby"><code class="ruby">&lt;script&gt;
#{js_property_spray}
var s = unescape(&quot;%u4141%u4141%u4242%u4242%u4343%u4343%u4444%u4444&quot;);
sprayHeap({shellcode:s, heapBlockSize:0x80000});
&lt;/script&gt;
</code></pre>
</div>
</div>
<div class="tags">
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
168
169
170</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/http_server/html.rb', line 168</span>
<span class='kw'>def</span> <span class='id identifier rubyid_js_property_spray'>js_property_spray</span>
<span class='ivar'>@cache_property_spray</span> <span class='op'>||=</span> <span class='const'><span class='object_link'><a href="../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'>Exploitation</span><span class='op'>::</span><span class='const'>Js</span><span class='op'>::</span><span class='const'>Memory</span><span class='period'>.</span><span class='id identifier rubyid_property_spray'>property_spray</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="obfuscate_js-instance_method">
#<strong>obfuscate_js</strong>(javascript, opts) &#x21d2; <tt>Object</tt> <span class="extras">(protected)</span>
</h3><div class="docstring">
<div class="discussion">
<p>Obfuscates symbols found within a javascript string.</p>
<p>Returns an ObfuscateJS object</p>
</div>
</div>
<div class="tags">
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
46
47
48
49
50</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/http_server/html.rb', line 46</span>
<span class='kw'>def</span> <span class='id identifier rubyid_obfuscate_js'>obfuscate_js</span><span class='lparen'>(</span><span class='id identifier rubyid_javascript'>javascript</span><span class='comma'>,</span> <span class='id identifier rubyid_opts'>opts</span><span class='rparen'>)</span>
<span class='id identifier rubyid_js'>js</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'>Exploitation</span><span class='op'>::</span><span class='const'>ObfuscateJS</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span><span class='lparen'>(</span><span class='id identifier rubyid_javascript'>javascript</span><span class='comma'>,</span> <span class='id identifier rubyid_opts'>opts</span><span class='rparen'>)</span>
<span class='id identifier rubyid_js'>js</span><span class='period'>.</span><span class='id identifier rubyid_obfuscate'>obfuscate</span>
<span class='kw'>return</span> <span class='id identifier rubyid_js'>js</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="send_response_html-instance_method">
#<strong>send_response_html</strong>(cli, body, headers = {}) &#x21d2; <tt>Object</tt> <span class="extras">(protected)</span>
</h3><div class="docstring">
<div class="discussion">
<p>Transmits a html response to the supplied client</p>
<p>HTML evasions are implemented here.</p>
</div>
</div>
<div class="tags">
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/http_server/html.rb', line 199</span>
<span class='kw'>def</span> <span class='id identifier rubyid_send_response_html'>send_response_html</span><span class='lparen'>(</span><span class='id identifier rubyid_cli'>cli</span><span class='comma'>,</span> <span class='id identifier rubyid_body'>body</span><span class='comma'>,</span> <span class='id identifier rubyid_headers'>headers</span> <span class='op'>=</span> <span class='lbrace'>{</span><span class='rbrace'>}</span><span class='rparen'>)</span>
<span class='id identifier rubyid_body'>body</span> <span class='op'>=</span> <span class='id identifier rubyid_body'>body</span><span class='period'>.</span><span class='id identifier rubyid_to_s'>to_s</span><span class='period'>.</span><span class='id identifier rubyid_unpack'>unpack</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>C*</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span><span class='period'>.</span><span class='id identifier rubyid_pack'>pack</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>C*</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='kw'>if</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>HTML::base64</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span> <span class='op'>!=</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>none</span><span class='tstring_end'>&#39;</span></span>
<span class='kw'>case</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>HTML::base64</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span>
<span class='kw'>when</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>plain</span><span class='tstring_end'>&#39;</span></span>
<span class='id identifier rubyid_body'>body</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'>Text</span><span class='period'>.</span><span class='id identifier rubyid_encode_base64'>encode_base64</span><span class='lparen'>(</span><span class='id identifier rubyid_body'>body</span><span class='rparen'>)</span>
<span class='kw'>when</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>single_pad</span><span class='tstring_end'>&#39;</span></span>
<span class='id identifier rubyid_body'>body</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'>Text</span><span class='period'>.</span><span class='id identifier rubyid_encode_base64'>encode_base64</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'> </span><span class='tstring_end'>&#39;</span></span> <span class='op'>+</span> <span class='id identifier rubyid_body'>body</span><span class='rparen'>)</span>
<span class='kw'>when</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>double_pad</span><span class='tstring_end'>&#39;</span></span>
<span class='id identifier rubyid_body'>body</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'>Text</span><span class='period'>.</span><span class='id identifier rubyid_encode_base64'>encode_base64</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'> </span><span class='tstring_end'>&#39;</span></span> <span class='op'>+</span> <span class='id identifier rubyid_body'>body</span><span class='rparen'>)</span>
<span class='kw'>when</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>random_space_injection</span><span class='tstring_end'>&#39;</span></span>
<span class='id identifier rubyid_body'>body</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'>Text</span><span class='period'>.</span><span class='id identifier rubyid_encode_base64'>encode_base64</span><span class='lparen'>(</span><span class='id identifier rubyid_body'>body</span><span class='rparen'>)</span>
<span class='id identifier rubyid_new'>new</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_end'>&#39;</span></span>
<span class='kw'>while</span> <span class='lparen'>(</span><span class='id identifier rubyid_body'>body</span><span class='period'>.</span><span class='id identifier rubyid_size'>size</span> <span class='op'>&gt;</span> <span class='int'>0</span><span class='rparen'>)</span>
<span class='id identifier rubyid_new'>new</span> <span class='op'>&lt;&lt;</span> <span class='id identifier rubyid_body'>body</span><span class='period'>.</span><span class='id identifier rubyid_slice!'>slice!</span><span class='lparen'>(</span><span class='int'>0</span><span class='comma'>,</span> <span class='id identifier rubyid_rand'>rand</span><span class='lparen'>(</span><span class='int'>3</span><span class='rparen'>)</span> <span class='op'>+</span> <span class='int'>1</span><span class='rparen'>)</span> <span class='op'>+</span> <span class='const'><span class='object_link'><a href="../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'>Text</span><span class='period'>.</span><span class='id identifier rubyid_rand_text'>rand_text</span><span class='lparen'>(</span><span class='id identifier rubyid_rand'>rand</span><span class='lparen'>(</span><span class='int'>5</span><span class='rparen'>)</span> <span class='op'>+</span> <span class='int'>1</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'> \n</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='kw'>end</span>
<span class='id identifier rubyid_body'>body</span> <span class='op'>=</span> <span class='id identifier rubyid_new'>new</span>
<span class='kw'>end</span>
<span class='id identifier rubyid_body'>body</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>&lt;HTML&gt;&lt;BODY&gt;&lt;OBJECT ID=&quot;</span><span class='tstring_end'>&#39;</span></span> <span class='op'>+</span> <span class='const'><span class='object_link'><a href="../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'>Text</span><span class='period'>.</span><span class='id identifier rubyid_rand_text_alpha'>rand_text_alpha</span><span class='lparen'>(</span><span class='id identifier rubyid_rand'>rand</span><span class='lparen'>(</span><span class='int'>10</span><span class='rparen'>)</span><span class='op'>+</span><span class='int'>5</span><span class='rparen'>)</span> <span class='op'>+</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>&quot; </span><span class='tstring_end'>&#39;</span></span> <span class='op'>+</span>
<span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>HEIGHT=&quot;100%&quot; WIDTH=&quot;100%&quot; TYPE=&quot;text/html&quot; DATA=&quot;data:text/html;base64,</span><span class='tstring_end'>&#39;</span></span> <span class='op'>+</span>
<span class='id identifier rubyid_body'>body</span> <span class='op'>+</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>&quot;&gt;Could not render object&lt;/OBJECT&gt;&lt;/BODY&gt;&lt;/HTML&gt;</span><span class='tstring_end'>&#39;</span></span>
<span class='kw'>end</span>
<span class='kw'>if</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>HTML::javascript::escape</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span> <span class='op'>&gt;</span> <span class='int'>0</span>
<span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>HTML::javascript::escape</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_times'>times</span> <span class='lbrace'>{</span>
<span class='id identifier rubyid_body'>body</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>&lt;script&gt;document.write(unescape(&quot;</span><span class='tstring_end'>&#39;</span></span> <span class='op'>+</span> <span class='const'><span class='object_link'><a href="../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'>Text</span><span class='period'>.</span><span class='id identifier rubyid_to_hex'>to_hex</span><span class='lparen'>(</span><span class='id identifier rubyid_body'>body</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>%</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span> <span class='op'>+</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>&quot;))&lt;/script&gt;</span><span class='tstring_end'>&#39;</span></span>
<span class='rbrace'>}</span>
<span class='kw'>end</span>
<span class='kw'>if</span> <span class='lbracket'>[</span><span class='const'><span class='object_link'><a href="#UTF_16_LE-constant" title="Msf::Exploit::Remote::HttpServer::HTML::UTF_16_LE (constant)">UTF_16_LE</a></span></span><span class='comma'>,</span> <span class='const'><span class='object_link'><a href="#UTF_16_BE-constant" title="Msf::Exploit::Remote::HttpServer::HTML::UTF_16_BE (constant)">UTF_16_BE</a></span></span><span class='comma'>,</span> <span class='const'><span class='object_link'><a href="#UTF_32_LE-constant" title="Msf::Exploit::Remote::HttpServer::HTML::UTF_32_LE (constant)">UTF_32_LE</a></span></span><span class='comma'>,</span> <span class='const'><span class='object_link'><a href="#UTF_32_BE-constant" title="Msf::Exploit::Remote::HttpServer::HTML::UTF_32_BE (constant)">UTF_32_BE</a></span></span><span class='comma'>,</span> <span class='const'><span class='object_link'><a href="#UTF_7-constant" title="Msf::Exploit::Remote::HttpServer::HTML::UTF_7 (constant)">UTF_7</a></span></span><span class='comma'>,</span> <span class='const'><span class='object_link'><a href="#UTF_8-constant" title="Msf::Exploit::Remote::HttpServer::HTML::UTF_8 (constant)">UTF_8</a></span></span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_include?'>include?</span><span class='lparen'>(</span><span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>HTML::unicode</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span><span class='rparen'>)</span>
<span class='id identifier rubyid_headers'>headers</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Content-Type</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>text/html; charset= </span><span class='tstring_end'>&#39;</span></span> <span class='op'>+</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>HTML::unicode</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span>
<span class='id identifier rubyid_body'>body</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'>Text</span><span class='period'>.</span><span class='id identifier rubyid_to_unicode'>to_unicode</span><span class='lparen'>(</span><span class='id identifier rubyid_body'>body</span><span class='comma'>,</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>HTML::unicode</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span><span class='rparen'>)</span>
<span class='kw'>else</span>
<span class='comment'># special cases
</span> <span class='kw'>case</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>HTML::unicode</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span>
<span class='kw'>when</span> <span class='const'><span class='object_link'><a href="#UTF_16_BE_MARKER-constant" title="Msf::Exploit::Remote::HttpServer::HTML::UTF_16_BE_MARKER (constant)">UTF_16_BE_MARKER</a></span></span>
<span class='id identifier rubyid_headers'>headers</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Content-Type</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>text/html</span><span class='tstring_end'>&#39;</span></span>
<span class='id identifier rubyid_body'>body</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>\xFE\xFF</span><span class='tstring_end'>&quot;</span></span> <span class='op'>+</span> <span class='const'><span class='object_link'><a href="../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'>Text</span><span class='period'>.</span><span class='id identifier rubyid_to_unicode'>to_unicode</span><span class='lparen'>(</span><span class='id identifier rubyid_body'>body</span><span class='comma'>,</span> <span class='const'><span class='object_link'><a href="#UTF_16_BE-constant" title="Msf::Exploit::Remote::HttpServer::HTML::UTF_16_BE (constant)">UTF_16_BE</a></span></span><span class='rparen'>)</span>
<span class='kw'>when</span> <span class='const'><span class='object_link'><a href="#UTF_7_ALL-constant" title="Msf::Exploit::Remote::HttpServer::HTML::UTF_7_ALL (constant)">UTF_7_ALL</a></span></span>
<span class='id identifier rubyid_headers'>headers</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Content-Type</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>text/html; charset=</span><span class='embexpr_beg'>#{</span><span class='const'><span class='object_link'><a href="#UTF_7-constant" title="Msf::Exploit::Remote::HttpServer::HTML::UTF_7 (constant)">UTF_7</a></span></span><span class='embexpr_end'>}</span><span class='tstring_end'>&quot;</span></span>
<span class='id identifier rubyid_body'>body</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'>Text</span><span class='period'>.</span><span class='id identifier rubyid_to_unicode'>to_unicode</span><span class='lparen'>(</span><span class='id identifier rubyid_body'>body</span><span class='comma'>,</span> <span class='const'><span class='object_link'><a href="#UTF_7-constant" title="Msf::Exploit::Remote::HttpServer::HTML::UTF_7 (constant)">UTF_7</a></span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>all</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span>
<span class='kw'>when</span> <span class='const'><span class='object_link'><a href="#UTF_NONE-constant" title="Msf::Exploit::Remote::HttpServer::HTML::UTF_NONE (constant)">UTF_NONE</a></span></span>
<span class='comment'># do nothing
</span> <span class='kw'>else</span>
<span class='id identifier rubyid_raise'>raise</span> <span class='const'>RuntimeError</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Invalid unicode. how did you get here?</span><span class='tstring_end'>&#39;</span></span>
<span class='kw'>end</span>
<span class='kw'>end</span>
<span class='id identifier rubyid_send_response'>send_response</span><span class='lparen'>(</span><span class='id identifier rubyid_cli'>cli</span><span class='comma'>,</span> <span class='id identifier rubyid_body'>body</span><span class='comma'>,</span> <span class='id identifier rubyid_headers'>headers</span><span class='rparen'>)</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
</div>
</div>
<div id="footer">
Generated on Fri May 8 17:02:21 2026 by
<a href="https://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
0.9.37 (ruby-3.1.5).
</div>
</div>
</body>
</html>
Reference in New Issue Copy Permalink