Module: PWN::Plugins::HTTPInterceptHelper

Defined in:
lib/pwn/plugins/http_intercept_helper.rb

Overview

This plugin was created to generate UTF-8 characters for fuzzing

Constant Summary collapse

@@logger = 
PWN::Plugins::PWNLogger.create

Class Method Summary collapse

Class Method Details

.authorsObject

Author(s)

0day Inc. <[email protected]>



101
102
103
104
105
 
# File 'lib/pwn/plugins/http_intercept_helper.rb', line 101

public_class_method def self.authors
  "AUTHOR(S):
    0day Inc. <[email protected]>
  "
end

.hash_to_raw(opts = {}) ⇒ Object

Supported Method Parameters

request_raw = PWN::Plugins::HTTPInterceptHelper.hash_to_raw(

request_hash: 'required => request_hash object returned by #raw_to_hash method'

)



79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
 
# File 'lib/pwn/plugins/http_intercept_helper.rb', line 79

public_class_method def self.hash_to_raw(opts = {})
  request_hash = opts[:request_hash]

  # Populate HTTP Request Line
  request_raw = "#{request_hash[:http_method]} "
  request_raw = "#{request_raw}#{request_hash[:http_resource_path]} "
  request_raw = "#{request_raw}#{request_hash[:http_version]}\r\n"

  # Populate HTTP Headers
  request_hash[:http_headers].each do |key, header_val|
    request_raw = "#{request_raw}#{key}: #{header_val}\r\n"
  end

  # Populate HTTP Body (If Applicable)
  request_raw = "#{request_raw}\r\n"
  request_raw = "#{request_raw}#{request_hash[:http_body]}" unless request_hash[:http_body] == ''
rescue StandardError => e
  raise e
end

.helpObject

Display Usage for this Module



109
110
111
112
113
114
115
116
117
118
119
 
# File 'lib/pwn/plugins/http_intercept_helper.rb', line 109

public_class_method def self.help
  puts "USAGE:
    request_hash = PWN::Plugins::HTTPInterceptHelper.raw_to_hash(
      request_raw: 'required => raw http request string to convert to hash'
    )

    request_raw = PWN::Plugins::HTTPInterceptHelper.hash_to_raw(
      request_hash: 'required => request_hash object returned by #raw_to_hash method'
    )
  "
end

.raw_to_hash(opts = {}) ⇒ Object

Supported Method Parameters

request_hash = PWN::Plugins::HTTPInterceptHelper.raw_to_hash(

request_raw: 'required => raw http request string to convert to hash'

)



14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
 
# File 'lib/pwn/plugins/http_intercept_helper.rb', line 14

public_class_method def self.raw_to_hash(opts = {})
  request_raw = opts[:request_raw].to_s
  request_hash = {}

  # Basic Parsing Begins
  raw_intercepted_request_arr = request_raw.split("\r\n")

  # Parse HTTP Protocol Request Line
  raw_request_line_arr = raw_intercepted_request_arr[0].split
  request_hash[:http_method] = raw_request_line_arr[0].to_s.upcase.to_sym
  request_hash[:http_resource_path] = URI.parse(raw_request_line_arr[1])
  request_hash[:http_version] = raw_request_line_arr[-1]

  # Begin Parsing HTTP Headers & Body (If Applicable)
  request_hash[:http_headers] = {}

  case request_hash[:http_method]
  when :CONNECT,
       :DELETE,
       :GET,
       :HEAD,
       :OPTIONS,
       :PATCH,
       :PUT,
       :TRACE
    puts request_hash[:http_method]
  when :POST
    # Parse HTTP Headers
    raw_intercepted_request_arr[1..-1].each do |val|
      break if val == '' # This may cause issues

      key = ''
      val.each_char do |char|
        break if char == ':'

        key = "#{key}#{char}"
      end

      header_val = val.gsub(/^#{key}:/, '').strip

      request_hash[:http_headers][key.to_sym] = header_val
    end

    # Parse HTTP Body
    raw_request_body = []
    raw_intercepted_request_arr[1..-1].each_with_index do |val, index|
      next if val != '' # This may cause issues

      break_index = index + 2
      request_hash[:http_body] = raw_intercepted_request_arr[break_index..-1].join(',')
    end
  else
    raise "HTTP Method: #{request_hash[:http_method]} Currently Unsupported>"
  end

  request_hash
rescue StandardError => e
  raise e
end