lib/ronin/cli/commands/http.rb in ronin-2.0.0 vs lib/ronin/cli/commands/http.rb in ronin-2.0.1
- old
+ new
@@ -20,10 +20,11 @@
require 'ronin/cli/printing/http'
require 'ronin/cli/http_shell'
require 'ronin/support/network/http'
require 'command_kit/options/verbose'
+require 'addressable/uri'
module Ronin
class CLI
module Commands
#
@@ -72,10 +73,13 @@
class Http < ValueProcessorCommand
include CommandKit::Options::Verbose
include Printing::HTTP
+ # `http://` and `https://` URL validation regex.
+ URL_REGEX = URI::DEFAULT_PARSER.make_regexp(%w[http https])
+
usage '[options] {URL [...] | --shell URL}'
option :method, value: {
type: {
'COPY' => :copy,
@@ -145,14 +149,18 @@
option :unlock, desc: 'Send an UNLOCK request' do
@http_method = :unlock
end
option :shell, value: {
- type: String,
+ type: URL_REGEX,
usage: 'URL'
},
- desc: 'Open an interactive HTTP shell'
+ desc: 'Open an interactive HTTP shell' do |url|
+ options[:shell] = Addressable::URI.parse(url)
+ rescue Addressable::URI::InvalidURIError => error
+ raise(OptionParser::InvalidArgument,"invalid URL: #{error.message}")
+ end
option :proxy, short: '-P',
value: {
type: String,
usage: 'URL'
@@ -170,15 +178,13 @@
@user_agent = ua
end
option :user_agent, short: '-u',
value: {
- type: Hash[
- Support::Network::HTTP::UserAgents::ALIASES.keys.map { |key|
- [key.to_s.tr('_','-'), key]
- }
- ]
+ type: Support::Network::HTTP::UserAgents::ALIASES.transform_keys { |key|
+ key.to_s.tr('_','-')
+ }
},
desc: 'The User-Agent to use' do |name|
@user_agent = name
end
@@ -324,28 +330,39 @@
#
# @param [String] url
# The URL to request.
#
def process_value(url)
- url = URI(url)
+ unless url =~ URL_REGEX
+ print_error "invalid URL: #{url.inspect}"
+ return
+ end
- Support::Network::HTTP.request(
- @http_method, url, proxy: @proxy,
- user_agent: @user_agent,
- user: url.user,
- password: url.password,
- query_params: @query_params,
- headers: @headers,
- body: @body,
- form_data: @form_data
- ) do |response|
- # NOTE: we must call HTTP.request with a block to avoid causing
- # #read_body to be called twice.
- print_response(response)
+ uri = begin
+ Addressable::URI.parse(url)
+ rescue Addressable::URI::InvalidURIError => error
+ print_error "invalid URL: #{error.message}"
+ return
+ end
+
+ begin
+ Support::Network::HTTP.request(
+ @http_method, uri, proxy: @proxy,
+ user_agent: @user_agent,
+ query_params: @query_params,
+ headers: @headers,
+ body: @body,
+ form_data: @form_data
+ ) do |response|
+ # NOTE: we must call HTTP.request with a block to avoid causing
+ # #read_body to be called twice.
+ print_response(response)
+ end
+ rescue StandardError => error
+ if verbose? then print_exception(error)
+ else print_error(error.message)
+ end
end
- rescue => error
- print_error(error.message)
- exit(1)
end
#
# Prints the HTTP response.
#