CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!

1
##
2
# This module requires Metasploit: https://metasploit.com/download
3
# Current source: https://github.com/rapid7/metasploit-framework
4
##
5

6
require 'pathname'
7
require 'nokogiri'
8
require 'uri'
9

10
class CrawlerForms < BaseParser
11

12
  def parse(request,result)
13
    return unless result['Content-Type'].include?('text/html')
14

15
    doc = Nokogiri::HTML(result.body.to_s)
16
    doc.css('form').each do |f|
17
      hr = f['action']
18

19
      # Removed because unused
20
      #fname = f['name']
21
      #fname = 'NONE' if fname.empty?
22

23
      m = (f['method'].empty? ? 'GET' : f['method'].upcase)
24

25
      arrdata = []
26

27
      f.css('input').each do |p|
28
        arrdata << "#{p['name']}=#{Rex::Text.uri_encode(p['value'])}"
29
      end
30

31
      data = arrdata.join("&").to_s
32

33
      begin
34
        hreq = urltohash(m, hr, request['uri'], data)
35
        hreq['ctype'] = 'application/x-www-form-urlencoded'
36
        insertnewpath(hreq)
37
      rescue URI::InvalidURIError
38
        #puts "Parse error"
39
        #puts "Error: #{link[0]}"
40
      end
41

42
    end
43
  end
44
end
45

46

47