Land rapid7#7183, Fix rapid7#7170 Add HttpTrace option for HttpClient

firefart · firefart · commit 009089ead77e · 2016-08-05T22:36:28.000+02:00
diff --git a/lib/msf/core/exploit/http/client.rb b/lib/msf/core/exploit/http/client.rb
@@ -54,7 +54,8 @@ def initialize(info = {})
         Opt::SSLVersion,
         OptBool.new('FingerprintCheck', [ false, 'Conduct a pre-exploit fingerprint verification', true]),
         OptString.new('DOMAIN', [ true, 'The domain to use for windows authentification', 'WORKSTATION']),
-        OptInt.new('HttpClientTimeout', [false, 'HTTP connection and receive timeout'])
+        OptInt.new('HttpClientTimeout', [false, 'HTTP connection and receive timeout']),
+        OptBool.new('HttpTrace', [false, 'Show the raw HTTP requests and responses', false])
       ], self.class
     )
 
@@ -324,9 +325,30 @@ def send_request_raw(opts={}, timeout = 20)
     begin
       c = connect(opts)
       r = c.request_raw(opts)
-      c.send_recv(r, actual_timeout)
-    rescue ::Errno::EPIPE, ::Timeout::Error
+
+      if datastore['HttpTrace']
+        print_line('#' * 20)
+        print_line('# Request:')
+        print_line('#' * 20)
+        print_line(r.to_s)
+      end
+
+      res = c.send_recv(r, actual_timeout)
+
+      if datastore['HttpTrace']
+        print_line('#' * 20)
+        print_line('# Response:')
+        print_line('#' * 20)
+        print_line(res.to_s)
+      end
+
+      res
+    rescue ::Errno::EPIPE, ::Timeout::Error => e
+      print_line(e.message) if datastore['HttpTrace']
       nil
+    rescue ::Exception => e
+      print_line(e.message) if datastore['HttpTrace']
+      raise e
     end
   end
 
@@ -343,12 +365,35 @@ def send_request_cgi(opts={}, timeout = 20)
       actual_timeout =  opts[:timeout] || timeout
     end
 
+    print_line("*" * 20) if datastore['HttpTrace']
+
     begin
       c = connect(opts)
       r = c.request_cgi(opts)
-      c.send_recv(r, actual_timeout)
-    rescue ::Errno::EPIPE, ::Timeout::Error
+
+      if datastore['HttpTrace']
+        print_line('#' * 20)
+        print_line('# Request:')
+        print_line('#' * 20)
+        print_line(r.to_s)
+      end
+
+      res = c.send_recv(r, actual_timeout)
+
+      if datastore['HttpTrace']
+        print_line('#' * 20)
+        print_line('# Response:')
+        print_line('#' * 20)
+        print_line(res.to_s)
+      end
+
+      res
+    rescue ::Errno::EPIPE, ::Timeout::Error => e
+      print_line(e.message) if datastore['HttpTrace']
       nil
+    rescue ::Exception => e
+      print_line(e.message) if datastore['HttpTrace']
+      raise e
     end
   end
 
