Module: Msf::Exploit::Remote::HTTP::Gitea::Version

Included in:: Msf::Exploit::Remote::HTTP::Gitea

Defined in:: lib/msf/core/exploit/remote/http/gitea/version.rb

Constant Summary collapse

GITEA_VERSION_PATTERN = Powered by Gitea Version

'Gitea Version: (?<version>[\da-zA-Z.]+)'.freeze

Instance Method Summary collapse

#gitea_version(res = nil) ⇒ String^?

Extracts the Gitea version information from base path.
#gitea_version_helper(url, regex, res) ⇒ Object

Instance Method Details

#gitea_version(res = nil) ⇒ `String`^?

Extracts the Gitea version information from base path

Parameters:

res (Rex::Proto::Http::Response) (defaults to: nil) —

Rex HTTP Response object

Returns:

(String, nil) —

gitea version if found, nil otherwise

# File 'lib/msf/core/exploit/remote/http/gitea/version.rb', line 11

def gitea_version(res = nil)
  # detect version from /
  version = gitea_version_helper(
    normalize_uri(target_uri.path),
    /#{GITEA_VERSION_PATTERN}/,
    res
  )
  return version
end

#gitea_version_helper(url, regex, res) ⇒ `Object`

# File 'lib/msf/core/exploit/remote/http/gitea/version.rb', line 21

def gitea_version_helper(url, regex, res)
  res ||= send_request_cgi({
    'method' => 'GET',
    'uri' => url,
    'keep_cookies' => true
  })
  if res
    match = res.body.match(regex)
    return match[1] if match
  end

  nil
end