# frozen_string_literal: true
#
# ronin-exploits - A Ruby library for ronin-rb that provides exploitation and
# payload crafting functionality.
#
# Copyright (c) 2007-2024 Hal Brodigan (postmodern.mod3 at gmail.com)
#
# ronin-exploits is free software: you can redistribute it and/or modify
# it under the terms of the GNU Lesser General Public License as published
# by the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# ronin-exploits is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public License
# along with ronin-exploits.  If not, see <https://www.gnu.org/licenses/>.
#

require 'ronin/exploits/client_side_web_vuln'

require 'ronin/vulns/open_redirect'
require 'ronin/payloads/url_payload'
require 'ronin/payloads/builtin/test/open_redirect'

module Ronin
  module Exploits
    #
    # Represents a [Open Redirect] exploit.
    #
    # [Open Redirect]: https://owasp.org/www-project-web-security-testing-guide/v41/4-Web_Application_Security_Testing/11-Client_Side_Testing/04-Testing_for_Client_Side_URL_Redirect
    #
    # ## Example
    #
    #     require 'ronin/exploits/open_redirect'
    #
    #     module Ronin
    #       module Exploits
    #         class MyExploit < OpenRedirect
    #
    #           register 'my_exploit'
    #
    #           base_path '/path/to/page.php'
    #           query_param 'url'
    #
    #         end
    #       end
    #     end
    #
    # @api public
    #
    # @since 1.0.0
    #
    class OpenRedirect < ClientSideWebVuln

      payload_class Payloads::URLPayload

      references [
        'https://owasp.org/www-project-web-security-testing-guide/v41/4-Web_Application_Security_Testing/11-Client_Side_Testing/04-Testing_for_Client_Side_URL_Redirect',
        'https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html'
      ]

      param :redirect_url, String, desc: 'The URL to redirect to'

      #
      # Initializes the Open Redirect exploit and defaults the {#payload} to a
      # Open Redirect test payload.
      #
      # @param [Ronin::Payloads::URLtPayload, String, nil] payload
      #   The payload to use.
      #
      def initialize(payload: Payloads::Test::OpenRedirect.new, **kwargs)
        super(payload: payload, **kwargs)
      end

      #
      # Returns the type or kind of exploit.
      #
      # @return [Symbol]
      #
      # @note
      #   This is used internally to map an exploit class to a printable type.
      #
      # @api private
      #
      def self.exploit_type
        :open_redirect
      end

      #
      # The open redirect vulnerability to exploit.
      #
      # @return [Ronin::Vulns::OpenRedirect]
      #
      def vuln
        @vuln ||= Vulns::OpenRedirect.new(url, test_url: params[:redirect_url],
                                               **web_vuln_kwargs)
      end

    end
  end
end