Class: Rex::Proto::Http::Client

Inherits:

Object

• Object
• Rex::Proto::Http::Client

Defined in:

lib/rex/proto/http/client.rb

Overview

Acts as a client to an HTTP server, sending requests and receiving responses.

See the RFC: www.w3.org/Protocols/rfc2616/rfc2616.html

Instance Attribute Summary

• #comm ⇒ Object

  An optional comm to use for creating the underlying socket.

• #config ⇒ Object

  The client request configuration.

• #config_types ⇒ Object

  The client request configuration classes.

• #conn ⇒ Object

  The underlying connection.

• #context ⇒ Object

  The calling context to pass to the socket.

• #hostname ⇒ Object protected

  :nodoc:.

• #junk_pipeline ⇒ Object

  When parsing the request, thunk off the first response from the server, since junk.

• #kerberos_authenticator ⇒ Object

  Auth.

• #krb_encryptor ⇒ Object protected

  The established kerberos connection info.

• #local_host ⇒ Object

  The local host of the client.

• #local_port ⇒ Object

  The local port of the client.

• #ntlm_client ⇒ Object protected

  The established NTLM connection info.

• #password ⇒ Object

  Auth.

• #pipeline ⇒ Object

  Whether or not pipelining is in use.

• #port ⇒ Object protected

  :nodoc:.

• #proxies ⇒ Object

  The proxy list.

• #ssl ⇒ Object protected

  https.

• #ssl_version ⇒ Object protected

  https.

• #sslkeylogfile ⇒ String protected

  The SSL key log file for the connected socket.

• #subscriber ⇒ Rex::Proto::Http::HttpSubscriber

  The HTTP subscriber.

• #username ⇒ Object

  Auth.

Instance Method Summary

• #_send_recv(req, t = -1,, persist = false) ⇒ Response

  Transmit an HTTP request and receive the response.

• #basic_auth_header(username, password) ⇒ String

  Converts username and password into the HTTP Basic authorization string.

• #channel_binding ⇒ Object
• #close ⇒ Object

  Closes the connection to the remote server.

• #conn? ⇒ Boolean

  Returns whether or not the conn is valid.

• #connect(t = -1)) ⇒ Rex::Socket::Tcp

  Connects to the remote server if possible.

• #digest_auth(opts = {}) ⇒ Response

  Send a series of requests to complete Digest Authentication.

• #initialize(host, port = 80, context = {}, ssl = nil, ssl_version = nil, proxies = nil, username = '', password = '', kerberos_authenticator: nil, comm: nil, subscriber: nil, sslkeylogfile: nil) ⇒ Client constructor

  Creates a new client instance.

• #kerberos_auth(opts = {}) ⇒ Object
• #negotiate_auth(opts = {}) ⇒ Response

  Builds a series of requests to complete Negotiate Auth.

• #peerinfo ⇒ Object

  Target host addr and port for this connection.

• #pipelining? ⇒ Boolean

  Whether or not connections should be pipelined.

• #read_response(t = -1,, opts = {}) ⇒ Response

  Read a response from the server.

• #request_cgi(opts = {}) ⇒ ClientRequest

  Create a CGI compatible request.

• #request_raw(opts = {}) ⇒ ClientRequest

  Create an arbitrary HTTP request.

• #send_auth(res, opts, t, persist) ⇒ Response

  Resends an HTTP Request with the proper authentication headers set.

• #send_recv(req, t = -1,, persist = false) ⇒ Response

  Sends a request and gets a response back.

• #send_request(req, t = -1)) ⇒ void

  Send an HTTP request to the server.

• #set_config(opts = {}) ⇒ Object

  Set configuration options.

• #stop ⇒ Object

  Cleans up any outstanding connections and other resources.

Constructor Details

#initialize(host, port = 80, context = {}, ssl = nil, ssl_version = nil, proxies = nil, username = '', password = '', kerberos_authenticator: nil, comm: nil, subscriber: nil, sslkeylogfile: nil) ⇒ Client

Creates a new client instance

Parameters:

• subscriber (Rex::Proto::Http::HttpSubscriber) (defaults to: nil) —

  A subscriber to Http requests/responses

# File 'lib/rex/proto/http/client.rb', line 24

def initialize(host, port = 80, context = {}, ssl = nil, ssl_version = nil, proxies = nil, username = '', password = '', kerberos_authenticator: nil, comm: nil, subscriber: nil, sslkeylogfile: nil)
  self.hostname = host
  self.port = port.to_i
  self.context = context
  self.ssl = ssl
  self.ssl_version = ssl_version
  self.proxies = proxies
  self.username = username
  self.password = password
  self.kerberos_authenticator = kerberos_authenticator
  self.comm = comm
  self.subscriber = subscriber || HttpSubscriber.new
  self.sslkeylogfile = sslkeylogfile

  # Take ClientRequest's defaults, but override with our own
  self.config = Http::ClientRequest::DefaultConfig.merge({
    'read_max_data' => (1024 * 1024 * 1),
    'vhost' => hostname,
    'ssl_server_name_indication' => hostname
  })
  config['agent'] ||= Rex::UserAgent.session_agent

  # XXX: This info should all be controlled by ClientRequest
  self.config_types = {
    'uri_encode_mode' => ['hex-normal', 'hex-all', 'hex-random', 'hex-noslashes', 'u-normal', 'u-random', 'u-all'],
    'uri_encode_count' => 'integer',
    'uri_full_url' => 'bool',
    'pad_method_uri_count' => 'integer',
    'pad_uri_version_count' => 'integer',
    'pad_method_uri_type' => ['space', 'tab', 'apache'],
    'pad_uri_version_type' => ['space', 'tab', 'apache'],
    'method_random_valid' => 'bool',
    'method_random_invalid' => 'bool',
    'method_random_case' => 'bool',
    'version_random_valid' => 'bool',
    'version_random_invalid' => 'bool',
    'uri_dir_self_reference' => 'bool',
    'uri_dir_fake_relative' => 'bool',
    'uri_use_backslashes' => 'bool',
    'pad_fake_headers' => 'bool',
    'pad_fake_headers_count' => 'integer',
    'pad_get_params' => 'bool',
    'pad_get_params_count' => 'integer',
    'pad_post_params' => 'bool',
    'pad_post_params_count' => 'integer',
    'shuffle_get_params' => 'bool',
    'shuffle_post_params' => 'bool',
    'uri_fake_end' => 'bool',
    'uri_fake_params_start' => 'bool',
    'header_folding' => 'bool',
    'chunked_size' => 'integer',
    'partial' => 'bool'
  }
end

Instance Attribute Details

#comm ⇒ Object

An optional comm to use for creating the underlying socket.

# File 'lib/rex/proto/http/client.rb', line 683

def comm
  @comm
end

#config ⇒ Object

The client request configuration

# File 'lib/rex/proto/http/client.rb', line 687

def config
  @config
end

#config_types ⇒ Object

The client request configuration classes

# File 'lib/rex/proto/http/client.rb', line 691

def config_types
  @config_types
end

#conn ⇒ Object

The underlying connection.

# File 'lib/rex/proto/http/client.rb', line 707

def conn
  @conn
end

#context ⇒ Object

The calling context to pass to the socket

# File 'lib/rex/proto/http/client.rb', line 711

def context
  @context
end

#hostname ⇒ Object (protected)

:nodoc:

# File 'lib/rex/proto/http/client.rb', line 731

def hostname
  @hostname
end

#junk_pipeline ⇒ Object

When parsing the request, thunk off the first response from the server, since junk

# File 'lib/rex/proto/http/client.rb', line 721

def junk_pipeline
  @junk_pipeline
end

#kerberos_authenticator ⇒ Object

Auth

# File 'lib/rex/proto/http/client.rb', line 718

def kerberos_authenticator
  @kerberos_authenticator
end

#krb_encryptor ⇒ Object (protected)

The established kerberos connection info

# File 'lib/rex/proto/http/client.rb', line 747

def krb_encryptor
  @krb_encryptor
end

#local_host ⇒ Object

The local host of the client.

# File 'lib/rex/proto/http/client.rb', line 699

def local_host
  @local_host
end

#local_port ⇒ Object

The local port of the client.

# File 'lib/rex/proto/http/client.rb', line 703

def local_port
  @local_port
end

#ntlm_client ⇒ Object (protected)

The established NTLM connection info

# File 'lib/rex/proto/http/client.rb', line 742

def ntlm_client
  @ntlm_client
end

#password ⇒ Object

Auth

# File 'lib/rex/proto/http/client.rb', line 718

def password
  @password
end

#pipeline ⇒ Object

Whether or not pipelining is in use.

# File 'lib/rex/proto/http/client.rb', line 695

def pipeline
  @pipeline
end

#port ⇒ Object (protected)

:nodoc:

# File 'lib/rex/proto/http/client.rb', line 731

def port
  @port
end

#proxies ⇒ Object

The proxy list

# File 'lib/rex/proto/http/client.rb', line 715

def proxies
  @proxies
end

#ssl ⇒ Object (protected)

https

# File 'lib/rex/proto/http/client.rb', line 729

def ssl
  @ssl
end

#ssl_version ⇒ Object (protected)

https

# File 'lib/rex/proto/http/client.rb', line 729

def ssl_version
  @ssl_version
end

#sslkeylogfile ⇒ String (protected)

The SSL key log file for the connected socket.

Returns:

• (String)

# File 'lib/rex/proto/http/client.rb', line 737

def sslkeylogfile
  @sslkeylogfile
end

#subscriber ⇒ Rex::Proto::Http::HttpSubscriber

Returns The HTTP subscriber.

Returns:

• (Rex::Proto::Http::HttpSubscriber) —

  The HTTP subscriber

# File 'lib/rex/proto/http/client.rb', line 724

def subscriber
  @subscriber
end

#username ⇒ Object

Auth

# File 'lib/rex/proto/http/client.rb', line 718

def username
  @username
end

Instance Method Details

#_send_recv(req, t = -1,, persist = false) ⇒ Response

Transmit an HTTP request and receive the response

If persist is set, then the request will attempt to reuse an existing connection.

Call this directly instead of #send_recv if you don’t want automatic authentication handling.

Returns:

• (Response)

# File 'lib/rex/proto/http/client.rb', line 231

def _send_recv(req, t = -1, persist = false)
  @pipeline = persist
  subscriber.on_request(req)
  if req.respond_to?(:opts) && req.opts['ntlm_transform_request'] && ntlm_client
    req = req.opts['ntlm_transform_request'].call(ntlm_client, req)
  elsif req.respond_to?(:opts) && req.opts['krb_transform_request'] && krb_encryptor
    req = req.opts['krb_transform_request'].call(krb_encryptor, req)
  end

  send_request(req, t)

  res = read_response(t, original_request: req)
  if req.respond_to?(:opts) && req.opts['ntlm_transform_response'] && ntlm_client
    req.opts['ntlm_transform_response'].call(ntlm_client, res)
  elsif req.respond_to?(:opts) && req.opts['krb_transform_response'] && krb_encryptor
    req = req.opts['krb_transform_response'].call(krb_encryptor, res)
  end
  res.request = req.to_s if res
  res.peerinfo = peerinfo if res
  subscriber.on_response(res)
  res
end

#basic_auth_header(username, password) ⇒ String

Converts username and password into the HTTP Basic authorization string.

Returns:

• (String) —

  A value suitable for use as an Authorization header

# File 'lib/rex/proto/http/client.rb', line 339

def basic_auth_header(username, password)
  auth_str = username.to_s + ':' + password.to_s
  'Basic ' + Rex::Text.encode_base64(auth_str)
end

#channel_binding ⇒ Object

# File 'lib/rex/proto/http/client.rb', line 541

def channel_binding
  if !conn.respond_to?(:peer_cert) or conn.peer_cert.nil?
    nil
  else
    Net::NTLM::ChannelBinding.create(OpenSSL::X509::Certificate.new(conn.peer_cert))
  end
end

#close ⇒ Object

Closes the connection to the remote server.

# File 'lib/rex/proto/http/client.rb', line 196

def close
  if conn && !conn.closed?
    conn.shutdown
    conn.close
  end

  self.conn = nil
  self.ntlm_client = nil
end

#conn? ⇒ Boolean

Returns whether or not the conn is valid.

Returns:

• (Boolean)

# File 'lib/rex/proto/http/client.rb', line 653

def conn?
  conn != nil
end

#connect(t = -1)) ⇒ Rex::Socket::Tcp

Connects to the remote server if possible.

Parameters:

• t (Integer) (defaults to: -1)) —

  Timeout

Returns:

• (Rex::Socket::Tcp)

See Also:

• Socket::Tcp.create

# File 'lib/rex/proto/http/client.rb', line 165

def connect(t = -1)
  # If we already have a connection and we aren't pipelining, close it.
  if conn
    if !pipelining?
      close
    else
      return conn
    end
  end

  timeout = (t.nil? or t == -1) ? 0 : t

  self.conn = Rex::Socket::Tcp.create(
    'PeerHost' => hostname,
    'PeerHostname' => config['ssl_server_name_indication'] || config['vhost'],
    'PeerPort' => port.to_i,
    'LocalHost' => local_host,
    'LocalPort' => local_port,
    'Context' => context,
    'SSL' => ssl,
    'SSLVersion' => ssl_version,
    'SSLKeyLogFile' => sslkeylogfile,
    'Proxies' => proxies,
    'Timeout' => timeout,
    'Comm' => comm
  )
end

#digest_auth(opts = {}) ⇒ Response

Send a series of requests to complete Digest Authentication

Parameters:

• opts (Hash) (defaults to: {}) —

  the options used to build an HTTP request

Returns:

• (Response) —

  the last valid HTTP response we received

# File 'lib/rex/proto/http/client.rb', line 347

def digest_auth(opts = {})
  to = opts['timeout'] || 20

  digest_user = opts['username'] || ''
  digest_password = opts['password'] || ''

  method = opts['method']
  path = opts['uri']
  iis = true
  if (opts['DigestAuthIIS'] == false or config['DigestAuthIIS'] == false)
    iis = false
  end

  begin
    resp = opts['response']

    if !resp
      # Get authentication-challenge from server, and read out parameters required
      r = request_cgi(opts.merge({
        'uri' => path,
        'method' => method
      }))
      resp = _send_recv(r, to)
      unless resp.is_a? Rex::Proto::Http::Response
        return nil
      end

      if resp.code != 401
        return resp
      end
      return resp unless resp.headers['WWW-Authenticate']
    end

    # Don't anchor this regex to the beginning of string because header
    # folding makes it appear later when the server presents multiple
    # WWW-Authentication options (such as is the case with IIS configured
    # for Digest or NTLM).
    resp['www-authenticate'] =~ /Digest (.*)/

    parameters = {}
    ::Regexp.last_match(1).split(/,[[:space:]]*/).each do |p|
      k, v = p.split('=', 2)
      parameters[k] = v.gsub('"', '')
    end

    auth_digest = Rex::Proto::Http::AuthDigest.new
    auth = auth_digest.digest(digest_user, digest_password, method, path, parameters, iis)

    headers = { 'Authorization' => auth.join(', ') }
    headers.merge!(opts['headers']) if opts['headers']

    # Send main request with authentication
    r = request_cgi(opts.merge({
      'uri' => path,
      'method' => method,
      'headers' => headers
    }))
    resp = _send_recv(r, to, true)
    unless resp.is_a? Rex::Proto::Http::Response
      return nil
    end

    return resp
  rescue ::Errno::EPIPE, ::Timeout::Error
  end
end

#kerberos_auth(opts = {}) ⇒ Object

# File 'lib/rex/proto/http/client.rb', line 414

def kerberos_auth(opts = {})
  to = opts['timeout'] || 20
  auth_result = kerberos_authenticator.authenticate(mechanism: Rex::Proto::Gss::Mechanism::KERBEROS)
  gss_data = auth_result[:security_blob]
  gss_data_b64 = Rex::Text.encode_base64(gss_data)

  # Separate options for the auth requests
  auth_opts = opts.clone
  auth_opts['headers'] = opts['headers'].clone
  auth_opts['headers']['Authorization'] = "Kerberos #{gss_data_b64}"

  if auth_opts['no_body_for_auth']
    auth_opts.delete('data')
    auth_opts.delete('krb_transform_request')
    auth_opts.delete('krb_transform_response')
  end

  begin
    # Send the auth request
    r = request_cgi(auth_opts)
    resp = _send_recv(r, to)
    unless resp.is_a? Rex::Proto::Http::Response
      return nil
    end

    # Get the challenge and craft the response
    response = resp.headers['WWW-Authenticate'].scan(/Kerberos ([A-Z0-9\x2b\x2f=]+)/ni).flatten[0]
    return resp unless response

    decoded = Rex::Text.decode_base64(response)
    mutual_auth_result = kerberos_authenticator.parse_gss_init_response(decoded, auth_result[:session_key])
    self.krb_encryptor = kerberos_authenticator.get_message_encryptor(mutual_auth_result[:ap_rep_subkey],
                                                                      auth_result[:client_sequence_number],
                                                                      mutual_auth_result[:server_sequence_number])

    if opts['no_body_for_auth']
      # If the body wasn't sent in the authentication, now do the actual request
      r = request_cgi(opts)
      resp = _send_recv(r, to, true)
    end
    return resp
  rescue ::Errno::EPIPE, ::Timeout::Error
    return nil
  end
end

#negotiate_auth(opts = {}) ⇒ Response

Builds a series of requests to complete Negotiate Auth. Works essentially the same way as Digest auth. Same pipelining concerns exist.

Parameters:

• opts (Hash) (defaults to: {}) —

  a customizable set of options

Options Hash (opts):

• provider ("Negotiate", "NTLM") —

  What Negotiate provider to use

Returns:

• (Response) —

  the last valid HTTP response we received

# File 'lib/rex/proto/http/client.rb', line 468

def negotiate_auth(opts = {})
  to = opts['timeout'] || 20
  opts['username'] ||= ''
  opts['password'] ||= ''

  if opts['provider'] and opts['provider'].include? 'Negotiate'
    provider = 'Negotiate '
  else
    provider = 'NTLM '
  end

  opts['method'] ||= 'GET'
  opts['headers'] ||= {}

  workstation_name = Rex::Text.rand_text_alpha(rand(6..13))
  domain_name = config['domain']

  ntlm_client = ::Net::NTLM::Client.new(
    opts['username'],
    opts['password'],
    workstation: workstation_name,
    domain: domain_name
  )
  type1 = ntlm_client.init_context

  begin
    # Separate options for the auth requests
    auth_opts = opts.clone
    auth_opts['headers'] = opts['headers'].clone
    auth_opts['headers']['Authorization'] = provider + type1.encode64

    if auth_opts['no_body_for_auth']
      auth_opts.delete('data')
      auth_opts.delete('ntlm_transform_request')
      auth_opts.delete('ntlm_transform_response')
    end

    # First request to get the challenge
    r = request_cgi(auth_opts)
    resp = _send_recv(r, to)
    unless resp.is_a? Rex::Proto::Http::Response
      return nil
    end

    return resp unless resp.code == 401 && resp.headers['WWW-Authenticate']

    # Get the challenge and craft the response
    ntlm_challenge = resp.headers['WWW-Authenticate'].scan(/#{provider}([A-Z0-9\x2b\x2f=]+)/ni).flatten[0]
    return resp unless ntlm_challenge

    ntlm_message_3 = ntlm_client.init_context(ntlm_challenge, channel_binding)

    self.ntlm_client = ntlm_client
    # Send the response
    auth_opts['headers']['Authorization'] = "#{provider}#{ntlm_message_3.encode64}"
    r = request_cgi(auth_opts)
    resp = _send_recv(r, to, true)

    unless resp.is_a? Rex::Proto::Http::Response
      return nil
    end

    if opts['no_body_for_auth']
      # If the body wasn't sent in the authentication, now do the actual request
      r = request_cgi(opts)
      resp = _send_recv(r, to, true)
    end
    return resp
  rescue ::Errno::EPIPE, ::Timeout::Error
    return nil
  end
end

#peerinfo ⇒ Object

Target host addr and port for this connection

# File 'lib/rex/proto/http/client.rb', line 667

def peerinfo
  if conn
    pi = conn.peerinfo || nil
    if pi
      return {
        'addr' => pi.split(':')[0],
        'port' => pi.split(':')[1].to_i
      }
    end
  end
  nil
end

#pipelining? ⇒ Boolean

Whether or not connections should be pipelined.

Returns:

• (Boolean)

# File 'lib/rex/proto/http/client.rb', line 660

def pipelining?
  pipeline
end

#read_response(t = -1,, opts = {}) ⇒ Response

Read a response from the server

Wait at most t seconds for the full response to be read in. If t is specified as a negative value, it indicates an indefinite wait cycle. If t is specified as nil or 0, it indicates no response parsing is required.

Returns:

• (Response)

# File 'lib/rex/proto/http/client.rb', line 556

def read_response(t = -1, opts = {})
  # Return a nil response if timeout is nil or 0
  return if t.nil? || t == 0

  resp = Response.new
  resp.max_data = config['read_max_data']

  original_request = opts.fetch(:original_request) { nil }
  parse_opts = {}
  unless original_request.nil?
    parse_opts = { orig_method: original_request.opts['method'] }
  end

  Timeout.timeout((t < 0) ? nil : t) do
    rv = nil
    while (
             !conn.closed? and
             rv != Packet::ParseCode::Completed and
             rv != Packet::ParseCode::Error
           )

      begin
        buff = conn.get_once(resp.max_data, 1)
        rv = resp.parse(buff || '', parse_opts)

      # Handle unexpected disconnects
      rescue ::Errno::EPIPE, ::EOFError, ::IOError
        case resp.state
        when Packet::ParseState::ProcessingHeader
          resp = nil
        when Packet::ParseState::ProcessingBody
          # truncated request, good enough
          resp.error = :truncated
        end
        break
      end

      # This is a dirty hack for broken HTTP servers
      next unless rv == Packet::ParseCode::Completed

      rbody = resp.body
      rbufq = resp.bufq

      rblob = rbody.to_s + rbufq.to_s
      tries = 0
      begin
        # XXX: This doesn't deal with chunked encoding
        while tries < 1000 and resp.headers['Content-Type'] and resp.headers['Content-Type'].start_with?('text/html') and rblob !~ %r{</html>}i
          buff = conn.get_once(-1, 0.05)
          break if !buff

          rblob += buff
          tries += 1
        end
      rescue ::Errno::EPIPE, ::EOFError, ::IOError
      end

      resp.bufq = ''
      resp.body = rblob
    end
  end

  return resp if !resp

  # As a last minute hack, we check to see if we're dealing with a 100 Continue here.
  # Most of the time this is handled by the parser via check_100()
  if resp.proto == '1.1' and resp.code == 100 and !(opts[:skip_100])
    # Read the real response from the body if we found one
    # If so, our real response became the body, so we re-parse it.
    if resp.body.to_s =~ /^HTTP/
      body = resp.body
      resp = Response.new
      resp.max_data = config['read_max_data']
      resp.parse(body, parse_opts)
    # We found a 100 Continue but didn't read the real reply yet
    # Otherwise reread the reply, but don't try this hack again
    else
      resp = read_response(t, skip_100: true)
    end
  end

  resp
rescue Timeout::Error
  # Allow partial response due to timeout
  resp if config['partial']
end

#request_cgi(opts = {}) ⇒ ClientRequest

Create a CGI compatible request

Parameters:

• opts (Hash) (defaults to: {})

Options Hash (opts):

• Content-Type ('ctype'String) —

  header value, default for POST requests: application/x-www-form-urlencoded

• URI ('encode_params'Bool) —

  encode the GET or POST variables (names and values), default: true

• GET ('vars_get'Hash) —

  variables as a hash to be translated into a query string

• POST ('vars_post'Hash) —

  variables as a hash to be translated into POST data

• POST ('vars_form_data'Hash) —

  form_data variables as a hash to be translated into multi-part POST form data

• User-Agent ('agent'String) —

  header value

• Connection ('connection'String) —

  header value

• Cookie ('cookie'String) —

  header value

• HTTP ('data'String) —

  data (only useful with some methods, see rfc2616)

• URI ('encode'Bool) —

  encode the supplied URI, default: false

• HTTP ('headers'Hash) —

  headers, e.g. { "X-MyHeader" => "value" }

• HTTP ('method'String) —

  method to use in the request, not limited to standard methods defined by rfc2616, default: GET

• protocol, ('proto'String) —

  default: HTTP

• raw ('query'String) —

  query string

• Raw ('raw_headers'String) —

  HTTP headers

• the ('uri'String) —

  URI to request

• version ('version'String) —

  of the protocol, default: 1.1

• Host ('vhost'String) —

  header value

Returns:

• (ClientRequest)

# File 'lib/rex/proto/http/client.rb', line 149

def request_cgi(opts = {})
  opts = config.merge(opts)

  opts['cgi'] = true
  opts['port'] = port
  opts['ssl'] = ssl

  ClientRequest.new(opts)
end

#request_raw(opts = {}) ⇒ ClientRequest

Create an arbitrary HTTP request

Parameters:

• opts (Hash) (defaults to: {})

Options Hash (opts):

• User-Agent ('agent'String) —

  header value

• Connection ('connection'String) —

  header value

• Cookie ('cookie'String) —

  header value

• HTTP ('data'String) —

  data (only useful with some methods, see rfc2616)

• URI ('encode'Bool) —

  encode the supplied URI, default: false

• HTTP ('headers'Hash) —

  headers, e.g. { "X-MyHeader" => "value" }

• HTTP ('method'String) —

  method to use in the request, not limited to standard methods defined by rfc2616, default: GET

• protocol, ('proto'String) —

  default: HTTP

• raw ('query'String) —

  query string

• Raw ('raw_headers'String) —

  HTTP headers

• the ('uri'String) —

  URI to request

• version ('version'String) —

  of the protocol, default: 1.1

• Host ('vhost'String) —

  header value

Returns:

• (ClientRequest)

# File 'lib/rex/proto/http/client.rb', line 127

def request_raw(opts = {})
  opts = config.merge(opts)

  opts['cgi'] = false
  opts['port'] = port
  opts['ssl'] = ssl

  ClientRequest.new(opts)
end

#send_auth(res, opts, t, persist) ⇒ Response

Resends an HTTP Request with the proper authentication headers set. If we do not support the authentication type the server requires we return the original response object

Parameters:

• res (Response) —

  the HTTP Response object

• opts (Hash) —

  the options used to generate the original HTTP request

• t (Integer) —

  the timeout for the request in seconds

• persist (Boolean) —

  whether or not to persist the TCP connection (pipelining)

Returns:

• (Response) —

  the last valid HTTP response object we received

# File 'lib/rex/proto/http/client.rb', line 276

def send_auth(res, opts, t, persist)
  if opts['username'].nil? or opts['username'] == ''
    if username and !(username == '')
      opts['username'] = username
      opts['password'] = password
    else
      opts['username'] = nil
      opts['password'] = nil
    end
  end

  if opts[:kerberos_authenticator].nil?
    opts[:kerberos_authenticator] = kerberos_authenticator
  end

  return res if (opts['username'].nil? or opts['username'] == '') and opts[:kerberos_authenticator].nil?

  supported_auths = res.headers['WWW-Authenticate']

  # if several providers are available, the client may want one in particular
  preferred_auth = opts['preferred_auth']

  if supported_auths.include?('Basic') && (preferred_auth.nil? || preferred_auth == 'Basic')
    opts['headers'] ||= {}
    opts['headers']['Authorization'] = basic_auth_header(opts['username'], opts['password'])
    req = request_cgi(opts)
    res = _send_recv(req, t, persist)
    return res
  elsif supported_auths.include?('Digest') && (preferred_auth.nil? || preferred_auth == 'Digest')
    temp_response = digest_auth(opts)
    if temp_response.is_a? Rex::Proto::Http::Response
      res = temp_response
    end
    return res
  elsif supported_auths.include?('NTLM') && (preferred_auth.nil? || preferred_auth == 'NTLM')
    opts['provider'] = 'NTLM'
    temp_response = negotiate_auth(opts)
    if temp_response.is_a? Rex::Proto::Http::Response
      res = temp_response
    end
    return res
  elsif supported_auths.include?('Negotiate') && (preferred_auth.nil? || preferred_auth == 'Negotiate')
    opts['provider'] = 'Negotiate'
    temp_response = negotiate_auth(opts)
    if temp_response.is_a? Rex::Proto::Http::Response
      res = temp_response
    end
    return res
  elsif supported_auths.include?('Negotiate') && (preferred_auth.nil? || preferred_auth == 'Kerberos')
    opts['provider'] = 'Negotiate'
    temp_response = kerberos_auth(opts)
    if temp_response.is_a? Rex::Proto::Http::Response
      res = temp_response
    end
    return res
  end
  return res
end

#send_recv(req, t = -1,, persist = false) ⇒ Response

Sends a request and gets a response back

If the request is a 401, and we have creds, it will attempt to complete authentication and return the final response

Returns:

• (Response)

# File 'lib/rex/proto/http/client.rb', line 213

def send_recv(req, t = -1, persist = false)
  res = _send_recv(req, t, persist)
  if res and res.code == 401 and res.headers['WWW-Authenticate']
    res = send_auth(res, req.opts, t, persist)
  end
  res
end

#send_request(req, t = -1)) ⇒ void

This method returns an undefined value.

Send an HTTP request to the server

Parameters:

• req (Request, ClientRequest, #to_s) —

  The request to send

• t (Integer) (defaults to: -1)) —

  Timeout

# File 'lib/rex/proto/http/client.rb', line 261

def send_request(req, t = -1)
  connect(t)
  conn.put(req.to_s)
end

#set_config(opts = {}) ⇒ Object

Set configuration options

# File 'lib/rex/proto/http/client.rb', line 82

def set_config(opts = {})
  opts.each_pair do |var, val|
    # Default type is string
    typ = config_types[var] || 'string'

    # These are enum types
    if typ.is_a?(Array) && !typ.include?(val)
      raise "The specified value for #{var} is not one of the valid choices"
    end

    # The caller should have converted these to proper ruby types, but
    # take care of the case where they didn't before setting the
    # config.

    if (typ == 'bool')
      val = val == true || val.to_s =~ /^(t|y|1)/i
    end

    if (typ == 'integer')
      val = val.to_i
    end

    config[var] = val
  end
end

#stop ⇒ Object

Cleans up any outstanding connections and other resources.

# File 'lib/rex/proto/http/client.rb', line 646

def stop
  close
end