# #-- # Ronin Exploits - A Ruby library for Ronin that provides exploitation and # payload crafting functionality. # # Copyright (c) 2007-2009 Hal Brodigan (postmodern.mod3 at gmail.com) # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA #++ # require 'ronin/exploits/exploit' require 'ronin/sessions/http' require 'ronin/extensions/uri/http' require 'uri' module Ronin module Exploits class WebExploit < Exploit include Sessions::HTTP objectify :ronin_web_exploit # The targeted URL path property :url_path, String # The targeted URL query string property :url_query, String # The targeted HTTP host parameter :host, :description => 'The targeted HTTP host' # The targeted HTTP port parameter :port, :description => 'The targeted HTTP port' # The optional URL path prefix parameter :url_prefix, :description => 'The optional URL path prefix' # # Returns the targeted URL based on the +http_host+, +http_port+ # and +url_prefix+ parameters as well as the +url_path+ and # +url_query+ properties. # def targeted_url require_params :host url = ::URI::HTTP.build( :host => @host, :port => @port, :path => self.url_path, :query => self.url_query ) if @url_prefix url.path = @url_prefix.to_s + url.path end return url end end end end