lib/ronin/vulns/lfi.rb in ronin-vulns-0.1.1 vs lib/ronin/vulns/lfi.rb in ronin-vulns-0.1.2
- old
+ new
@@ -55,11 +55,11 @@
#
# @return [:unix, :windows, nil]
attr_reader :os
# Optional filter bypass technique to use.
- #
+ #
# @return [:null_byte, :base64, :rot13, :zlib, nil]
attr_reader :filter_bypass
# The number of directories to traverse up
#
@@ -174,11 +174,11 @@
if @os == :windows && path.start_with?('C:\\')
# escape absolute Windows paths to the C: drive
"#{@escape_path}#{path[3..]}"
elsif @os == :windows && path =~ /\A[A-Z]:/
# pass through absolute Windows paths to other drives
- path
+ path
elsif path.start_with?(@separator)
# escape absolute paths
"#{@escape_path}#{path[1..]}"
else
# pass through relative paths
@@ -232,13 +232,12 @@
end
when :rot13
Crypto.rot(body,-13) =~ @test_file
when :zlib
body.scan(Text::Patterns::BASE64).any? do |string|
- begin
- Compression.zlib_inflate(Base64.decode64(string)) =~ @test_file
- rescue Zlib::DataError
- end
+ Compression.zlib_inflate(Base64.decode64(string)) =~ @test_file
+ rescue Zlib::DataError
+ # not zlib compressed Base64, ignore
end
else
body =~ @test_file
end
end