Class: Msf::Exploit::Git::SmartHttp::Response

Inherits:
Rex::Proto::Http::Response show all
Includes:
PktLine
Defined in:
lib/msf/core/exploit/git/smart_http/response.rb

Constant Summary

Constants included from PktLine

PktLine::DELIM_PKT, PktLine::FLUSH_PKT, PktLine::RESPONSE_END_PKT

Instance Attribute Summary collapse

Attributes inherited from Rex::Proto::Http::Response

#count_100, #peerinfo, #proto, #request

Attributes inherited from Rex::Proto::Http::Packet

#auto_cl, #body, #body_bytes_left, #bufq, #chunk_max_size, #chunk_min_size, #compress, #error, #headers, #incomplete, #inside_chunk, #keepalive, #max_data, #state, #transfer_chunked

Class Method Summary collapse

Instance Method Summary collapse

Methods included from PktLine

generate_data_pkt, generate_pkt_line, get_pkt_line_data, get_pkt_lines, has_pkt_line_data?, request_ends

Methods inherited from Rex::Proto::Http::Response

#check_100, #cmd_string, #get_cookies, #get_cookies_parsed, #get_hidden_inputs, #get_html_document, #get_html_meta_elements, #get_html_scripts, #get_json_document, #get_xml_document, #redirect?, #redirection, #update_cmd_parts

Methods inherited from Rex::Proto::Http::Packet

#[], #[]=, #check_100, #chunk, #cmd_string, #completed?, #from_s, #output_packet, #parse, #parse_body, #parse_header, #reset, #reset_except_queue, #to_s, #to_terminal_output, #update_cmd_parts

Constructor Details

#initialize(opts = {}) ⇒ Response

Returns a new instance of Response.



8
9
10
11
12
13
14
15
16
17
18
19
20
# File 'lib/msf/core/exploit/git/smart_http/response.rb', line 8

def initialize(opts = {})
  @body = opts[:body] || ''
  @code = opts[:code] || 200
  @message = opts[:message] || 'OK'
  @uri = opts[:uri] || '/'
  @type = opts[:type] || ''
  @wants = opts[:wants] || []
  @haves = opts[:haves] || []
  @capabilities = opts[:capabilities] || ''

  super(@code, @message)
  set_headers
end

Instance Attribute Details

#capabilitiesObject (readonly)

Returns the value of attribute capabilities.



6
7
8
# File 'lib/msf/core/exploit/git/smart_http/response.rb', line 6

def capabilities
  @capabilities
end

#codeObject (readonly)

Returns the value of attribute code.



6
7
8
# File 'lib/msf/core/exploit/git/smart_http/response.rb', line 6

def code
  @code
end

#havesObject (readonly)

Returns the value of attribute haves.



6
7
8
# File 'lib/msf/core/exploit/git/smart_http/response.rb', line 6

def haves
  @haves
end

#messageObject (readonly)

Returns the value of attribute message.



6
7
8
# File 'lib/msf/core/exploit/git/smart_http/response.rb', line 6

def message
  @message
end

#typeObject (readonly)

Returns the value of attribute type.



6
7
8
# File 'lib/msf/core/exploit/git/smart_http/response.rb', line 6

def type
  @type
end

#uriObject (readonly)

Returns the value of attribute uri.



6
7
8
# File 'lib/msf/core/exploit/git/smart_http/response.rb', line 6

def uri
  @uri
end

#wantsObject (readonly)

Returns the value of attribute wants.



6
7
8
# File 'lib/msf/core/exploit/git/smart_http/response.rb', line 6

def wants
  @wants
end

Class Method Details

.from_raw_response(response) ⇒ Object



47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
# File 'lib/msf/core/exploit/git/smart_http/response.rb', line 47

def self.from_raw_response(response)
  return nil unless response

  opts = {}
  if response.body.include?('service=git-upload-pack')
    opts[:type] = 'ref-discovery'
  else
    opts[:type] = 'upload-pack'
  end

  opts[:message] = response.message
  opts[:code] = response.code
  opts[:body] = response.body

  pkt_lines = Msf::Exploit::Git::PktLine.get_pkt_lines(response.body)
  cap = pkt_lines.find { |line| line.include?('symref=HEAD') }
  opts[:capabilities] = cap || ''

  Response.new(opts)
end

Instance Method Details

#refsObject



34
35
36
37
38
39
40
41
42
43
44
45
# File 'lib/msf/core/exploit/git/smart_http/response.rb', line 34

def refs
  refs = {}

  pkt_lines = Msf::Exploit::Git::PktLine.get_pkt_lines(@body)
  pkt_lines.each do |line|
    match = line.match(/(?<sha>[a-f\d]{44})\s(?<ref>refs\/heads\/\S+)/)
    next unless match && match['sha'] && match['ref']
    refs[match['ref']] = match['sha']
  end

  refs
end

#set_headersObject



22
23
24
25
26
27
28
29
30
31
32
# File 'lib/msf/core/exploit/git/smart_http/response.rb', line 22

def set_headers
  @headers['pragma'] = 'no-cache'
  @headers['Cache-Control'] = 'no-cache'

  case @type
  when 'ref-discovery'
    @headers['Content-Type'] = 'application/x-git-upload-pack-advertisement'
  when 'upload-pack'
    @headers['Content-Type'] = 'application/x-git-upload-pack-result'
  end
end