adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
c3f5bd3de2d1affa01e2f6c2066c6bb0fc6413bc
metasploit-gs/api/Msf/Exploit/Remote/HttpServer.html
T
jenkins-metasploit c3f5bd3de2 Reboot gh-pages
2026-05-08 17:08:43 +00:00

2991 lines
161 KiB
HTML
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>
Module: Msf::Exploit::Remote::HttpServer
&mdash; Documentation by YARD 0.9.37
</title>
<link rel="stylesheet" href="../../../css/style.css" type="text/css" />
<link rel="stylesheet" href="../../../css/common.css" type="text/css" />
<script type="text/javascript">
pathId = "Msf::Exploit::Remote::HttpServer";
relpath = '../../../';
</script>
<script type="text/javascript" charset="utf-8" src="../../../js/jquery.js"></script>
<script type="text/javascript" charset="utf-8" src="../../../js/app.js"></script>
</head>
<body>
<div class="nav_wrap">
<iframe id="nav" src="../../../class_list.html?1"></iframe>
<div id="resizer"></div>
</div>
<div id="main" tabindex="-1">
<div id="header">
<div id="menu">
<a href="../../../_index.html">Index (H)</a> &raquo;
<span class='title'><span class='object_link'><a href="../../../Msf.html" title="Msf (module)">Msf</a></span></span> &raquo; <span class='title'><span class='object_link'><a href="../../Exploit.html" title="Msf::Exploit (class)">Exploit</a></span></span> &raquo; <span class='title'><span class='object_link'><a href="../Remote.html" title="Msf::Exploit::Remote (class)">Remote</a></span></span>
&raquo;
<span class="title">HttpServer</span>
</div>
<div id="search">
<a class="full_list_link" id="class_list_link"
href="../../../class_list.html">
<svg width="24" height="24">
<rect x="0" y="4" width="24" height="4" rx="1" ry="1"></rect>
<rect x="0" y="12" width="24" height="4" rx="1" ry="1"></rect>
<rect x="0" y="20" width="24" height="4" rx="1" ry="1"></rect>
</svg>
</a>
</div>
<div class="clear"></div>
</div>
<div id="content"><h1>Module: Msf::Exploit::Remote::HttpServer
</h1>
<div class="box_info">
<dl>
<dt>Includes:</dt>
<dd><span class='object_link'><a href="../../Auxiliary/Report.html" title="Msf::Auxiliary::Report (module)">Auxiliary::Report</a></span>, <span class='object_link'><a href="TcpServer.html" title="Msf::Exploit::Remote::TcpServer (module)">TcpServer</a></span></dd>
</dl>
<dl>
<dt>Included in:</dt>
<dd><span class='object_link'><a href="../CmdStager/HTTP.html" title="Msf::Exploit::CmdStager::HTTP (module)">CmdStager::HTTP</a></span>, <span class='object_link'><a href="HttpServer/BrowserExploit.html" title="Msf::Exploit::Remote::HttpServer::BrowserExploit (module)">BrowserExploit</a></span>, <span class='object_link'><a href="HttpServer/HTML.html" title="Msf::Exploit::Remote::HttpServer::HTML (module)">HTML</a></span>, <span class='object_link'><a href="HttpServer/PHPInclude.html" title="Msf::Exploit::Remote::HttpServer::PHPInclude (module)">PHPInclude</a></span>, <span class='object_link'><a href="HttpServer/Relay.html" title="Msf::Exploit::Remote::HttpServer::Relay (module)">Relay</a></span>, <span class='object_link'><a href="Java/HTTP/ClassLoader.html" title="Msf::Exploit::Remote::Java::HTTP::ClassLoader (module)">Java::HTTP::ClassLoader</a></span></dd>
</dl>
<dl>
<dt>Defined in:</dt>
<dd>lib/msf/core/exploit/remote/http_server.rb<span class="defines">,<br />
lib/msf/core/exploit/remote/http_server/relay.rb</span>
</dd>
</dl>
</div>
<h2>Overview</h2><div class="docstring">
<div class="discussion">
<p>This module provides methods for exploiting an HTTP client by acting as an HTTP server.</p>
</div>
</div>
<div class="tags">
</div><h2>Defined Under Namespace</h2>
<p class="children">
<strong class="modules">Modules:</strong> <span class='object_link'><a href="HttpServer/BrowserExploit.html" title="Msf::Exploit::Remote::HttpServer::BrowserExploit (module)">BrowserExploit</a></span>, <span class='object_link'><a href="HttpServer/HTML.html" title="Msf::Exploit::Remote::HttpServer::HTML (module)">HTML</a></span>, <span class='object_link'><a href="HttpServer/PHPInclude.html" title="Msf::Exploit::Remote::HttpServer::PHPInclude (module)">PHPInclude</a></span>, <span class='object_link'><a href="HttpServer/Relay.html" title="Msf::Exploit::Remote::HttpServer::Relay (module)">Relay</a></span>
</p>
<h2>Instance Attribute Summary</h2>
<h3 class="inherited">Attributes included from <span class='object_link'><a href="SocketServer.html" title="Msf::Exploit::Remote::SocketServer (module)">SocketServer</a></span></h3>
<p class="inherited"><span class='object_link'><a href="SocketServer.html#service-instance_method" title="Msf::Exploit::Remote::SocketServer#service (method)">#service</a></span></p>
<h2>
Instance Method Summary
<small><a href="#" class="summary_toggle">collapse</a></small>
</h2>
<ul class="summary">
<li class="public ">
<span class="summary_signature">
<a href="#add_resource-instance_method" title="#add_resource (instance method)">#<strong>add_resource</strong>(opts) &#x21d2; Object </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Adds a URI resource using the supplied hash parameters.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#add_robots_resource-instance_method" title="#add_robots_resource (instance method)">#<strong>add_robots_resource</strong> &#x21d2; Object </a>
</span>
<span class="summary_desc"><div class='inline'></div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#autofilter-instance_method" title="#autofilter (instance method)">#<strong>autofilter</strong> &#x21d2; Object </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>By default, all HTTP servers are not subject to automatic exploitation.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#check_dependencies-instance_method" title="#check_dependencies (instance method)">#<strong>check_dependencies</strong> &#x21d2; Object </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>This method gives a derived class the opportunity to ensure that all dependencies are present before initializing the service.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#cleanup-instance_method" title="#cleanup (instance method)">#<strong>cleanup</strong> &#x21d2; Object </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Take care of removing any resources that we created.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#cli-instance_method" title="#cli (instance method)">#<strong>cli</strong> &#x21d2; Object </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Thread-local client accessor.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#cli=-instance_method" title="#cli= (instance method)">#<strong>cli=</strong>(cli) &#x21d2; Object </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Thread-local client accessor.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#close_client-instance_method" title="#close_client (instance method)">#<strong>close_client</strong>(cli) &#x21d2; Object </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Closes a client connection.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#create_response-instance_method" title="#create_response (instance method)">#<strong>create_response</strong>(code = 200, message = &quot;OK&quot;, proto = Rex::Proto::Http::DefaultProtocol) &#x21d2; Object </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Creates an HTTP response packet.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#fingerprint_user_agent-instance_method" title="#fingerprint_user_agent (instance method)">#<strong>fingerprint_user_agent</strong>(ua_str) &#x21d2; Object </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Return a Hash containing a best guess at the actual browser and operating system versions, based on the User-Agent header.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#get_resource-instance_method" title="#get_resource (instance method)">#<strong>get_resource</strong> &#x21d2; Object </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Returns the last-used resource path.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#get_uri-instance_method" title="#get_uri (instance method)">#<strong>get_uri</strong>(cli = self.cli) &#x21d2; Object </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Return a full url of the form <code>http://1.1.1.1:8080/resource/</code>.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#hardcoded_uripath-instance_method" title="#hardcoded_uripath (instance method)">#<strong>hardcoded_uripath</strong>(uri) &#x21d2; void </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Set <span class='object_link'><a href="#on_request_uri-instance_method" title="Msf::Exploit::Remote::HttpServer#on_request_uri (method)">#on_request_uri</a></span> to handle the given <code>uri</code> in addition to the one specified by the developer in <a href="&#39;Path&#39;">opts</a> or by the user in URIPATH.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#initialize-instance_method" title="#initialize (instance method)">#<strong>initialize</strong>(info = {}) &#x21d2; Object </a>
</span>
<span class="summary_desc"><div class='inline'></div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#on_request_uri-instance_method" title="#on_request_uri (instance method)">#<strong>on_request_uri</strong>(cli, request) &#x21d2; Object </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Called when a request is made to a single URI registered during the start_service.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#print_prefix-instance_method" title="#print_prefix (instance method)">#<strong>print_prefix</strong> &#x21d2; Object </a>
</span>
<span class="summary_desc"><div class='inline'></div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#random_uri-instance_method" title="#random_uri (instance method)">#<strong>random_uri</strong> &#x21d2; Object </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Generates a random URI for use with making finger printing more challenging.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#regenerate_payload-instance_method" title="#regenerate_payload (instance method)">#<strong>regenerate_payload</strong>(cli, arch = nil, platform = nil, target = nil) &#x21d2; Object </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Re-generates the payload, substituting the current RHOST and RPORT with the supplied client host and port.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#remove_resource-instance_method" title="#remove_resource (instance method)">#<strong>remove_resource</strong>(name) &#x21d2; Object </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Removes a URI resource.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#report_user_agent-instance_method" title="#report_user_agent (instance method)">#<strong>report_user_agent</strong>(address, request, client_opts = {}) &#x21d2; Object </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Store the results of server-side User-Agent fingerprinting in the DB.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#resource_uri-instance_method" title="#resource_uri (instance method)">#<strong>resource_uri</strong> &#x21d2; Object </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Returns the configured (or random, if not configured) URI path.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#send_local_redirect-instance_method" title="#send_local_redirect (instance method)">#<strong>send_local_redirect</strong>(cli, location) &#x21d2; Object </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Sends a 302 redirect relative to our base path.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#send_not_found-instance_method" title="#send_not_found (instance method)">#<strong>send_not_found</strong>(cli) &#x21d2; Object </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Sends a 404.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#send_redirect-instance_method" title="#send_redirect (instance method)">#<strong>send_redirect</strong>(cli, location = &#39;/&#39;, body = &#39;&#39;, headers = {}) &#x21d2; Object </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Sends a 302 redirect to the client.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#send_response-instance_method" title="#send_response (instance method)">#<strong>send_response</strong>(cli, body, headers = {}) &#x21d2; Object </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Transmits a response to the supplied client, default content-type is text/html.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#send_robots-instance_method" title="#send_robots (instance method)">#<strong>send_robots</strong>(cli, request) &#x21d2; Object </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Sends a canned robots.txt file.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#srvhost_addr-instance_method" title="#srvhost_addr (instance method)">#<strong>srvhost_addr</strong> &#x21d2; String </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>An address to which the client can route.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#srvport-instance_method" title="#srvport (instance method)">#<strong>srvport</strong> &#x21d2; Object </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Returns the local port that is being listened on.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#start_service-instance_method" title="#start_service (instance method)">#<strong>start_service</strong>(opts = {}) &#x21d2; Object </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>:category: Exploit::Remote::TcpServer overrides.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#use_zlib-instance_method" title="#use_zlib (instance method)">#<strong>use_zlib</strong> &#x21d2; Object </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Ensures that gzip can be used.</p>
</div></span>
</li>
</ul>
<h3 class="inherited">Methods included from <span class='object_link'><a href="../../Auxiliary/Report.html" title="Msf::Auxiliary::Report (module)">Auxiliary::Report</a></span></h3>
<p class="inherited"><span class='object_link'><a href="../../Auxiliary/Report.html#active_db%3F-instance_method" title="Msf::Auxiliary::Report#active_db? (method)">#active_db?</a></span>, <span class='object_link'><a href="../../Auxiliary/Report.html#create_cracked_credential-instance_method" title="Msf::Auxiliary::Report#create_cracked_credential (method)">#create_cracked_credential</a></span>, <span class='object_link'><a href="../../Auxiliary/Report.html#create_credential-instance_method" title="Msf::Auxiliary::Report#create_credential (method)">#create_credential</a></span>, <span class='object_link'><a href="../../Auxiliary/Report.html#create_credential_and_login-instance_method" title="Msf::Auxiliary::Report#create_credential_and_login (method)">#create_credential_and_login</a></span>, <span class='object_link'><a href="../../Auxiliary/Report.html#create_credential_login-instance_method" title="Msf::Auxiliary::Report#create_credential_login (method)">#create_credential_login</a></span>, <span class='object_link'><a href="../../Auxiliary/Report.html#db-instance_method" title="Msf::Auxiliary::Report#db (method)">#db</a></span>, <span class='object_link'><a href="../../Auxiliary/Report.html#db_warning_given%3F-instance_method" title="Msf::Auxiliary::Report#db_warning_given? (method)">#db_warning_given?</a></span>, <span class='object_link'><a href="../../Auxiliary/Report.html#get_client-instance_method" title="Msf::Auxiliary::Report#get_client (method)">#get_client</a></span>, <span class='object_link'><a href="../../Auxiliary/Report.html#get_host-instance_method" title="Msf::Auxiliary::Report#get_host (method)">#get_host</a></span>, <span class='object_link'><a href="../../Auxiliary/Report.html#inside_workspace_boundary%3F-instance_method" title="Msf::Auxiliary::Report#inside_workspace_boundary? (method)">#inside_workspace_boundary?</a></span>, <span class='object_link'><a href="../../Auxiliary/Report.html#invalidate_login-instance_method" title="Msf::Auxiliary::Report#invalidate_login (method)">#invalidate_login</a></span>, <span class='object_link'><a href="../../Auxiliary/Report.html#mytask-instance_method" title="Msf::Auxiliary::Report#mytask (method)">#mytask</a></span>, <span class='object_link'><a href="../../Auxiliary/Report.html#myworkspace-instance_method" title="Msf::Auxiliary::Report#myworkspace (method)">#myworkspace</a></span>, <span class='object_link'><a href="../../Auxiliary/Report.html#myworkspace_id-instance_method" title="Msf::Auxiliary::Report#myworkspace_id (method)">#myworkspace_id</a></span>, <span class='object_link'><a href="../../Auxiliary/Report.html#report_auth_info-instance_method" title="Msf::Auxiliary::Report#report_auth_info (method)">#report_auth_info</a></span>, <span class='object_link'><a href="../../Auxiliary/Report.html#report_client-instance_method" title="Msf::Auxiliary::Report#report_client (method)">#report_client</a></span>, <span class='object_link'><a href="../../Auxiliary/Report.html#report_exploit-instance_method" title="Msf::Auxiliary::Report#report_exploit (method)">#report_exploit</a></span>, <span class='object_link'><a href="../../Auxiliary/Report.html#report_host-instance_method" title="Msf::Auxiliary::Report#report_host (method)">#report_host</a></span>, <span class='object_link'><a href="../../Auxiliary/Report.html#report_loot-instance_method" title="Msf::Auxiliary::Report#report_loot (method)">#report_loot</a></span>, <span class='object_link'><a href="../../Auxiliary/Report.html#report_note-instance_method" title="Msf::Auxiliary::Report#report_note (method)">#report_note</a></span>, <span class='object_link'><a href="../../Auxiliary/Report.html#report_service-instance_method" title="Msf::Auxiliary::Report#report_service (method)">#report_service</a></span>, <span class='object_link'><a href="../../Auxiliary/Report.html#report_vuln-instance_method" title="Msf::Auxiliary::Report#report_vuln (method)">#report_vuln</a></span>, <span class='object_link'><a href="../../Auxiliary/Report.html#report_web_form-instance_method" title="Msf::Auxiliary::Report#report_web_form (method)">#report_web_form</a></span>, <span class='object_link'><a href="../../Auxiliary/Report.html#report_web_page-instance_method" title="Msf::Auxiliary::Report#report_web_page (method)">#report_web_page</a></span>, <span class='object_link'><a href="../../Auxiliary/Report.html#report_web_site-instance_method" title="Msf::Auxiliary::Report#report_web_site (method)">#report_web_site</a></span>, <span class='object_link'><a href="../../Auxiliary/Report.html#report_web_vuln-instance_method" title="Msf::Auxiliary::Report#report_web_vuln (method)">#report_web_vuln</a></span>, <span class='object_link'><a href="../../Auxiliary/Report.html#store_cred-instance_method" title="Msf::Auxiliary::Report#store_cred (method)">#store_cred</a></span>, <span class='object_link'><a href="../../Auxiliary/Report.html#store_local-instance_method" title="Msf::Auxiliary::Report#store_local (method)">#store_local</a></span>, <span class='object_link'><a href="../../Auxiliary/Report.html#store_loot-instance_method" title="Msf::Auxiliary::Report#store_loot (method)">#store_loot</a></span></p>
<h3 class="inherited">Methods included from <span class='object_link'><a href="../../../Metasploit/Framework/Require.html" title="Metasploit::Framework::Require (module)">Metasploit::Framework::Require</a></span></h3>
<p class="inherited"><span class='object_link'><a href="../../../Metasploit/Framework/Require.html#optionally-class_method" title="Metasploit::Framework::Require.optionally (method)">optionally</a></span>, <span class='object_link'><a href="../../../Metasploit/Framework/Require.html#optionally_active_record_railtie-class_method" title="Metasploit::Framework::Require.optionally_active_record_railtie (method)">optionally_active_record_railtie</a></span>, <span class='object_link'><a href="../../../Metasploit/Framework/Require.html#optionally_include_metasploit_credential_creation-class_method" title="Metasploit::Framework::Require.optionally_include_metasploit_credential_creation (method)">optionally_include_metasploit_credential_creation</a></span>, <span class='object_link'><a href="../../../Metasploit/Framework/Require.html#optionally_include_metasploit_credential_creation-instance_method" title="Metasploit::Framework::Require#optionally_include_metasploit_credential_creation (method)">#optionally_include_metasploit_credential_creation</a></span>, <span class='object_link'><a href="../../../Metasploit/Framework/Require.html#optionally_require_metasploit_db_gem_engines-class_method" title="Metasploit::Framework::Require.optionally_require_metasploit_db_gem_engines (method)">optionally_require_metasploit_db_gem_engines</a></span></p>
<h3 class="inherited">Methods included from <span class='object_link'><a href="TcpServer.html" title="Msf::Exploit::Remote::TcpServer (module)">TcpServer</a></span></h3>
<p class="inherited"><span class='object_link'><a href="TcpServer.html#on_client_close-instance_method" title="Msf::Exploit::Remote::TcpServer#on_client_close (method)">#on_client_close</a></span>, <span class='object_link'><a href="TcpServer.html#on_client_connect-instance_method" title="Msf::Exploit::Remote::TcpServer#on_client_connect (method)">#on_client_connect</a></span>, <span class='object_link'><a href="TcpServer.html#ssl-instance_method" title="Msf::Exploit::Remote::TcpServer#ssl (method)">#ssl</a></span>, <span class='object_link'><a href="TcpServer.html#ssl_cert-instance_method" title="Msf::Exploit::Remote::TcpServer#ssl_cert (method)">#ssl_cert</a></span>, <span class='object_link'><a href="TcpServer.html#ssl_cipher-instance_method" title="Msf::Exploit::Remote::TcpServer#ssl_cipher (method)">#ssl_cipher</a></span>, <span class='object_link'><a href="TcpServer.html#ssl_compression-instance_method" title="Msf::Exploit::Remote::TcpServer#ssl_compression (method)">#ssl_compression</a></span>, <span class='object_link'><a href="TcpServer.html#ssl_version-instance_method" title="Msf::Exploit::Remote::TcpServer#ssl_version (method)">#ssl_version</a></span></p>
<h3 class="inherited">Methods included from <span class='object_link'><a href="SocketServer.html" title="Msf::Exploit::Remote::SocketServer (module)">SocketServer</a></span></h3>
<p class="inherited"><span class='object_link'><a href="SocketServer.html#_determine_server_comm-instance_method" title="Msf::Exploit::Remote::SocketServer#_determine_server_comm (method)">#_determine_server_comm</a></span>, <span class='object_link'><a href="SocketServer.html#bindhost-instance_method" title="Msf::Exploit::Remote::SocketServer#bindhost (method)">#bindhost</a></span>, <span class='object_link'><a href="SocketServer.html#bindport-instance_method" title="Msf::Exploit::Remote::SocketServer#bindport (method)">#bindport</a></span>, <span class='object_link'><a href="SocketServer.html#cleanup_service-instance_method" title="Msf::Exploit::Remote::SocketServer#cleanup_service (method)">#cleanup_service</a></span>, <span class='object_link'><a href="SocketServer.html#exploit-instance_method" title="Msf::Exploit::Remote::SocketServer#exploit (method)">#exploit</a></span>, <span class='object_link'><a href="SocketServer.html#on_client_data-instance_method" title="Msf::Exploit::Remote::SocketServer#on_client_data (method)">#on_client_data</a></span>, <span class='object_link'><a href="SocketServer.html#primer-instance_method" title="Msf::Exploit::Remote::SocketServer#primer (method)">#primer</a></span>, <span class='object_link'><a href="SocketServer.html#srvhost-instance_method" title="Msf::Exploit::Remote::SocketServer#srvhost (method)">#srvhost</a></span>, <span class='object_link'><a href="SocketServer.html#via_string-instance_method" title="Msf::Exploit::Remote::SocketServer#via_string (method)">#via_string</a></span></p>
<div id="instance_method_details" class="method_details_list">
<h2>Instance Method Details</h2>
<div class="method_details first">
<h3 class="signature first" id="add_resource-instance_method">
#<strong>add_resource</strong>(opts) &#x21d2; <tt>Object</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Adds a URI resource using the supplied hash parameters.</p>
<pre class="code ruby"><code class="ruby">Path =&gt; The path to associate the procedure with.
Proc =&gt; The procedure to call when the URI is requested.
LongCall =&gt; Indicates that the request is a long call.
</code></pre>
<p>NOTE: Calling #add_resource will change the results of subsequent calls to #get_resource!</p>
</div>
</div>
<div class="tags">
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
405
406
407
408
409
410
411
412
413
414</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/http_server.rb', line 405</span>
<span class='kw'>def</span> <span class='id identifier rubyid_add_resource'>add_resource</span><span class='lparen'>(</span><span class='id identifier rubyid_opts'>opts</span><span class='rparen'>)</span>
<span class='ivar'>@service_path</span> <span class='op'>=</span> <span class='id identifier rubyid_opts'>opts</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Path</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span>
<span class='id identifier rubyid_res'>res</span> <span class='op'>=</span> <span class='id identifier rubyid_service'>service</span><span class='period'>.</span><span class='id identifier rubyid_add_resource'>add_resource</span><span class='lparen'>(</span><span class='id identifier rubyid_opts'>opts</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Path</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span><span class='comma'>,</span> <span class='id identifier rubyid_opts'>opts</span><span class='rparen'>)</span>
<span class='comment'># This has to go *after* the call to service.add_resource in case
</span> <span class='comment'># the service manager doesn&#39;t like it for some reason and raises.
</span> <span class='ivar'>@my_resources</span><span class='period'>.</span><span class='id identifier rubyid_push'>push</span><span class='lparen'>(</span><span class='id identifier rubyid_opts'>opts</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Path</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span><span class='rparen'>)</span>
<span class='id identifier rubyid_res'>res</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="add_robots_resource-instance_method">
#<strong>add_robots_resource</strong> &#x21d2; <tt>Object</tt>
</h3><table class="source_code">
<tr>
<td>
<pre class="lines">
175
176
177
178
179
180
181
182
183
184
185
186
187</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/http_server.rb', line 175</span>
<span class='kw'>def</span> <span class='id identifier rubyid_add_robots_resource'>add_robots_resource</span>
<span class='id identifier rubyid_proc'>proc</span> <span class='op'>=</span> <span class='const'>Proc</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span> <span class='kw'>do</span> <span class='op'>|</span><span class='id identifier rubyid_cli'>cli</span><span class='comma'>,</span> <span class='id identifier rubyid_req'>req</span><span class='op'>|</span>
<span class='kw'>self</span><span class='period'>.</span><span class='id identifier rubyid_cli'>cli</span> <span class='op'>=</span> <span class='id identifier rubyid_cli'>cli</span>
<span class='id identifier rubyid_send_robots'>send_robots</span><span class='lparen'>(</span><span class='id identifier rubyid_cli'>cli</span><span class='comma'>,</span> <span class='id identifier rubyid_req'>req</span><span class='rparen'>)</span>
<span class='kw'>end</span>
<span class='id identifier rubyid_vprint_status'>vprint_status</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Adding hardcoded URI /robots.txt</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span>
<span class='kw'>begin</span>
<span class='id identifier rubyid_add_resource'>add_resource</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Path</span><span class='tstring_end'>&#39;</span></span> <span class='op'>=&gt;</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>/robots.txt</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Proc</span><span class='tstring_end'>&#39;</span></span> <span class='op'>=&gt;</span> <span class='id identifier rubyid_proc'>proc</span><span class='rparen'>)</span>
<span class='kw'>rescue</span> <span class='const'>RuntimeError</span> <span class='op'>=&gt;</span> <span class='id identifier rubyid_e'>e</span>
<span class='id identifier rubyid_print_warning'>print_warning</span><span class='lparen'>(</span><span class='id identifier rubyid_e'>e</span><span class='period'>.</span><span class='id identifier rubyid_message'>message</span><span class='rparen'>)</span>
<span class='kw'>end</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="autofilter-instance_method">
#<strong>autofilter</strong> &#x21d2; <tt>Object</tt>
</h3><div class="docstring">
<div class="discussion">
<p>By default, all HTTP servers are not subject to automatic exploitation</p>
</div>
</div>
<div class="tags">
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
56
57
58</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/http_server.rb', line 56</span>
<span class='kw'>def</span> <span class='id identifier rubyid_autofilter'>autofilter</span>
<span class='kw'>false</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="check_dependencies-instance_method">
#<strong>check_dependencies</strong> &#x21d2; <tt>Object</tt>
</h3><div class="docstring">
<div class="discussion">
<p>This method gives a derived class the opportunity to ensure that all dependencies are present before initializing the service.</p>
<p>By default, all HTTP server mixins will try to use zlib.</p>
</div>
</div>
<div class="tags">
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
100
101
102</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/http_server.rb', line 100</span>
<span class='kw'>def</span> <span class='id identifier rubyid_check_dependencies'>check_dependencies</span>
<span class='id identifier rubyid_use_zlib'>use_zlib</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="cleanup-instance_method">
#<strong>cleanup</strong> &#x21d2; <tt>Object</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Take care of removing any resources that we created</p>
</div>
</div>
<div class="tags">
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
213
214
215
216
217
218
219
220</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/http_server.rb', line 213</span>
<span class='kw'>def</span> <span class='id identifier rubyid_cleanup'>cleanup</span>
<span class='comment'># Must dup here because remove_resource modifies @my_resources
</span> <span class='ivar'>@my_resources</span><span class='period'>.</span><span class='id identifier rubyid_dup'>dup</span><span class='period'>.</span><span class='id identifier rubyid_each'>each</span> <span class='kw'>do</span> <span class='op'>|</span><span class='id identifier rubyid_resource'>resource</span><span class='op'>|</span>
<span class='id identifier rubyid_remove_resource'>remove_resource</span><span class='lparen'>(</span><span class='id identifier rubyid_resource'>resource</span><span class='rparen'>)</span>
<span class='kw'>end</span>
<span class='kw'>super</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="cli-instance_method">
#<strong>cli</strong> &#x21d2; <tt>Object</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Thread-local client accessor</p>
</div>
</div>
<div class="tags">
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
63
64
65</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/http_server.rb', line 63</span>
<span class='kw'>def</span> <span class='id identifier rubyid_cli'>cli</span>
<span class='const'>Thread</span><span class='period'>.</span><span class='id identifier rubyid_current'>current</span><span class='lbracket'>[</span><span class='symbol'>:cli</span><span class='rbracket'>]</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="cli=-instance_method">
#<strong>cli=</strong>(cli) &#x21d2; <tt>Object</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Thread-local client accessor</p>
</div>
</div>
<div class="tags">
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
70
71
72</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/http_server.rb', line 70</span>
<span class='kw'>def</span> <span class='id identifier rubyid_cli='>cli=</span><span class='lparen'>(</span><span class='id identifier rubyid_cli'>cli</span><span class='rparen'>)</span>
<span class='const'>Thread</span><span class='period'>.</span><span class='id identifier rubyid_current'>current</span><span class='lbracket'>[</span><span class='symbol'>:cli</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='id identifier rubyid_cli'>cli</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="close_client-instance_method">
#<strong>close_client</strong>(cli) &#x21d2; <tt>Object</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Closes a client connection.</p>
</div>
</div>
<div class="tags">
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
520
521
522</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/http_server.rb', line 520</span>
<span class='kw'>def</span> <span class='id identifier rubyid_close_client'>close_client</span><span class='lparen'>(</span><span class='id identifier rubyid_cli'>cli</span><span class='rparen'>)</span>
<span class='id identifier rubyid_service'>service</span><span class='period'>.</span><span class='id identifier rubyid_close_client'>close_client</span><span class='lparen'>(</span><span class='id identifier rubyid_cli'>cli</span><span class='rparen'>)</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="create_response-instance_method">
#<strong>create_response</strong>(code = 200, message = &quot;OK&quot;, proto = Rex::Proto::Http::DefaultProtocol) &#x21d2; <tt>Object</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Creates an HTTP response packet.</p>
</div>
</div>
<div class="tags">
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
527
528
529
530
531</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/http_server.rb', line 527</span>
<span class='kw'>def</span> <span class='id identifier rubyid_create_response'>create_response</span><span class='lparen'>(</span><span class='id identifier rubyid_code'>code</span> <span class='op'>=</span> <span class='int'>200</span><span class='comma'>,</span> <span class='id identifier rubyid_message'>message</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>OK</span><span class='tstring_end'>&quot;</span></span><span class='comma'>,</span> <span class='id identifier rubyid_proto'>proto</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../Rex/Proto/Http.html" title="Rex::Proto::Http (module)">Http</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../Rex/Proto/Http.html#DefaultProtocol-constant" title="Rex::Proto::Http::DefaultProtocol (constant)">DefaultProtocol</a></span></span><span class='rparen'>)</span>
<span class='id identifier rubyid_res'>res</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../Rex/Proto/Http.html" title="Rex::Proto::Http (module)">Http</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../Rex/Proto/Http/Response.html" title="Rex::Proto::Http::Response (class)">Response</a></span></span><span class='period'>.</span><span class='id identifier rubyid_new'><span class='object_link'><a href="../../../Rex/Proto/Http/Response.html#initialize-instance_method" title="Rex::Proto::Http::Response#initialize (method)">new</a></span></span><span class='lparen'>(</span><span class='id identifier rubyid_code'>code</span><span class='comma'>,</span> <span class='id identifier rubyid_message'>message</span><span class='comma'>,</span> <span class='id identifier rubyid_proto'>proto</span><span class='rparen'>)</span><span class='semicolon'>;</span>
<span class='id identifier rubyid_res'>res</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Content-Type</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>text/html</span><span class='tstring_end'>&#39;</span></span>
<span class='id identifier rubyid_res'>res</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="fingerprint_user_agent-instance_method">
#<strong>fingerprint_user_agent</strong>(ua_str) &#x21d2; <tt>Object</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Return a Hash containing a best guess at the actual browser and operating system versions, based on the User-Agent header.</p>
<p>Keys in the returned hash are similar to those expected of Report#report_client, and Msf::DBManager#report_host namely:</p>
<dl class="rdoc-list note-list"><dt><code>:ua_name</code></dt>
<dd>
<p>a brief identifier for the client, e.g. “Firefox”</p>
</dd><dt><code>:ua_ver</code></dt>
<dd>
<p>the version number of the client, e.g. “3.0.11”</p>
</dd><dt><code>:os_name</code></dt>
<dd>
<p>something like “Windows XP”, “Windows 7”, or “Linux”</p>
</dd><dt><code>:os_flavor</code></dt>
<dd>
<p>something like “Enterprise”, “Pro”, or “Home”</p>
</dd><dt><code>:os_lang</code></dt>
<dd>
<p>something like “English”, “French”, or “en-US”</p>
</dd><dt><code>:arch</code></dt>
<dd>
<p>one of the ARCH_* constants</p>
</dd></dl>
<p>Unknown values may be nil.</p>
</div>
</div>
<div class="tags">
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/http_server.rb', line 237</span>
<span class='kw'>def</span> <span class='id identifier rubyid_fingerprint_user_agent'>fingerprint_user_agent</span><span class='lparen'>(</span><span class='id identifier rubyid_ua_str'>ua_str</span><span class='rparen'>)</span>
<span class='id identifier rubyid_fp'>fp</span> <span class='op'>=</span> <span class='lbrace'>{</span> <span class='symbol'>:ua_string</span> <span class='op'>=&gt;</span> <span class='id identifier rubyid_ua_str'>ua_str</span> <span class='rbrace'>}</span>
<span class='comment'># Guess the browser type based on the user agent
</span> <span class='comment'># Check for IE last since its often impersonated
</span> <span class='kw'>case</span> <span class='lparen'>(</span><span class='id identifier rubyid_ua_str'>ua_str</span><span class='period'>.</span><span class='id identifier rubyid_downcase'>downcase</span><span class='rparen'>)</span>
<span class='comment'># Chrome tries to look like Safari, so check it first
</span> <span class='kw'>when</span> <span class='tstring'><span class='regexp_beg'>/</span><span class='tstring_content'>chrome\/(\d+(:?\.\d+)*)</span><span class='regexp_end'>/</span></span>
<span class='comment'># Matches, e.g.:
</span> <span class='comment'># Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
</span> <span class='id identifier rubyid_fp'>fp</span><span class='lbracket'>[</span><span class='symbol'>:ua_name</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="../../HttpClients.html" title="Msf::HttpClients (module)">HttpClients</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../HttpClients.html#CHROME-constant" title="Msf::HttpClients::CHROME (constant)">CHROME</a></span></span>
<span class='id identifier rubyid_fp'>fp</span><span class='lbracket'>[</span><span class='symbol'>:ua_ver</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='backref'>$1</span>
<span class='kw'>when</span> <span class='tstring'><span class='regexp_beg'>/</span><span class='tstring_content'>version\/(\d+(:?\.\d+)*)\s*safari</span><span class='regexp_end'>/</span></span>
<span class='id identifier rubyid_fp'>fp</span><span class='lbracket'>[</span><span class='symbol'>:ua_name</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="../../HttpClients.html" title="Msf::HttpClients (module)">HttpClients</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../HttpClients.html#SAFARI-constant" title="Msf::HttpClients::SAFARI (constant)">SAFARI</a></span></span>
<span class='id identifier rubyid_fp'>fp</span><span class='lbracket'>[</span><span class='symbol'>:ua_ver</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='backref'>$1</span>
<span class='kw'>when</span> <span class='tstring'><span class='regexp_beg'>/</span><span class='tstring_content'>firefox\/((:?[0-9]+\.)+[0-9]+)</span><span class='regexp_end'>/</span></span>
<span class='id identifier rubyid_fp'>fp</span><span class='lbracket'>[</span><span class='symbol'>:ua_name</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="../../HttpClients.html" title="Msf::HttpClients (module)">HttpClients</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../HttpClients.html#FF-constant" title="Msf::HttpClients::FF (constant)">FF</a></span></span>
<span class='id identifier rubyid_fp'>fp</span><span class='lbracket'>[</span><span class='symbol'>:ua_ver</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='backref'>$1</span>
<span class='kw'>when</span> <span class='tstring'><span class='regexp_beg'>/</span><span class='tstring_content'>opera\/(\d+(:?\.\d+)*)</span><span class='regexp_end'>/</span></span>
<span class='id identifier rubyid_fp'>fp</span><span class='lbracket'>[</span><span class='symbol'>:ua_name</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="../../HttpClients.html" title="Msf::HttpClients (module)">HttpClients</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../HttpClients.html#OPERA-constant" title="Msf::HttpClients::OPERA (constant)">OPERA</a></span></span>
<span class='id identifier rubyid_fp'>fp</span><span class='lbracket'>[</span><span class='symbol'>:ua_ver</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='backref'>$1</span>
<span class='kw'>when</span> <span class='tstring'><span class='regexp_beg'>/</span><span class='tstring_content'>mozilla\/[0-9]+\.[0-9] \(compatible; msie ([0-9]+\.[0-9]+)</span><span class='regexp_end'>/i</span></span><span class='comma'>,</span> <span class='tstring'><span class='regexp_beg'>/</span><span class='tstring_content'>mozilla\/[0-9]+\.[0-9] \(.+ rv:([0-9]+\.[0-9])\)</span><span class='regexp_end'>/i</span></span>
<span class='id identifier rubyid_fp'>fp</span><span class='lbracket'>[</span><span class='symbol'>:ua_name</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="../../HttpClients.html" title="Msf::HttpClients (module)">HttpClients</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../HttpClients.html#IE-constant" title="Msf::HttpClients::IE (constant)">IE</a></span></span>
<span class='id identifier rubyid_fp'>fp</span><span class='lbracket'>[</span><span class='symbol'>:ua_ver</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='backref'>$1</span>
<span class='kw'>when</span> <span class='tstring'><span class='regexp_beg'>/</span><span class='tstring_content'>git\/([0-9]+(\.[0-9]+)+)</span><span class='regexp_end'>/</span></span>
<span class='id identifier rubyid_fp'>fp</span><span class='lbracket'>[</span><span class='symbol'>:ua_name</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="../../HttpClients.html" title="Msf::HttpClients (module)">HttpClients</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../HttpClients.html#GIT-constant" title="Msf::HttpClients::GIT (constant)">GIT</a></span></span>
<span class='id identifier rubyid_fp'>fp</span><span class='lbracket'>[</span><span class='symbol'>:ua_ver</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='backref'>$1</span>
<span class='kw'>when</span> <span class='tstring'><span class='regexp_beg'>/</span><span class='tstring_content'>git-lfs\/([0-9]+(\.[0-9]+)+)</span><span class='regexp_end'>/</span></span>
<span class='id identifier rubyid_fp'>fp</span><span class='lbracket'>[</span><span class='symbol'>:ua_name</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="../../HttpClients.html" title="Msf::HttpClients (module)">HttpClients</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../HttpClients.html#GIT_LFS-constant" title="Msf::HttpClients::GIT_LFS (constant)">GIT_LFS</a></span></span>
<span class='id identifier rubyid_fp'>fp</span><span class='lbracket'>[</span><span class='symbol'>:ua_ver</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='backref'>$1</span>
<span class='kw'>else</span>
<span class='id identifier rubyid_fp'>fp</span><span class='lbracket'>[</span><span class='symbol'>:ua_name</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="../../HttpClients.html" title="Msf::HttpClients (module)">HttpClients</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../HttpClients.html#UNKNOWN-constant" title="Msf::HttpClients::UNKNOWN (constant)">UNKNOWN</a></span></span>
<span class='kw'>end</span>
<span class='comment'># Guess the language
</span> <span class='kw'>case</span> <span class='lparen'>(</span><span class='id identifier rubyid_ua_str'>ua_str</span><span class='period'>.</span><span class='id identifier rubyid_downcase'>downcase</span><span class='rparen'>)</span>
<span class='kw'>when</span> <span class='tstring'><span class='regexp_beg'>/</span><span class='tstring_content'>(en-us|en-gb)</span><span class='regexp_end'>/</span></span>
<span class='id identifier rubyid_fp'>fp</span><span class='lbracket'>[</span><span class='symbol'>:os_lang</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='backref'>$1</span>
<span class='kw'>end</span>
<span class='comment'># Guess the general OS type
</span> <span class='kw'>case</span> <span class='lparen'>(</span><span class='id identifier rubyid_ua_str'>ua_str</span><span class='period'>.</span><span class='id identifier rubyid_downcase'>downcase</span><span class='rparen'>)</span>
<span class='kw'>when</span> <span class='tstring'><span class='regexp_beg'>/</span><span class='tstring_content'>windows|win32</span><span class='regexp_end'>/</span></span>
<span class='id identifier rubyid_fp'>fp</span><span class='lbracket'>[</span><span class='symbol'>:os_name</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="../../OperatingSystems.html" title="Msf::OperatingSystems (module)">OperatingSystems</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../OperatingSystems.html#WINDOWS-constant" title="Msf::OperatingSystems::WINDOWS (constant)">WINDOWS</a></span></span>
<span class='id identifier rubyid_fp'>fp</span><span class='lbracket'>[</span><span class='symbol'>:arch</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='const'>ARCH_X86</span>
<span class='kw'>when</span> <span class='tstring'><span class='regexp_beg'>/</span><span class='tstring_content'>linux</span><span class='regexp_end'>/</span></span>
<span class='id identifier rubyid_fp'>fp</span><span class='lbracket'>[</span><span class='symbol'>:os_name</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="../../OperatingSystems.html" title="Msf::OperatingSystems (module)">OperatingSystems</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../OperatingSystems.html#LINUX-constant" title="Msf::OperatingSystems::LINUX (constant)">LINUX</a></span></span>
<span class='kw'>when</span> <span class='tstring'><span class='regexp_beg'>/</span><span class='tstring_content'>iphone|ipad</span><span class='regexp_end'>/</span></span>
<span class='id identifier rubyid_fp'>fp</span><span class='lbracket'>[</span><span class='symbol'>:os_name</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="../../OperatingSystems.html" title="Msf::OperatingSystems (module)">OperatingSystems</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../OperatingSystems.html#APPLE_IOS-constant" title="Msf::OperatingSystems::APPLE_IOS (constant)">APPLE_IOS</a></span></span>
<span class='id identifier rubyid_fp'>fp</span><span class='lbracket'>[</span><span class='symbol'>:arch</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>armle</span><span class='tstring_end'>&#39;</span></span>
<span class='kw'>when</span> <span class='tstring'><span class='regexp_beg'>/</span><span class='tstring_content'>mac os x</span><span class='regexp_end'>/</span></span>
<span class='id identifier rubyid_fp'>fp</span><span class='lbracket'>[</span><span class='symbol'>:os_name</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="../../OperatingSystems.html" title="Msf::OperatingSystems (module)">OperatingSystems</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../OperatingSystems.html#MAC_OSX-constant" title="Msf::OperatingSystems::MAC_OSX (constant)">MAC_OSX</a></span></span>
<span class='kw'>else</span>
<span class='id identifier rubyid_fp'>fp</span><span class='lbracket'>[</span><span class='symbol'>:os_name</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="../../OperatingSystems.html" title="Msf::OperatingSystems (module)">OperatingSystems</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../OperatingSystems.html#UNKNOWN-constant" title="Msf::OperatingSystems::UNKNOWN (constant)">UNKNOWN</a></span></span>
<span class='kw'>end</span>
<span class='comment'># Determine the specific OS variant
</span>
<span class='comment'># Note that we assume windows variants are the
</span> <span class='comment'># client version and mismatch server editions.
</span>
<span class='kw'>case</span> <span class='lparen'>(</span><span class='id identifier rubyid_ua_str'>ua_str</span><span class='period'>.</span><span class='id identifier rubyid_downcase'>downcase</span><span class='rparen'>)</span>
<span class='kw'>when</span> <span class='tstring'><span class='regexp_beg'>/</span><span class='tstring_content'>windows 95</span><span class='regexp_end'>/</span></span>
<span class='id identifier rubyid_fp'>fp</span><span class='lbracket'>[</span><span class='symbol'>:os_name</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Windows 95</span><span class='tstring_end'>&#39;</span></span>
<span class='kw'>when</span> <span class='tstring'><span class='regexp_beg'>/</span><span class='tstring_content'>windows 98</span><span class='regexp_end'>/</span></span>
<span class='id identifier rubyid_fp'>fp</span><span class='lbracket'>[</span><span class='symbol'>:os_name</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Windows 98</span><span class='tstring_end'>&#39;</span></span>
<span class='kw'>when</span> <span class='tstring'><span class='regexp_beg'>/</span><span class='tstring_content'>windows nt 4</span><span class='regexp_end'>/</span></span>
<span class='id identifier rubyid_fp'>fp</span><span class='lbracket'>[</span><span class='symbol'>:os_name</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Windows NT</span><span class='tstring_end'>&#39;</span></span>
<span class='kw'>when</span> <span class='tstring'><span class='regexp_beg'>/</span><span class='tstring_content'>windows nt 5.0</span><span class='regexp_end'>/</span></span>
<span class='id identifier rubyid_fp'>fp</span><span class='lbracket'>[</span><span class='symbol'>:os_name</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Windows 2000</span><span class='tstring_end'>&#39;</span></span>
<span class='kw'>when</span> <span class='tstring'><span class='regexp_beg'>/</span><span class='tstring_content'>windows nt 5.1</span><span class='regexp_end'>/</span></span>
<span class='id identifier rubyid_fp'>fp</span><span class='lbracket'>[</span><span class='symbol'>:os_name</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Windows XP</span><span class='tstring_end'>&#39;</span></span>
<span class='kw'>when</span> <span class='tstring'><span class='regexp_beg'>/</span><span class='tstring_content'>windows nt 5.2</span><span class='regexp_end'>/</span></span>
<span class='id identifier rubyid_fp'>fp</span><span class='lbracket'>[</span><span class='symbol'>:os_name</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Windows 2003</span><span class='tstring_end'>&#39;</span></span>
<span class='kw'>when</span> <span class='tstring'><span class='regexp_beg'>/</span><span class='tstring_content'>windows nt 6.0</span><span class='regexp_end'>/</span></span>
<span class='id identifier rubyid_fp'>fp</span><span class='lbracket'>[</span><span class='symbol'>:os_name</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Windows Vista</span><span class='tstring_end'>&#39;</span></span>
<span class='kw'>when</span> <span class='tstring'><span class='regexp_beg'>/</span><span class='tstring_content'>windows nt 6.1</span><span class='regexp_end'>/</span></span>
<span class='id identifier rubyid_fp'>fp</span><span class='lbracket'>[</span><span class='symbol'>:os_name</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Windows 7</span><span class='tstring_end'>&#39;</span></span>
<span class='kw'>when</span> <span class='tstring'><span class='regexp_beg'>/</span><span class='tstring_content'>windows nt 6.2</span><span class='regexp_end'>/</span></span>
<span class='id identifier rubyid_fp'>fp</span><span class='lbracket'>[</span><span class='symbol'>:os_name</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Windows 8</span><span class='tstring_end'>&#39;</span></span>
<span class='kw'>when</span> <span class='tstring'><span class='regexp_beg'>/</span><span class='tstring_content'>windows nt 6.3</span><span class='regexp_end'>/</span></span>
<span class='id identifier rubyid_fp'>fp</span><span class='lbracket'>[</span><span class='symbol'>:os_name</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Windows 8.1</span><span class='tstring_end'>&#39;</span></span>
<span class='kw'>when</span> <span class='tstring'><span class='regexp_beg'>/</span><span class='tstring_content'>gentoo</span><span class='regexp_end'>/</span></span>
<span class='id identifier rubyid_fp'>fp</span><span class='lbracket'>[</span><span class='symbol'>:os_vendor</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Gentoo</span><span class='tstring_end'>&#39;</span></span>
<span class='kw'>when</span> <span class='tstring'><span class='regexp_beg'>/</span><span class='tstring_content'>debian</span><span class='regexp_end'>/</span></span>
<span class='id identifier rubyid_fp'>fp</span><span class='lbracket'>[</span><span class='symbol'>:os_vendor</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Debian</span><span class='tstring_end'>&#39;</span></span>
<span class='kw'>when</span> <span class='tstring'><span class='regexp_beg'>/</span><span class='tstring_content'>ubuntu</span><span class='regexp_end'>/</span></span>
<span class='id identifier rubyid_fp'>fp</span><span class='lbracket'>[</span><span class='symbol'>:os_vendor</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Ubuntu</span><span class='tstring_end'>&#39;</span></span>
<span class='kw'>when</span> <span class='tstring'><span class='regexp_beg'>/</span><span class='tstring_content'>fedora</span><span class='regexp_end'>/</span></span>
<span class='id identifier rubyid_fp'>fp</span><span class='lbracket'>[</span><span class='symbol'>:os_vendor</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Fedora</span><span class='tstring_end'>&#39;</span></span>
<span class='kw'>when</span> <span class='tstring'><span class='regexp_beg'>/</span><span class='tstring_content'>red hat|rhel</span><span class='regexp_end'>/</span></span>
<span class='id identifier rubyid_fp'>fp</span><span class='lbracket'>[</span><span class='symbol'>:os_vendor</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>RHEL</span><span class='tstring_end'>&#39;</span></span>
<span class='kw'>when</span> <span class='tstring'><span class='regexp_beg'>/</span><span class='tstring_content'>android</span><span class='regexp_end'>/</span></span>
<span class='id identifier rubyid_fp'>fp</span><span class='lbracket'>[</span><span class='symbol'>:os_name</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="../../OperatingSystems.html" title="Msf::OperatingSystems (module)">OperatingSystems</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../OperatingSystems.html#ANDROID-constant" title="Msf::OperatingSystems::ANDROID (constant)">ANDROID</a></span></span>
<span class='kw'>end</span>
<span class='comment'># Guess the architecture
</span> <span class='kw'>case</span> <span class='lparen'>(</span><span class='id identifier rubyid_ua_str'>ua_str</span><span class='period'>.</span><span class='id identifier rubyid_downcase'>downcase</span><span class='rparen'>)</span>
<span class='kw'>when</span> <span class='tstring'><span class='regexp_beg'>/</span><span class='tstring_content'>ppc</span><span class='regexp_end'>/</span></span>
<span class='id identifier rubyid_fp'>fp</span><span class='lbracket'>[</span><span class='symbol'>:arch</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='const'>ARCH_PPC</span>
<span class='kw'>when</span> <span class='tstring'><span class='regexp_beg'>/</span><span class='tstring_content'>x64|x86_64</span><span class='regexp_end'>/</span></span>
<span class='id identifier rubyid_fp'>fp</span><span class='lbracket'>[</span><span class='symbol'>:arch</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='const'>ARCH_X64</span>
<span class='kw'>when</span> <span class='tstring'><span class='regexp_beg'>/</span><span class='tstring_content'>i.86|wow64</span><span class='regexp_end'>/</span></span>
<span class='comment'># WOW64 means &quot;Windows on Windows64&quot; and is present
</span> <span class='comment'># in the useragent of 32-bit IE running on 64-bit
</span> <span class='comment'># Windows
</span> <span class='id identifier rubyid_fp'>fp</span><span class='lbracket'>[</span><span class='symbol'>:arch</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='const'>ARCH_X86</span>
<span class='kw'>when</span> <span class='tstring'><span class='regexp_beg'>/</span><span class='tstring_content'>android|iphone|ipod|ipad</span><span class='regexp_end'>/</span></span>
<span class='id identifier rubyid_fp'>fp</span><span class='lbracket'>[</span><span class='symbol'>:arch</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='const'>ARCH_ARMLE</span>
<span class='kw'>else</span>
<span class='id identifier rubyid_fp'>fp</span><span class='lbracket'>[</span><span class='symbol'>:arch</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='const'>ARCH_X86</span>
<span class='kw'>end</span>
<span class='id identifier rubyid_fp'>fp</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="get_resource-instance_method">
#<strong>get_resource</strong> &#x21d2; <tt>Object</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Returns the last-used resource path</p>
</div>
</div>
<div class="tags">
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
419
420
421
422
423</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/http_server.rb', line 419</span>
<span class='kw'>def</span> <span class='id identifier rubyid_get_resource'>get_resource</span>
<span class='comment'># We don&#39;t want modules modifying their service_path inadvertently, so
</span> <span class='comment'># give them a dup. Can be nil during module setup.
</span> <span class='ivar'>@service_path</span> <span class='op'>?</span> <span class='ivar'>@service_path</span><span class='period'>.</span><span class='id identifier rubyid_dup'>dup</span> <span class='op'>:</span> <span class='kw'>nil</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="get_uri-instance_method">
#<strong>get_uri</strong>(cli = self.cli) &#x21d2; <tt>Object</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Return a full url of the form <code>http://1.1.1.1:8080/resource/</code></p>
<p>The address portion should be something a client would be able to route, but see <span class='object_link'><a href="#srvhost_addr-instance_method" title="Msf::Exploit::Remote::HttpServer#srvhost_addr (method)">#srvhost_addr</a></span> for caveats.</p>
</div>
</div>
<div class="tags">
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/http_server.rb', line 431</span>
<span class='kw'>def</span> <span class='id identifier rubyid_get_uri'>get_uri</span><span class='lparen'>(</span><span class='id identifier rubyid_cli'>cli</span><span class='op'>=</span><span class='kw'>self</span><span class='period'>.</span><span class='id identifier rubyid_cli'>cli</span><span class='rparen'>)</span>
<span class='id identifier rubyid_resource'>resource</span> <span class='op'>=</span> <span class='id identifier rubyid_get_resource'>get_resource</span>
<span class='comment'># The resource won&#39;t exist until the server is started
</span> <span class='kw'>return</span> <span class='kw'>unless</span> <span class='id identifier rubyid_resource'>resource</span>
<span class='id identifier rubyid_is_ssl'>is_ssl</span> <span class='op'>=</span> <span class='op'>!</span><span class='op'>!</span><span class='id identifier rubyid_http_server_ssl'>http_server_ssl</span>
<span class='id identifier rubyid_proto'>proto</span> <span class='op'>=</span> <span class='lparen'>(</span><span class='id identifier rubyid_is_ssl'>is_ssl</span> <span class='op'>?</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>https://</span><span class='tstring_end'>&quot;</span></span> <span class='op'>:</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>http://</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='kw'>if</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>URIHOST</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span>
<span class='id identifier rubyid_host'>host</span> <span class='op'>=</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>URIHOST</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span>
<span class='kw'>elsif</span> <span class='lparen'>(</span><span class='id identifier rubyid_cli'>cli</span> <span class='kw'>and</span> <span class='id identifier rubyid_cli'>cli</span><span class='period'>.</span><span class='id identifier rubyid_peerhost'>peerhost</span><span class='rparen'>)</span>
<span class='id identifier rubyid_host'>host</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'>Socket</span><span class='period'>.</span><span class='id identifier rubyid_source_address'>source_address</span><span class='lparen'>(</span><span class='id identifier rubyid_cli'>cli</span><span class='period'>.</span><span class='id identifier rubyid_peerhost'>peerhost</span><span class='rparen'>)</span>
<span class='kw'>else</span>
<span class='id identifier rubyid_host'>host</span> <span class='op'>=</span> <span class='id identifier rubyid_srvhost_addr'>srvhost_addr</span>
<span class='kw'>end</span>
<span class='kw'>if</span> <span class='const'><span class='object_link'><a href="../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'>Socket</span><span class='period'>.</span><span class='id identifier rubyid_is_ipv6?'>is_ipv6?</span><span class='lparen'>(</span><span class='id identifier rubyid_host'>host</span><span class='rparen'>)</span>
<span class='id identifier rubyid_host'>host</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>[</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_host'>host</span><span class='embexpr_end'>}</span><span class='tstring_content'>]</span><span class='tstring_end'>&quot;</span></span>
<span class='kw'>end</span>
<span class='kw'>if</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>URIPORT</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span> <span class='op'>&amp;&amp;</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>URIPORT</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span> <span class='op'>!=</span> <span class='int'>0</span>
<span class='id identifier rubyid_port'>port</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>:</span><span class='tstring_end'>&#39;</span></span> <span class='op'>+</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>URIPORT</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_to_s'>to_s</span>
<span class='kw'>elsif</span> <span class='lparen'>(</span><span class='id identifier rubyid_is_ssl'>is_ssl</span> <span class='kw'>and</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>SRVPORT</span><span class='tstring_end'>&quot;</span></span><span class='rbracket'>]</span> <span class='op'>==</span> <span class='int'>443</span><span class='rparen'>)</span>
<span class='id identifier rubyid_port'>port</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_end'>&#39;</span></span>
<span class='kw'>elsif</span> <span class='lparen'>(</span><span class='op'>!</span><span class='id identifier rubyid_is_ssl'>is_ssl</span> <span class='kw'>and</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>SRVPORT</span><span class='tstring_end'>&quot;</span></span><span class='rbracket'>]</span> <span class='op'>==</span> <span class='int'>80</span><span class='rparen'>)</span>
<span class='id identifier rubyid_port'>port</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_end'>&#39;</span></span>
<span class='kw'>else</span>
<span class='id identifier rubyid_port'>port</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>:</span><span class='tstring_end'>&quot;</span></span> <span class='op'>+</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>SRVPORT</span><span class='tstring_end'>&quot;</span></span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_to_s'>to_s</span>
<span class='kw'>end</span>
<span class='id identifier rubyid_uri'><span class='object_link'><a href="../../../top-level-namespace.html#uri-instance_method" title="#uri (method)">uri</a></span></span> <span class='op'>=</span> <span class='id identifier rubyid_proto'>proto</span> <span class='op'>+</span> <span class='id identifier rubyid_host'>host</span> <span class='op'>+</span> <span class='id identifier rubyid_port'>port</span> <span class='op'>+</span> <span class='id identifier rubyid_resource'>resource</span>
<span class='id identifier rubyid_uri'><span class='object_link'><a href="../../../top-level-namespace.html#uri-instance_method" title="#uri (method)">uri</a></span></span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="hardcoded_uripath-instance_method">
#<strong>hardcoded_uripath</strong>(uri) &#x21d2; <tt>void</tt>
</h3><div class="docstring">
<div class="discussion">
<div class="note notetag">
<strong>Note:</strong>
<div class='inline'>
<p>This MUST be called from <span class='object_link'><a href="SocketServer.html#primer-instance_method" title="Msf::Exploit::Remote::SocketServer#primer (method)">SocketServer#primer</a></span> so that the service has been set</p>
</div>
</div>
<p class="note returns_void">This method returns an undefined value.</p>
<p>Set <span class='object_link'><a href="#on_request_uri-instance_method" title="Msf::Exploit::Remote::HttpServer#on_request_uri (method)">#on_request_uri</a></span> to handle the given <code>uri</code> in addition to the one specified by the developer in <a href="&#39;Path&#39;">opts</a> or by the user in URIPATH.</p>
<p>up but we have not yet entered the listen/accept loop.</p>
</div>
</div>
<div class="tags">
<p class="tag_title">Parameters:</p>
<ul class="param">
<li>
<span class='name'>uri</span>
<span class='type'>(<tt>String</tt>)</span>
&mdash;
<div class='inline'>
<p>The resource URI that should be handled by <span class='object_link'><a href="#on_request_uri-instance_method" title="Msf::Exploit::Remote::HttpServer#on_request_uri (method)">#on_request_uri</a></span>.</p>
</div>
</li>
</ul>
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
198
199
200
201
202
203
204
205
206
207
208
209
210</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/http_server.rb', line 198</span>
<span class='kw'>def</span> <span class='id identifier rubyid_hardcoded_uripath'>hardcoded_uripath</span><span class='lparen'>(</span><span class='id identifier rubyid_uri'><span class='object_link'><a href="../../../top-level-namespace.html#uri-instance_method" title="#uri (method)">uri</a></span></span><span class='rparen'>)</span>
<span class='id identifier rubyid_proc'>proc</span> <span class='op'>=</span> <span class='const'>Proc</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span> <span class='kw'>do</span> <span class='op'>|</span><span class='id identifier rubyid_cli'>cli</span><span class='comma'>,</span> <span class='id identifier rubyid_req'>req</span><span class='op'>|</span>
<span class='id identifier rubyid_on_request_uri'>on_request_uri</span><span class='lparen'>(</span><span class='id identifier rubyid_cli'>cli</span><span class='comma'>,</span> <span class='id identifier rubyid_req'>req</span><span class='rparen'>)</span>
<span class='kw'>end</span>
<span class='id identifier rubyid_vprint_status'>vprint_status</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Adding hardcoded uri </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_uri'><span class='object_link'><a href="../../../top-level-namespace.html#uri-instance_method" title="#uri (method)">uri</a></span></span><span class='embexpr_end'>}</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='kw'>begin</span>
<span class='id identifier rubyid_add_resource'>add_resource</span><span class='lparen'>(</span><span class='lbrace'>{</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Path</span><span class='tstring_end'>&#39;</span></span> <span class='op'>=&gt;</span> <span class='id identifier rubyid_uri'><span class='object_link'><a href="../../../top-level-namespace.html#uri-instance_method" title="#uri (method)">uri</a></span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Proc</span><span class='tstring_end'>&#39;</span></span> <span class='op'>=&gt;</span> <span class='id identifier rubyid_proc'>proc</span><span class='rbrace'>}</span><span class='rparen'>)</span>
<span class='kw'>rescue</span> <span class='const'>RuntimeError</span> <span class='op'>=&gt;</span> <span class='id identifier rubyid_e'>e</span>
<span class='id identifier rubyid_print_error'>print_error</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>This module requires a hardcoded uri at </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_uri'><span class='object_link'><a href="../../../top-level-namespace.html#uri-instance_method" title="#uri (method)">uri</a></span></span><span class='embexpr_end'>}</span><span class='tstring_content'>. Can&#39;t run while other modules are using it.</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='id identifier rubyid_raise'>raise</span> <span class='id identifier rubyid_e'>e</span>
<span class='kw'>end</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="initialize-instance_method">
#<strong>initialize</strong>(info = {}) &#x21d2; <tt>Object</tt>
</h3><table class="source_code">
<tr>
<td>
<pre class="lines">
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/http_server.rb', line 21</span>
<span class='kw'>def</span> <span class='id identifier rubyid_initialize'>initialize</span><span class='lparen'>(</span><span class='id identifier rubyid_info'>info</span> <span class='op'>=</span> <span class='lbrace'>{</span><span class='rbrace'>}</span><span class='rparen'>)</span>
<span class='kw'>super</span>
<span class='id identifier rubyid_register_options'>register_options</span><span class='lparen'>(</span>
<span class='lbracket'>[</span>
<span class='const'><span class='object_link'><a href="../../OptString.html" title="Msf::OptString (class)">OptString</a></span></span><span class='period'>.</span><span class='id identifier rubyid_new'><span class='object_link'><a href="../../OptString.html#initialize-instance_method" title="Msf::OptString#initialize (method)">new</a></span></span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>URIPATH</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='lbracket'>[</span> <span class='kw'>false</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>The URI to use for this exploit (default is random)</span><span class='tstring_end'>&quot;</span></span><span class='rbracket'>]</span><span class='rparen'>)</span><span class='comma'>,</span>
<span class='rbracket'>]</span><span class='comma'>,</span> <span class='const'><span class='object_link'><a href="../../Exploit.html" title="Msf::Exploit (class)">Exploit</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../Remote.html" title="Msf::Exploit::Remote (class)">Remote</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="" title="Msf::Exploit::Remote::HttpServer (module)">HttpServer</a></span></span>
<span class='rparen'>)</span>
<span class='id identifier rubyid_register_evasion_options'>register_evasion_options</span><span class='lparen'>(</span>
<span class='lbracket'>[</span>
<span class='const'><span class='object_link'><a href="../../OptBool.html" title="Msf::OptBool (class)">OptBool</a></span></span><span class='period'>.</span><span class='id identifier rubyid_new'><span class='object_link'><a href="../../OptBool.html#initialize-instance_method" title="Msf::OptBool#initialize (method)">new</a></span></span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>HTTP::no_cache</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='lbracket'>[</span><span class='kw'>false</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Disallow the browser to cache HTTP content</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='kw'>false</span><span class='rbracket'>]</span><span class='rparen'>)</span><span class='comma'>,</span>
<span class='const'><span class='object_link'><a href="../../OptBool.html" title="Msf::OptBool (class)">OptBool</a></span></span><span class='period'>.</span><span class='id identifier rubyid_new'><span class='object_link'><a href="../../OptBool.html#initialize-instance_method" title="Msf::OptBool#initialize (method)">new</a></span></span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>HTTP::chunked</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='lbracket'>[</span><span class='kw'>false</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Enable chunking of HTTP responses via &quot;Transfer-Encoding: chunked&quot;</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='kw'>false</span><span class='rbracket'>]</span><span class='rparen'>)</span><span class='comma'>,</span>
<span class='const'><span class='object_link'><a href="../../OptBool.html" title="Msf::OptBool (class)">OptBool</a></span></span><span class='period'>.</span><span class='id identifier rubyid_new'><span class='object_link'><a href="../../OptBool.html#initialize-instance_method" title="Msf::OptBool#initialize (method)">new</a></span></span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>HTTP::header_folding</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='lbracket'>[</span><span class='kw'>false</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Enable folding of HTTP headers</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='kw'>false</span><span class='rbracket'>]</span><span class='rparen'>)</span><span class='comma'>,</span>
<span class='const'><span class='object_link'><a href="../../OptBool.html" title="Msf::OptBool (class)">OptBool</a></span></span><span class='period'>.</span><span class='id identifier rubyid_new'><span class='object_link'><a href="../../OptBool.html#initialize-instance_method" title="Msf::OptBool#initialize (method)">new</a></span></span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>HTTP::junk_headers</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='lbracket'>[</span><span class='kw'>false</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Enable insertion of random junk HTTP headers</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='kw'>false</span><span class='rbracket'>]</span><span class='rparen'>)</span><span class='comma'>,</span>
<span class='const'><span class='object_link'><a href="../../OptEnum.html" title="Msf::OptEnum (class)">OptEnum</a></span></span><span class='period'>.</span><span class='id identifier rubyid_new'><span class='object_link'><a href="../../OptEnum.html#initialize-instance_method" title="Msf::OptEnum#initialize (method)">new</a></span></span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>HTTP::compression</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='lbracket'>[</span><span class='kw'>false</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Enable compression of HTTP responses via content encoding</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>none</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>none</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>gzip</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>deflate</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span><span class='rbracket'>]</span><span class='rparen'>)</span><span class='comma'>,</span>
<span class='const'><span class='object_link'><a href="../../OptString.html" title="Msf::OptString (class)">OptString</a></span></span><span class='period'>.</span><span class='id identifier rubyid_new'><span class='object_link'><a href="../../OptString.html#initialize-instance_method" title="Msf::OptString#initialize (method)">new</a></span></span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>HTTP::server_name</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='lbracket'>[</span><span class='kw'>true</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Configures the Server header of all outgoing replies</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Apache</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span><span class='rparen'>)</span>
<span class='rbracket'>]</span><span class='comma'>,</span> <span class='const'><span class='object_link'><a href="../../Exploit.html" title="Msf::Exploit (class)">Exploit</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../Remote.html" title="Msf::Exploit::Remote (class)">Remote</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="" title="Msf::Exploit::Remote::HttpServer (module)">HttpServer</a></span></span>
<span class='rparen'>)</span>
<span class='id identifier rubyid_register_advanced_options'>register_advanced_options</span><span class='lparen'>(</span><span class='lbracket'>[</span>
<span class='const'><span class='object_link'><a href="../../OptAddress.html" title="Msf::OptAddress (class)">OptAddress</a></span></span><span class='period'>.</span><span class='id identifier rubyid_new'><span class='object_link'><a href="../../OptBase.html#initialize-instance_method" title="Msf::OptBase#initialize (method)">new</a></span></span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>URIHOST</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='lbracket'>[</span><span class='kw'>false</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Host to use in URI (useful for tunnels)</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span><span class='rparen'>)</span><span class='comma'>,</span>
<span class='const'><span class='object_link'><a href="../../OptPort.html" title="Msf::OptPort (class)">OptPort</a></span></span><span class='period'>.</span><span class='id identifier rubyid_new'><span class='object_link'><a href="../../OptBase.html#initialize-instance_method" title="Msf::OptBase#initialize (method)">new</a></span></span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>URIPORT</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='lbracket'>[</span><span class='kw'>false</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Port to use in URI (useful for tunnels)</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span><span class='rparen'>)</span><span class='comma'>,</span>
<span class='const'><span class='object_link'><a href="../../OptBool.html" title="Msf::OptBool (class)">OptBool</a></span></span><span class='period'>.</span><span class='id identifier rubyid_new'><span class='object_link'><a href="../../OptBool.html#initialize-instance_method" title="Msf::OptBool#initialize (method)">new</a></span></span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>SendRobots</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='lbracket'>[</span><span class='kw'>false</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Return a robots.txt file if asked for one</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='kw'>false</span><span class='rbracket'>]</span><span class='rparen'>)</span>
<span class='rbracket'>]</span><span class='rparen'>)</span>
<span class='comment'># Used to keep track of resources added to the service manager by
</span> <span class='comment'># this module. see #add_resource and #cleanup
</span> <span class='ivar'>@my_resources</span> <span class='op'>=</span> <span class='lbracket'>[</span><span class='rbracket'>]</span>
<span class='ivar'>@service_path</span> <span class='op'>=</span> <span class='kw'>nil</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="on_request_uri-instance_method">
#<strong>on_request_uri</strong>(cli, request) &#x21d2; <tt>Object</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Called when a request is made to a single URI registered during the start_service. Subsequent registrations will not result in a call to on_request_uri.</p>
<p>Modules should override this method.</p>
</div>
</div>
<div class="tags">
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
683
684</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/http_server.rb', line 683</span>
<span class='kw'>def</span> <span class='id identifier rubyid_on_request_uri'>on_request_uri</span><span class='lparen'>(</span><span class='id identifier rubyid_cli'>cli</span><span class='comma'>,</span> <span class='id identifier rubyid_request'>request</span><span class='rparen'>)</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="print_prefix-instance_method">
#<strong>print_prefix</strong> &#x21d2; <tt>Object</tt>
</h3><table class="source_code">
<tr>
<td>
<pre class="lines">
74
75
76
77
78
79
80
81</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/http_server.rb', line 74</span>
<span class='kw'>def</span> <span class='id identifier rubyid_print_prefix'>print_prefix</span>
<span class='kw'>if</span> <span class='id identifier rubyid_cli'>cli</span> <span class='op'>&amp;&amp;</span> <span class='kw'>self</span><span class='period'>.</span><span class='id identifier rubyid_respond_to?'>respond_to?</span><span class='lparen'>(</span><span class='symbol'>:stance</span><span class='rparen'>)</span> <span class='op'>&amp;&amp;</span>
<span class='op'>!</span><span class='lparen'>(</span><span class='id identifier rubyid_stance'>stance</span> <span class='op'>==</span> <span class='const'><span class='object_link'><a href="../../../Msf.html" title="Msf (module)">Msf</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Exploit.html" title="Msf::Exploit (class)">Exploit</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../Stance.html" title="Msf::Exploit::Stance (module)">Stance</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../Stance.html#Aggressive-constant" title="Msf::Exploit::Stance::Aggressive (constant)">Aggressive</a></span></span> <span class='op'>||</span> <span class='id identifier rubyid_stance'>stance</span><span class='period'>.</span><span class='id identifier rubyid_include?'>include?</span><span class='lparen'>(</span><span class='const'><span class='object_link'><a href="../../../Msf.html" title="Msf (module)">Msf</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../Exploit.html" title="Msf::Exploit (class)">Exploit</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../Stance.html" title="Msf::Exploit::Stance (module)">Stance</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../Stance.html#Aggressive-constant" title="Msf::Exploit::Stance::Aggressive (constant)">Aggressive</a></span></span><span class='rparen'>)</span><span class='rparen'>)</span>
<span class='kw'>super</span> <span class='op'>+</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_cli'>cli</span><span class='period'>.</span><span class='id identifier rubyid_peerhost'>peerhost</span><span class='period'>.</span><span class='id identifier rubyid_ljust'>ljust</span><span class='lparen'>(</span><span class='int'>16</span><span class='rparen'>)</span><span class='embexpr_end'>}</span><span class='tstring_content'> </span><span class='embexpr_beg'>#{</span><span class='kw'>self</span><span class='period'>.</span><span class='id identifier rubyid_shortname'>shortname</span><span class='embexpr_end'>}</span><span class='tstring_content'> - </span><span class='tstring_end'>&quot;</span></span>
<span class='kw'>else</span>
<span class='kw'>super</span>
<span class='kw'>end</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="random_uri-instance_method">
#<strong>random_uri</strong> &#x21d2; <tt>Object</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Generates a random URI for use with making finger printing more challenging.</p>
</div>
</div>
<div class="tags">
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
647
648
649</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/http_server.rb', line 647</span>
<span class='kw'>def</span> <span class='id identifier rubyid_random_uri'>random_uri</span>
<span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>/</span><span class='tstring_end'>&quot;</span></span> <span class='op'>+</span> <span class='const'><span class='object_link'><a href="../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'>Text</span><span class='period'>.</span><span class='id identifier rubyid_rand_text_alphanumeric'>rand_text_alphanumeric</span><span class='lparen'>(</span><span class='id identifier rubyid_rand'>rand</span><span class='lparen'>(</span><span class='int'>10</span><span class='rparen'>)</span> <span class='op'>+</span> <span class='int'>6</span><span class='rparen'>)</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="regenerate_payload-instance_method">
#<strong>regenerate_payload</strong>(cli, arch = nil, platform = nil, target = nil) &#x21d2; <tt>Object</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Re-generates the payload, substituting the current RHOST and RPORT with the supplied client host and port.</p>
</div>
</div>
<div class="tags">
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
655
656
657
658
659
660
661
662
663
664
665
666
667
668</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/http_server.rb', line 655</span>
<span class='kw'>def</span> <span class='id identifier rubyid_regenerate_payload'>regenerate_payload</span><span class='lparen'>(</span><span class='id identifier rubyid_cli'>cli</span><span class='comma'>,</span> <span class='id identifier rubyid_arch'>arch</span> <span class='op'>=</span> <span class='kw'>nil</span><span class='comma'>,</span> <span class='id identifier rubyid_platform'>platform</span> <span class='op'>=</span> <span class='kw'>nil</span><span class='comma'>,</span> <span class='id identifier rubyid_target'>target</span> <span class='op'>=</span> <span class='kw'>nil</span><span class='rparen'>)</span>
<span class='id identifier rubyid_pcode'>pcode</span> <span class='op'>=</span> <span class='kw'>nil</span>
<span class='comment'># If the payload fails to generate for some reason, send a 403.
</span> <span class='kw'>if</span> <span class='lparen'>(</span><span class='lparen'>(</span><span class='id identifier rubyid_pcode'>pcode</span> <span class='op'>=</span> <span class='kw'>super</span><span class='lparen'>(</span><span class='id identifier rubyid_cli'>cli</span><span class='comma'>,</span> <span class='id identifier rubyid_arch'>arch</span><span class='comma'>,</span> <span class='id identifier rubyid_platform'>platform</span><span class='comma'>,</span> <span class='id identifier rubyid_target'>target</span><span class='rparen'>)</span><span class='rparen'>)</span> <span class='op'>==</span> <span class='kw'>nil</span><span class='rparen'>)</span>
<span class='id identifier rubyid_print_error'>print_error</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Failed to generate payload, sending 403.</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='id identifier rubyid_cli'>cli</span><span class='period'>.</span><span class='id identifier rubyid_send_response'>send_response</span><span class='lparen'>(</span>
<span class='id identifier rubyid_create_response'>create_response</span><span class='lparen'>(</span><span class='int'>403</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Forbidden</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span><span class='rparen'>)</span>
<span class='kw'>return</span> <span class='kw'>nil</span>
<span class='kw'>end</span>
<span class='id identifier rubyid_pcode'>pcode</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="remove_resource-instance_method">
#<strong>remove_resource</strong>(name) &#x21d2; <tt>Object</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Removes a URI resource.</p>
</div>
</div>
<div class="tags">
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
509
510
511
512
513
514
515</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/http_server.rb', line 509</span>
<span class='kw'>def</span> <span class='id identifier rubyid_remove_resource'>remove_resource</span><span class='lparen'>(</span><span class='id identifier rubyid_name'>name</span><span class='rparen'>)</span>
<span class='comment'># Guard against removing resources added by other modules
</span> <span class='kw'>if</span> <span class='ivar'>@my_resources</span><span class='period'>.</span><span class='id identifier rubyid_include?'>include?</span><span class='lparen'>(</span><span class='id identifier rubyid_name'>name</span><span class='rparen'>)</span>
<span class='ivar'>@my_resources</span><span class='period'>.</span><span class='id identifier rubyid_delete'>delete</span><span class='lparen'>(</span><span class='id identifier rubyid_name'>name</span><span class='rparen'>)</span>
<span class='id identifier rubyid_service'>service</span><span class='period'>.</span><span class='id identifier rubyid_remove_resource'>remove_resource</span><span class='lparen'>(</span><span class='id identifier rubyid_name'>name</span><span class='rparen'>)</span> <span class='kw'>if</span> <span class='id identifier rubyid_service'>service</span>
<span class='kw'>end</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="report_user_agent-instance_method">
#<strong>report_user_agent</strong>(address, request, client_opts = {}) &#x21d2; <tt>Object</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Store the results of server-side User-Agent fingerprinting in the DB.</p>
<p>Returns a Hash containing host and client information.</p>
</div>
</div>
<div class="tags">
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/http_server.rb', line 359</span>
<span class='kw'>def</span> <span class='id identifier rubyid_report_user_agent'>report_user_agent</span><span class='lparen'>(</span><span class='id identifier rubyid_address'>address</span><span class='comma'>,</span> <span class='id identifier rubyid_request'>request</span><span class='comma'>,</span> <span class='id identifier rubyid_client_opts'>client_opts</span><span class='op'>=</span><span class='lbrace'>{</span><span class='rbrace'>}</span><span class='rparen'>)</span>
<span class='id identifier rubyid_fp'>fp</span> <span class='op'>=</span> <span class='id identifier rubyid_fingerprint_user_agent'>fingerprint_user_agent</span><span class='lparen'>(</span><span class='id identifier rubyid_request'>request</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>User-Agent</span><span class='tstring_end'>&quot;</span></span><span class='rbracket'>]</span><span class='rparen'>)</span>
<span class='id identifier rubyid_host'>host</span> <span class='op'>=</span> <span class='lbrace'>{</span>
<span class='symbol'>:address</span> <span class='op'>=&gt;</span> <span class='id identifier rubyid_address'>address</span><span class='comma'>,</span>
<span class='symbol'>:host</span> <span class='op'>=&gt;</span> <span class='id identifier rubyid_address'>address</span><span class='comma'>,</span>
<span class='rbrace'>}</span>
<span class='id identifier rubyid_host'>host</span><span class='lbracket'>[</span><span class='symbol'>:os_name</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='id identifier rubyid_fp'>fp</span><span class='lbracket'>[</span><span class='symbol'>:os_name</span><span class='rbracket'>]</span> <span class='kw'>if</span> <span class='id identifier rubyid_fp'>fp</span><span class='lbracket'>[</span><span class='symbol'>:os_name</span><span class='rbracket'>]</span>
<span class='id identifier rubyid_host'>host</span><span class='lbracket'>[</span><span class='symbol'>:os_flavor</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='id identifier rubyid_fp'>fp</span><span class='lbracket'>[</span><span class='symbol'>:os_flavor</span><span class='rbracket'>]</span> <span class='kw'>if</span> <span class='id identifier rubyid_fp'>fp</span><span class='lbracket'>[</span><span class='symbol'>:os_flavor</span><span class='rbracket'>]</span>
<span class='id identifier rubyid_host'>host</span><span class='lbracket'>[</span><span class='symbol'>:arch</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='id identifier rubyid_fp'>fp</span><span class='lbracket'>[</span><span class='symbol'>:arch</span><span class='rbracket'>]</span> <span class='kw'>if</span> <span class='id identifier rubyid_fp'>fp</span><span class='lbracket'>[</span><span class='symbol'>:arch</span><span class='rbracket'>]</span>
<span class='id identifier rubyid_host'>host</span><span class='lbracket'>[</span><span class='symbol'>:os_lang</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='id identifier rubyid_fp'>fp</span><span class='lbracket'>[</span><span class='symbol'>:os_lang</span><span class='rbracket'>]</span> <span class='kw'>if</span> <span class='id identifier rubyid_fp'>fp</span><span class='lbracket'>[</span><span class='symbol'>:os_lang</span><span class='rbracket'>]</span>
<span class='id identifier rubyid_report_host'>report_host</span><span class='lparen'>(</span><span class='id identifier rubyid_host'>host</span><span class='rparen'>)</span>
<span class='id identifier rubyid_client'>client</span> <span class='op'>=</span> <span class='lbrace'>{</span>
<span class='symbol'>:host</span> <span class='op'>=&gt;</span> <span class='id identifier rubyid_address'>address</span><span class='comma'>,</span>
<span class='symbol'>:ua_string</span> <span class='op'>=&gt;</span> <span class='id identifier rubyid_request'>request</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>User-Agent</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span><span class='comma'>,</span>
<span class='rbrace'>}</span>
<span class='id identifier rubyid_client'>client</span><span class='lbracket'>[</span><span class='symbol'>:ua_name</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='id identifier rubyid_fp'>fp</span><span class='lbracket'>[</span><span class='symbol'>:ua_name</span><span class='rbracket'>]</span> <span class='kw'>if</span> <span class='id identifier rubyid_fp'>fp</span><span class='lbracket'>[</span><span class='symbol'>:ua_name</span><span class='rbracket'>]</span>
<span class='id identifier rubyid_client'>client</span><span class='lbracket'>[</span><span class='symbol'>:ua_ver</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='id identifier rubyid_fp'>fp</span><span class='lbracket'>[</span><span class='symbol'>:ua_ver</span><span class='rbracket'>]</span> <span class='kw'>if</span> <span class='id identifier rubyid_fp'>fp</span><span class='lbracket'>[</span><span class='symbol'>:ua_ver</span><span class='rbracket'>]</span>
<span class='id identifier rubyid_client'>client</span><span class='period'>.</span><span class='id identifier rubyid_merge!'>merge!</span><span class='lparen'>(</span><span class='id identifier rubyid_client_opts'>client_opts</span><span class='rparen'>)</span> <span class='kw'>if</span> <span class='id identifier rubyid_client_opts'>client_opts</span>
<span class='id identifier rubyid_report_client'>report_client</span><span class='lparen'>(</span><span class='id identifier rubyid_client'>client</span><span class='rparen'>)</span>
<span class='id identifier rubyid_report_note'>report_note</span><span class='lparen'>(</span>
<span class='symbol'>:host</span> <span class='op'>=&gt;</span> <span class='id identifier rubyid_address'>address</span><span class='comma'>,</span>
<span class='symbol'>:type</span> <span class='op'>=&gt;</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>http.request</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span>
<span class='symbol'>:data</span> <span class='op'>=&gt;</span> <span class='lbrace'>{</span>
<span class='symbol'>:address</span> <span class='op'>=&gt;</span> <span class='id identifier rubyid_address'>address</span><span class='comma'>,</span>
<span class='symbol'>:method</span> <span class='op'>=&gt;</span> <span class='id identifier rubyid_request'>request</span><span class='period'>.</span><span class='id identifier rubyid_method'>method</span><span class='comma'>,</span>
<span class='symbol'>:resource</span> <span class='op'>=&gt;</span> <span class='id identifier rubyid_request'>request</span><span class='period'>.</span><span class='id identifier rubyid_resource'>resource</span><span class='comma'>,</span>
<span class='symbol'>:os_name</span> <span class='op'>=&gt;</span> <span class='id identifier rubyid_client'>client</span><span class='lbracket'>[</span><span class='symbol'>:os_name</span><span class='rbracket'>]</span><span class='comma'>,</span>
<span class='symbol'>:ua_name</span> <span class='op'>=&gt;</span> <span class='id identifier rubyid_client'>client</span><span class='lbracket'>[</span><span class='symbol'>:ua_name</span><span class='rbracket'>]</span><span class='comma'>,</span>
<span class='symbol'>:ua_ver</span> <span class='op'>=&gt;</span> <span class='id identifier rubyid_client'>client</span><span class='lbracket'>[</span><span class='symbol'>:ua_ver</span><span class='rbracket'>]</span>
<span class='rbrace'>}</span><span class='comma'>,</span>
<span class='symbol'>:update</span> <span class='op'>=&gt;</span> <span class='symbol'>:unique_data</span>
<span class='rparen'>)</span>
<span class='kw'>return</span> <span class='id identifier rubyid_host'>host</span><span class='period'>.</span><span class='id identifier rubyid_merge'>merge</span><span class='lparen'>(</span><span class='id identifier rubyid_client'>client</span><span class='rparen'>)</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="resource_uri-instance_method">
#<strong>resource_uri</strong> &#x21d2; <tt>Object</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Returns the configured (or random, if not configured) URI path</p>
</div>
</div>
<div class="tags">
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
632
633
634
635
636
637
638
639
640</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/http_server.rb', line 632</span>
<span class='kw'>def</span> <span class='id identifier rubyid_resource_uri'>resource_uri</span>
<span class='kw'>unless</span> <span class='ivar'>@resource_uri</span>
<span class='id identifier rubyid_path'>path</span> <span class='op'>=</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>URIPATH</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span> <span class='op'>||</span> <span class='id identifier rubyid_random_uri'>random_uri</span>
<span class='id identifier rubyid_path'>path</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>/</span><span class='tstring_end'>&#39;</span></span> <span class='op'>+</span> <span class='id identifier rubyid_path'>path</span> <span class='kw'>if</span> <span class='id identifier rubyid_path'>path</span> <span class='op'>!~</span> <span class='tstring'><span class='regexp_beg'>/</span><span class='tstring_content'>^\/</span><span class='regexp_end'>/</span></span>
<span class='ivar'>@resource_uri</span> <span class='op'>=</span> <span class='id identifier rubyid_path'>path</span>
<span class='kw'>end</span>
<span class='ivar'>@resource_uri</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="send_local_redirect-instance_method">
#<strong>send_local_redirect</strong>(cli, location) &#x21d2; <tt>Object</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Sends a 302 redirect relative to our base path</p>
</div>
</div>
<div class="tags">
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
587
588
589</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/http_server.rb', line 587</span>
<span class='kw'>def</span> <span class='id identifier rubyid_send_local_redirect'>send_local_redirect</span><span class='lparen'>(</span><span class='id identifier rubyid_cli'>cli</span><span class='comma'>,</span> <span class='id identifier rubyid_location'>location</span><span class='rparen'>)</span>
<span class='id identifier rubyid_send_redirect'>send_redirect</span><span class='lparen'>(</span><span class='id identifier rubyid_cli'>cli</span><span class='comma'>,</span> <span class='id identifier rubyid_get_resource'>get_resource</span> <span class='op'>+</span> <span class='id identifier rubyid_location'>location</span><span class='rparen'>)</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="send_not_found-instance_method">
#<strong>send_not_found</strong>(cli) &#x21d2; <tt>Object</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Sends a 404</p>
</div>
</div>
<div class="tags">
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/http_server.rb', line 595</span>
<span class='kw'>def</span> <span class='id identifier rubyid_send_not_found'>send_not_found</span><span class='lparen'>(</span><span class='id identifier rubyid_cli'>cli</span><span class='rparen'>)</span>
<span class='id identifier rubyid_resp_404'>resp_404</span> <span class='op'>=</span> <span class='id identifier rubyid_create_response'>create_response</span><span class='lparen'>(</span><span class='int'>404</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Not Found</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span>
<span class='id identifier rubyid_resp_404'>resp_404</span><span class='period'>.</span><span class='id identifier rubyid_body'>body</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>%Q{</span><span class='tstring_content'>\
&lt;!DOCTYPE HTML PUBLIC &quot;-//IETF//DTD HTML 2.0//EN&quot;&gt;
&lt;html&gt;&lt;head&gt;
&lt;title&gt;404 Not Found&lt;/title&gt;
&lt;/head&gt;&lt;body&gt;
&lt;h1&gt;Not Found&lt;/h1&gt;
&lt;p&gt;The requested URL was not found on this server.&lt;/p&gt;
&lt;hr&gt;
&lt;address&gt;Apache/2.2.9 (Unix) Server at </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>LHOST</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span><span class='embexpr_end'>}</span><span class='tstring_content'> Port </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>SRVPORT</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span><span class='embexpr_end'>}</span><span class='tstring_content'>&lt;/address&gt;
&lt;/body&gt;&lt;/html&gt;
</span><span class='tstring_end'>}</span></span>
<span class='id identifier rubyid_cli'>cli</span><span class='period'>.</span><span class='id identifier rubyid_send_response'>send_response</span><span class='lparen'>(</span><span class='id identifier rubyid_resp_404'>resp_404</span><span class='rparen'>)</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="send_redirect-instance_method">
#<strong>send_redirect</strong>(cli, location = &#39;/&#39;, body = &#39;&#39;, headers = {}) &#x21d2; <tt>Object</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Sends a 302 redirect to the client</p>
</div>
</div>
<div class="tags">
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
573
574
575
576
577
578
579
580
581</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/http_server.rb', line 573</span>
<span class='kw'>def</span> <span class='id identifier rubyid_send_redirect'>send_redirect</span><span class='lparen'>(</span><span class='id identifier rubyid_cli'>cli</span><span class='comma'>,</span> <span class='id identifier rubyid_location'>location</span><span class='op'>=</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>/</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='id identifier rubyid_body'>body</span><span class='op'>=</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='id identifier rubyid_headers'>headers</span> <span class='op'>=</span> <span class='lbrace'>{</span><span class='rbrace'>}</span><span class='rparen'>)</span>
<span class='id identifier rubyid_response'>response</span> <span class='op'>=</span> <span class='id identifier rubyid_create_response'>create_response</span><span class='lparen'>(</span><span class='int'>302</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Moved</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span>
<span class='id identifier rubyid_response'>response</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Content-Type</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>text/html</span><span class='tstring_end'>&#39;</span></span>
<span class='id identifier rubyid_response'>response</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Location</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='id identifier rubyid_location'>location</span>
<span class='id identifier rubyid_response'>response</span><span class='period'>.</span><span class='id identifier rubyid_body'>body</span> <span class='op'>=</span> <span class='id identifier rubyid_body'>body</span><span class='period'>.</span><span class='id identifier rubyid_to_s'>to_s</span><span class='period'>.</span><span class='id identifier rubyid_unpack'>unpack</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>C*</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span><span class='period'>.</span><span class='id identifier rubyid_pack'>pack</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>C*</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='id identifier rubyid_headers'>headers</span><span class='period'>.</span><span class='id identifier rubyid_each_pair'>each_pair</span> <span class='lbrace'>{</span> <span class='op'>|</span><span class='id identifier rubyid_k'>k</span><span class='comma'>,</span><span class='id identifier rubyid_v'>v</span><span class='op'>|</span> <span class='id identifier rubyid_response'>response</span><span class='lbracket'>[</span><span class='id identifier rubyid_k'>k</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='id identifier rubyid_v'>v</span> <span class='rbrace'>}</span>
<span class='id identifier rubyid_cli'>cli</span><span class='period'>.</span><span class='id identifier rubyid_send_response'>send_response</span><span class='lparen'>(</span><span class='id identifier rubyid_response'>response</span><span class='rparen'>)</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="send_response-instance_method">
#<strong>send_response</strong>(cli, body, headers = {}) &#x21d2; <tt>Object</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Transmits a response to the supplied client, default content-type is text/html</p>
<p>Payload evasions are implemented here!</p>
</div>
</div>
<div class="tags">
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/http_server.rb', line 538</span>
<span class='kw'>def</span> <span class='id identifier rubyid_send_response'>send_response</span><span class='lparen'>(</span><span class='id identifier rubyid_cli'>cli</span><span class='comma'>,</span> <span class='id identifier rubyid_body'>body</span><span class='comma'>,</span> <span class='id identifier rubyid_headers'>headers</span> <span class='op'>=</span> <span class='lbrace'>{</span><span class='rbrace'>}</span><span class='rparen'>)</span>
<span class='id identifier rubyid_response'>response</span> <span class='op'>=</span> <span class='id identifier rubyid_create_response'>create_response</span>
<span class='id identifier rubyid_response'>response</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Content-Type</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>text/html</span><span class='tstring_end'>&#39;</span></span>
<span class='id identifier rubyid_response'>response</span><span class='period'>.</span><span class='id identifier rubyid_body'>body</span> <span class='op'>=</span> <span class='id identifier rubyid_body'>body</span><span class='period'>.</span><span class='id identifier rubyid_to_s'>to_s</span><span class='period'>.</span><span class='id identifier rubyid_unpack'>unpack</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>C*</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span><span class='period'>.</span><span class='id identifier rubyid_pack'>pack</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>C*</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='kw'>if</span> <span class='lparen'>(</span><span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>HTTP::compression</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span><span class='rparen'>)</span>
<span class='kw'>self</span><span class='period'>.</span><span class='id identifier rubyid_use_zlib'>use_zlib</span> <span class='comment'># make sure...
</span> <span class='id identifier rubyid_response'>response</span><span class='period'>.</span><span class='id identifier rubyid_compress'>compress</span> <span class='op'>=</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>HTTP::compression</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span>
<span class='kw'>end</span>
<span class='kw'>if</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>HTTP::chunked</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span>
<span class='id identifier rubyid_response'>response</span><span class='period'>.</span><span class='id identifier rubyid_auto_cl'>auto_cl</span> <span class='op'>=</span> <span class='kw'>false</span>
<span class='id identifier rubyid_response'>response</span><span class='period'>.</span><span class='id identifier rubyid_transfer_chunked'>transfer_chunked</span> <span class='op'>=</span> <span class='kw'>true</span>
<span class='kw'>end</span>
<span class='kw'>if</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>HTTP::header_folding</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span>
<span class='id identifier rubyid_response'>response</span><span class='period'>.</span><span class='id identifier rubyid_headers'>headers</span><span class='period'>.</span><span class='id identifier rubyid_fold'>fold</span> <span class='op'>=</span> <span class='int'>1</span>
<span class='kw'>end</span>
<span class='kw'>if</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>HTTP::junk_headers</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span>
<span class='id identifier rubyid_response'>response</span><span class='period'>.</span><span class='id identifier rubyid_headers'>headers</span><span class='period'>.</span><span class='id identifier rubyid_junk_headers'>junk_headers</span> <span class='op'>=</span> <span class='int'>1</span>
<span class='kw'>end</span>
<span class='kw'>if</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>HTTP::no_cache</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span>
<span class='id identifier rubyid_response'>response</span><span class='period'>.</span><span class='id identifier rubyid_headers'>headers</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Cache-Control</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>no-store, no-cache, must-revalidate</span><span class='tstring_end'>&#39;</span></span>
<span class='kw'>end</span>
<span class='id identifier rubyid_headers'>headers</span><span class='period'>.</span><span class='id identifier rubyid_each_pair'>each_pair</span> <span class='lbrace'>{</span> <span class='op'>|</span><span class='id identifier rubyid_k'>k</span><span class='comma'>,</span><span class='id identifier rubyid_v'>v</span><span class='op'>|</span> <span class='id identifier rubyid_response'>response</span><span class='lbracket'>[</span><span class='id identifier rubyid_k'>k</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='id identifier rubyid_v'>v</span> <span class='rbrace'>}</span>
<span class='id identifier rubyid_cli'>cli</span><span class='period'>.</span><span class='id identifier rubyid_send_response'>send_response</span><span class='lparen'>(</span><span class='id identifier rubyid_response'>response</span><span class='rparen'>)</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="send_robots-instance_method">
#<strong>send_robots</strong>(cli, request) &#x21d2; <tt>Object</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Sends a canned robots.txt file</p>
</div>
</div>
<div class="tags">
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
615
616
617
618
619
620
621
622
623
624
625
626</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/http_server.rb', line 615</span>
<span class='kw'>def</span> <span class='id identifier rubyid_send_robots'>send_robots</span><span class='lparen'>(</span><span class='id identifier rubyid_cli'>cli</span><span class='comma'>,</span> <span class='id identifier rubyid_request'>request</span><span class='rparen'>)</span>
<span class='id identifier rubyid_print_status'>print_status</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Sending robots.txt</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span>
<span class='id identifier rubyid_robots'>robots</span> <span class='op'>=</span> <span class='id identifier rubyid_create_response'>create_response</span><span class='lparen'>(</span><span class='int'>200</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Success</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span>
<span class='id identifier rubyid_robots'>robots</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Content-Type</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>text/plain</span><span class='tstring_end'>&#39;</span></span>
<span class='id identifier rubyid_robots'>robots</span><span class='period'>.</span><span class='id identifier rubyid_body'>body</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>%Q{</span><span class='tstring_content'>\
User-agent: *
Disallow: /
</span><span class='tstring_end'>}</span></span>
<span class='id identifier rubyid_cli'>cli</span><span class='period'>.</span><span class='id identifier rubyid_send_response'>send_response</span><span class='lparen'>(</span><span class='id identifier rubyid_robots'>robots</span><span class='rparen'>)</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="srvhost_addr-instance_method">
#<strong>srvhost_addr</strong> &#x21d2; <tt>String</tt>
</h3><div class="docstring">
<div class="discussion">
<p>An address to which the client can route.</p>
<p>If available, return LHOST which should be the right thing since it already has to be an address the client can route to for the payload to work. However, LHOST will only be available if were using a reverse_* payload, so if we dont have it, try to use the clients peerhost address. Failing that, fall back to the addr with the default gateway. All of this will be for naught in the case of a user behind NAT using a bind payload but theres nothing we can do about it.</p>
<p>NOTE: The address will be <strong>incorrect</strong> in the following two situations:</p>
<ol><li>
<p>LHOST is pointed at a exploit/multi/handler on some other box.</p>
</li><li>
<p>SRVHOST has a value of 0.0.0.0, the user is behind NAT, and were using a bind payload. In that case, we dont have an LHOST and the source address will be internal.</p>
</li></ol>
<p>This can potentially be dealt with in a module by using the Host header from a request if such a header exists.</p>
</div>
</div>
<div class="tags">
<p class="tag_title">Returns:</p>
<ul class="return">
<li>
<span class='type'>(<tt>String</tt>)</span>
</li>
</ul>
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
487
488
489
490
491</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/http_server.rb', line 487</span>
<span class='kw'>def</span> <span class='id identifier rubyid_srvhost_addr'>srvhost_addr</span>
<span class='kw'>return</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>URIHOST</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span> <span class='kw'>if</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>URIHOST</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_present?'>present?</span>
<span class='kw'>super</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="srvport-instance_method">
#<strong>srvport</strong> &#x21d2; <tt>Object</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Returns the local port that is being listened on.</p>
</div>
</div>
<div class="tags">
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
496
497
498
499
500
501
502
503
504</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/http_server.rb', line 496</span>
<span class='kw'>def</span> <span class='id identifier rubyid_srvport'>srvport</span>
<span class='kw'>if</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>URIPORT</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span>
<span class='id identifier rubyid_port'>port</span> <span class='op'>=</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>URIPORT</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span>
<span class='kw'>else</span>
<span class='id identifier rubyid_port'>port</span> <span class='op'>=</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>SRVPORT</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span>
<span class='kw'>end</span>
<span class='id identifier rubyid_port'>port</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="start_service-instance_method">
#<strong>start_service</strong>(opts = {}) &#x21d2; <tt>Object</tt>
</h3><div class="docstring">
<div class="discussion">
<p>:category: Exploit::Remote::TcpServer overrides</p>
<p>This mixin starts the HTTP server listener. This routine takes a few different hash parameters:</p>
<pre class="code ruby"><code class="ruby">ServerHost =&gt; Override the server host to listen on (default to SRVHOST).
ServerPort =&gt; Override the server port to listen on (default to SRVPORT).
ssl =&gt; Override the server SSL setting (default to SSL).
Uri =&gt; The URI to handle and the associated procedure to call.
</code></pre>
</div>
</div>
<div class="tags">
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/http_server.rb', line 114</span>
<span class='kw'>def</span> <span class='id identifier rubyid_start_service'>start_service</span><span class='lparen'>(</span><span class='id identifier rubyid_opts'>opts</span> <span class='op'>=</span> <span class='lbrace'>{</span><span class='rbrace'>}</span><span class='rparen'>)</span>
<span class='comment'># Use the ssl option from opts if explicitly provided, otherwise use the
</span> <span class='comment'># SRVSSL datastore option (which falls back to SSL for backwards compatibility).
</span> <span class='id identifier rubyid_opts'>opts</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>ssl</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span> <span class='op'>||=</span> <span class='id identifier rubyid_http_server_ssl'>http_server_ssl</span>
<span class='id identifier rubyid_check_dependencies'>check_dependencies</span>
<span class='comment'># Start a new HTTP server service.
</span> <span class='kw'>self</span><span class='period'>.</span><span class='id identifier rubyid_service'>service</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../Rex/ServiceManager.html" title="Rex::ServiceManager (class)">ServiceManager</a></span></span><span class='period'>.</span><span class='id identifier rubyid_start'><span class='object_link'><a href="../../../Rex/ServiceManager.html#start-class_method" title="Rex::ServiceManager.start (method)">start</a></span></span><span class='lparen'>(</span>
<span class='const'><span class='object_link'><a href="../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../Rex/Proto.html" title="Rex::Proto (module)">Proto</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../Rex/Proto/Http.html" title="Rex::Proto::Http (module)">Http</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../Rex/Proto/Http/Server.html" title="Rex::Proto::Http::Server (class)">Server</a></span></span><span class='comma'>,</span>
<span class='lparen'>(</span><span class='id identifier rubyid_opts'>opts</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>ServerPort</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span> <span class='op'>||</span> <span class='id identifier rubyid_bindport'>bindport</span><span class='rparen'>)</span><span class='period'>.</span><span class='id identifier rubyid_to_i'>to_i</span><span class='comma'>,</span>
<span class='id identifier rubyid_opts'>opts</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>ServerHost</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span> <span class='op'>||</span> <span class='id identifier rubyid_bindhost'>bindhost</span><span class='comma'>,</span>
<span class='id identifier rubyid_opts'>opts</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>ssl</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span><span class='comma'>,</span>
<span class='lbrace'>{</span>
<span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Msf</span><span class='tstring_end'>&#39;</span></span> <span class='op'>=&gt;</span> <span class='id identifier rubyid_framework'>framework</span><span class='comma'>,</span>
<span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>MsfExploit</span><span class='tstring_end'>&#39;</span></span> <span class='op'>=&gt;</span> <span class='kw'>self</span><span class='comma'>,</span>
<span class='rbrace'>}</span><span class='comma'>,</span>
<span class='id identifier rubyid_opts'>opts</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Comm</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span> <span class='op'>||</span> <span class='id identifier rubyid__determine_server_comm'>_determine_server_comm</span><span class='lparen'>(</span><span class='id identifier rubyid_opts'>opts</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>ServerHost</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span> <span class='op'>||</span> <span class='id identifier rubyid_bindhost'>bindhost</span><span class='rparen'>)</span><span class='comma'>,</span>
<span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>SSLCert</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span><span class='comma'>,</span>
<span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>SSLCompression</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span><span class='comma'>,</span>
<span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>SSLCipher</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span><span class='comma'>,</span>
<span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>SSLVersion</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span>
<span class='rparen'>)</span>
<span class='kw'>self</span><span class='period'>.</span><span class='id identifier rubyid_service'>service</span><span class='period'>.</span><span class='id identifier rubyid_server_name'>server_name</span> <span class='op'>=</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>HTTP::server_name</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span>
<span class='comment'># Default the procedure of the URI to on_request_uri if one isn&#39;t
</span> <span class='comment'># provided.
</span> <span class='id identifier rubyid_uopts'>uopts</span> <span class='op'>=</span> <span class='lbrace'>{</span>
<span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Proc</span><span class='tstring_end'>&#39;</span></span> <span class='op'>=&gt;</span> <span class='const'>Proc</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span> <span class='lbrace'>{</span> <span class='op'>|</span><span class='id identifier rubyid_cli'>cli</span><span class='comma'>,</span> <span class='id identifier rubyid_req'>req</span><span class='op'>|</span>
<span class='kw'>self</span><span class='period'>.</span><span class='id identifier rubyid_cli'>cli</span> <span class='op'>=</span> <span class='id identifier rubyid_cli'>cli</span>
<span class='lparen'>(</span> <span class='kw'>self</span><span class='period'>.</span><span class='id identifier rubyid_respond_to?'>respond_to?</span><span class='lparen'>(</span><span class='symbol'>:filter_request_uri</span><span class='rparen'>)</span> <span class='op'>&amp;&amp;</span>
<span class='id identifier rubyid_filter_request_uri'>filter_request_uri</span><span class='lparen'>(</span><span class='id identifier rubyid_cli'>cli</span><span class='comma'>,</span> <span class='id identifier rubyid_req'>req</span><span class='rparen'>)</span>
<span class='rparen'>)</span> <span class='op'>?</span> <span class='kw'>nil</span> <span class='op'>:</span> <span class='id identifier rubyid_on_request_uri'>on_request_uri</span><span class='lparen'>(</span><span class='id identifier rubyid_cli'>cli</span><span class='comma'>,</span> <span class='id identifier rubyid_req'>req</span><span class='rparen'>)</span>
<span class='rbrace'>}</span><span class='comma'>,</span>
<span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Path</span><span class='tstring_end'>&#39;</span></span> <span class='op'>=&gt;</span> <span class='id identifier rubyid_opts'>opts</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Path</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span> <span class='op'>||</span> <span class='id identifier rubyid_resource_uri'>resource_uri</span>
<span class='rbrace'>}</span><span class='period'>.</span><span class='id identifier rubyid_update'>update</span><span class='lparen'>(</span><span class='id identifier rubyid_opts'>opts</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Uri</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span> <span class='op'>||</span> <span class='lbrace'>{</span><span class='rbrace'>}</span><span class='rparen'>)</span>
<span class='id identifier rubyid_proto'>proto</span> <span class='op'>=</span> <span class='lparen'>(</span><span class='id identifier rubyid_opts'>opts</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>ssl</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span> <span class='op'>?</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>https</span><span class='tstring_end'>&quot;</span></span> <span class='op'>:</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>http</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='comment'># SSLCompression may or may not actually be available. For example, on
</span> <span class='comment'># Ubuntu, it&#39;s disabled by default, unless the correct environment
</span> <span class='comment'># variable is set. See https://github.com/rapid7/metasploit-framework/pull/2666
</span> <span class='kw'>if</span> <span class='id identifier rubyid_proto'>proto</span> <span class='op'>==</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>https</span><span class='tstring_end'>&quot;</span></span> <span class='kw'>and</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>SSLCompression</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span>
<span class='id identifier rubyid_print_status'>print_status</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Intentionally using insecure SSL compression. Your operating system might not respect this!</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='kw'>end</span>
<span class='id identifier rubyid_netloc'>netloc</span> <span class='op'>=</span> <span class='id identifier rubyid_srvhost_addr'>srvhost_addr</span>
<span class='kw'>if</span> <span class='lparen'>(</span><span class='id identifier rubyid_proto'>proto</span> <span class='op'>==</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>http</span><span class='tstring_end'>&#39;</span></span> <span class='op'>&amp;&amp;</span> <span class='id identifier rubyid_srvport'>srvport</span> <span class='op'>!=</span> <span class='int'>80</span><span class='rparen'>)</span> <span class='op'>||</span> <span class='lparen'>(</span><span class='id identifier rubyid_proto'>proto</span> <span class='op'>==</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>https</span><span class='tstring_end'>&#39;</span></span> <span class='op'>&amp;&amp;</span> <span class='id identifier rubyid_srvport'>srvport</span> <span class='op'>!=</span> <span class='int'>443</span><span class='rparen'>)</span>
<span class='kw'>if</span> <span class='const'><span class='object_link'><a href="../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'>Socket</span><span class='period'>.</span><span class='id identifier rubyid_is_ipv6?'>is_ipv6?</span><span class='lparen'>(</span><span class='id identifier rubyid_netloc'>netloc</span><span class='rparen'>)</span>
<span class='id identifier rubyid_netloc'>netloc</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>[</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_netloc'>netloc</span><span class='embexpr_end'>}</span><span class='tstring_content'>]:</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_srvport'>srvport</span><span class='embexpr_end'>}</span><span class='tstring_end'>&quot;</span></span>
<span class='kw'>else</span>
<span class='id identifier rubyid_netloc'>netloc</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_netloc'>netloc</span><span class='embexpr_end'>}</span><span class='tstring_content'>:</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_srvport'>srvport</span><span class='embexpr_end'>}</span><span class='tstring_end'>&quot;</span></span>
<span class='kw'>end</span>
<span class='kw'>end</span>
<span class='id identifier rubyid_print_status'>print_status</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Using URL: </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_proto'>proto</span><span class='embexpr_end'>}</span><span class='tstring_content'>://</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_netloc'>netloc</span><span class='embexpr_end'>}</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_uopts'>uopts</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Path</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span><span class='embexpr_end'>}</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='id identifier rubyid_add_robots_resource'>add_robots_resource</span> <span class='kw'>if</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>SendRobots</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span>
<span class='id identifier rubyid_add_resource'>add_resource</span><span class='lparen'>(</span><span class='id identifier rubyid_uopts'>uopts</span><span class='rparen'>)</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="use_zlib-instance_method">
#<strong>use_zlib</strong> &#x21d2; <tt>Object</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Ensures that gzip can be used. If not, an exception is generated. The exception is only raised if the DisableGzip advanced option has not been set.</p>
</div>
</div>
<div class="tags">
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
88
89
90
91
92</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/http_server.rb', line 88</span>
<span class='kw'>def</span> <span class='id identifier rubyid_use_zlib'>use_zlib</span>
<span class='kw'>if</span> <span class='op'>!</span><span class='const'><span class='object_link'><a href="../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'>Text</span><span class='period'>.</span><span class='id identifier rubyid_zlib_present?'>zlib_present?</span> <span class='op'>&amp;&amp;</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>HTTP::compression</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span>
<span class='id identifier rubyid_raise'>raise</span> <span class='const'>RuntimeError</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>zlib support was not detected, yet the HTTP::compression option was set. Don&#39;t do that!</span><span class='tstring_end'>&quot;</span></span>
<span class='kw'>end</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
</div>
</div>
<div id="footer">
Generated on Fri May 8 17:02:01 2026 by
<a href="https://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
0.9.37 (ruby-3.1.5).
</div>
</div>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink