Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
rapid7
GitHub Repository: rapid7/metasploit-framework
 Path: blob/master/data/msfcrawler/forms.rb
21517 views
1
##

2
# This module requires Metasploit: https://metasploit.com/download

3
# Current source: https://github.com/rapid7/metasploit-framework

4
##

5


6
require 'pathname'

7
require 'nokogiri'

8
require 'uri'

9


10
class CrawlerForms < BaseParser

11


12
  def parse(request,result)

13
    return unless result['Content-Type'].include?('text/html')

14


15
    doc = Nokogiri::HTML(result.body.to_s)

16
    doc.css('form').each do |f|

17
      hr = f['action']

18


19
      # Removed because unused

20
      #fname = f['name']

21
      #fname = 'NONE' if fname.empty?

22


23
      m = (f['method'].empty? ? 'GET' : f['method'].upcase)

24


25
      arrdata = []

26


27
      f.css('input').each do |p|

28
        arrdata << "#{p['name']}=#{Rex::Text.uri_encode(p['value'])}"

29
      end

30


31
      data = arrdata.join("&").to_s

32


33
      begin

34
        hreq = urltohash(m, hr, request['uri'], data)

35
        hreq['ctype'] = 'application/x-www-form-urlencoded'

36
        insertnewpath(hreq)

37
      rescue URI::InvalidURIError

38
        #puts "Parse error"

39
        #puts "Error: #{link[0]}"

40
      end

41


42
    end

43
  end

44
end

45


46


47