Move all this to Rex

Author: wchen-r7

lib/metasploit/framework/login_scanner/http.rb

@@ -242,35 +242,6 @@ def send_request(opts)
         end
 
 
-        # Returns a collection of found hidden inputs
-        #
-        # @param res [Rex::Proto::Http::Response] A response object that contains a body
-        # @return [Array<Hash>] An array, each element represents a form that contains a hash of found hidden inputs
-        #  * 'name' [String] The hidden input's original name. The value is the hidden input's original value.
-        # @example
-        #  res = send_request('uri'=>'/')
-        #  inputs = get_hidden_inputs(res)
-        #  session_id = inputs[0]['sessionid'] # The first form's 'sessionid' hidden input
-        def get_hidden_inputs(res)
-          forms = []
-          noko = Nokogiri::HTML(res.body)
-          noko.search("form").each_entry do |form|
-            found_inputs = {}
-            form.search("input").each_entry do |input|
-              input_type = input.attributes['type'] ? input.attributes['type'].value : ''
-              next if input_type !~ /hidden/i
-
-              input_name = input.attributes['name'] ? input.attributes['name'].value : ''
-              input_value = input.attributes['value'] ? input.attributes['value'].value : ''
-              found_inputs[input_name] = input_value unless input_name.empty?
-            end
-            forms << found_inputs unless found_inputs.empty?
-          end
-
-          forms
-        end
-
-
         # Attempt a single login with a single credential against the target.
         #
         # @param credential [Credential] The credential object to attempt to

lib/rex/proto/http/response.rb

@@ -82,6 +82,34 @@ def get_cookies
     return cookies.strip
   end
 
+
+  # Returns a collection of found hidden inputs
+  #
+  # @return [Array<Hash>] An array, each element represents a form that contains a hash of found hidden inputs
+  #  * 'name' [String] The hidden input's original name. The value is the hidden input's original value.
+  # @example
+  #  res = send_request_cgi('uri'=>'/')
+  #  inputs = res.get_hidden_inputs
+  #  session_id = inputs[0]['sessionid'] # The first form's 'sessionid' hidden input
+  def get_hidden_inputs
+    forms = []
+    noko = Nokogiri::HTML(self.body)
+    noko.search("form").each_entry do |form|
+      found_inputs = {}
+      form.search("input").each_entry do |input|
+        input_type = input.attributes['type'] ? input.attributes['type'].value : ''
+        next if input_type !~ /hidden/i
+
+        input_name = input.attributes['name'] ? input.attributes['name'].value : ''
+        input_value = input.attributes['value'] ? input.attributes['value'].value : ''
+        found_inputs[input_name] = input_value unless input_name.empty?
+      end
+      forms << found_inputs unless found_inputs.empty?
+    end
+
+    forms
+  end
+
   #
   # Updates the various parts of the HTTP response command string.
   #

spec/lib/metasploit/framework/login_scanner/http_spec.rb

@@ -30,52 +30,4 @@
     end
   end
 
-  describe '#get_hidden_inputs' do
-    let(:response) do
-      res = Rex::Proto::Http::Response.new(200, 'OK')
-      res.body = %Q|
-      <html>
-      <head>
-      <body>
-      <form action="test.php">
-        <input name="input_1" type="hidden" value="some_value_1" />
-      </form>
-      <form>
-        <input name="input_0" type="text" value="Not a hidden input" />
-        <input name="input_1" type="hidden" value="some_value_1" />
-        <INPUT name="input_2" type="hidden" value="" />
-      </form>
-      </body>
-      </head>
-      </htm>
-      |
-      res
-    end
-
-
-    context 'when an HTML page contains two forms containing hidden inputs' do
-      it 'returns an array' do
-        expect(subject.get_hidden_inputs(response)).to be_kind_of(Array)
-      end
-
-      it 'returns hashes in the array' do
-        subject.get_hidden_inputs(response).each do |form|
-          expect(form).to be_kind_of(Hash)
-        end
-      end
-
-      it 'returns \'some_value_1\' in the input_1 hidden input from the first element' do
-        expect(subject.get_hidden_inputs(response)[0]['input_1']).to eq('some_value_1')
-      end
-
-      it 'returns two hidden inputs in the second element' do
-        expect(subject.get_hidden_inputs(response)[1].length).to eq(2)
-      end
-
-      it 'returns an empty string for the input_2 hidden input from the second element' do
-        expect(subject.get_hidden_inputs(response)[1]['input_2']).to be_empty
-      end
-    end
-  end
-
 end

spec/lib/rex/proto/http/response_spec.rb

@@ -141,6 +141,71 @@ def cookie_sanity_check(meth)
     cookies.split(';').map(&:strip)
   end
 
+
+  describe '#get_hidden_inputs' do
+    let(:response) do
+      res = Rex::Proto::Http::Response.new(200, 'OK')
+      res.body = %Q|
+      <html>
+      <head>
+      <body>
+      <form action="test.php">
+        <input name="input_1" type="hidden" value="some_value_1" />
+      </form>
+      <form>
+        <input name="input_0" type="text" value="Not a hidden input" />
+        <input name="input_1" type="hidden" value="some_value_1" />
+        <INPUT name="input_2" type="hidden" value="" />
+      </form>
+      </body>
+      </head>
+      </htm>
+      |
+      res
+    end
+
+    subject do
+      cli = Rex::Proto::Http::Client.new('127.0.0.1')
+      cli.connect
+      req = cli.request_cgi({'uri'=>'/'})
+      res = cli.send_recv(req)
+      res
+    end
+
+    before(:each) do
+      allow_any_instance_of(Rex::Proto::Http::Client).to receive(:request_cgi).with(any_args)
+      allow_any_instance_of(Rex::Proto::Http::Client).to receive(:send_recv).with(any_args).and_return(response)
+      allow_any_instance_of(Rex::Proto::Http::Client).to receive(:set_config).with(any_args)
+      allow_any_instance_of(Rex::Proto::Http::Client).to receive(:close)
+      allow_any_instance_of(Rex::Proto::Http::Client).to receive(:connect)
+    end
+
+    context 'when an HTML page contains two forms containing hidden inputs' do
+      it 'returns an array' do
+        expect(subject.get_hidden_inputs).to be_kind_of(Array)
+      end
+
+      it 'returns hashes in the array' do
+        subject.get_hidden_inputs.each do |form|
+          expect(form).to be_kind_of(Hash)
+        end
+      end
+
+      it 'returns \'some_value_1\' in the input_1 hidden input from the first element' do
+        expect(subject.get_hidden_inputs[0]['input_1']).to eq('some_value_1')
+      end
+
+      it 'returns two hidden inputs in the second element' do
+        expect(subject.get_hidden_inputs[1].length).to eq(2)
+      end
+
+      it 'returns an empty string for the input_2 hidden input from the second element' do
+        expect(subject.get_hidden_inputs[1]['input_2']).to be_empty
+      end
+    end
+  end
+
+
   context "#get_cookies" do
 
     it 'returns empty string for no Set-Cookies' do