Handle the usage of // (same-scheme) URLs.

jvennix-r7 · jvennix-r7 · commit 35c9a1319909 · 2015-01-15T15:09:50.000-06:00
diff --git a/modules/auxiliary/gather/apple_safari_webarchive_uxss.rb b/modules/auxiliary/gather/apple_safari_webarchive_uxss.rb
@@ -47,7 +47,7 @@ def initialize(info = {})
     register_options(
       [
         OptString.new('FILENAME', [ true, 'The file name.',  'msf.webarchive']),
-        OptString.new('URLS', [ true, 'A space-delimited list of URLs to UXSS (eg http://browserscan.rapid7.com/']),
+        OptString.new('URLS', [ true, 'A space-delimited list of URLs to UXSS (eg http://rapid7.com http://example.com']),
         OptString.new('URIPATH', [false, 'The URI to receive the UXSS\'ed data', '/grab']),
         OptString.new('DOWNLOAD_PATH', [ true, 'The path to download the webarhive.', '/msf.webarchive']),
         OptString.new('URLS', [ true, 'The URLs to steal cookie and form data from.', '']),
@@ -768,8 +768,11 @@ def find_cached_scripts
             if script_uri.relative?
               url = page_uri + url
             end
+            if url.to_s.starts_with? '//'
+              url = "#{page_uri.scheme}:"+url
+            end
             io = open(url)
-          rescue URI::InvalidURIError => e
+          rescue URI::InvalidURIError, OpenURI::HTTPError
             next
           end
 
