Fix rapid7#7170, Add HttpTrace option for HttpClient

wchen-r7 · wchen-r7 · commit 7538b3dcf808 · 2016-08-04T16:09:17.000-05:00
Fix rapid7#7170
diff --git a/lib/msf/core/exploit/http/client.rb b/lib/msf/core/exploit/http/client.rb
@@ -54,7 +54,8 @@ def initialize(info = {})
         Opt::SSLVersion,
         OptBool.new('FingerprintCheck', [ false, 'Conduct a pre-exploit fingerprint verification', true]),
         OptString.new('DOMAIN', [ true, 'The domain to use for windows authentification', 'WORKSTATION']),
-        OptInt.new('HttpClientTimeout', [false, 'HTTP connection and receive timeout'])
+        OptInt.new('HttpClientTimeout', [false, 'HTTP connection and receive timeout']),
+        OptBool.new('HttpTrace', [false, 'Show the raw HTTP requests and responses', false])
       ], self.class
     )
 
@@ -324,7 +325,10 @@ def send_request_raw(opts={}, timeout = 20)
     begin
       c = connect(opts)
       r = c.request_raw(opts)
-      c.send_recv(r, actual_timeout)
+      print_line(r.to_s) if datastore['HttpTrace']
+      res = c.send_recv(r, actual_timeout)
+      print_line(res.to_s) if datastore['HttpTrace']
+      res
     rescue ::Errno::EPIPE, ::Timeout::Error
       nil
     end
@@ -346,7 +350,10 @@ def send_request_cgi(opts={}, timeout = 20)
     begin
       c = connect(opts)
       r = c.request_cgi(opts)
-      c.send_recv(r, actual_timeout)
+      print_line(r.to_s) if datastore['HttpTrace']
+      res = c.send_recv(r, actual_timeout)
+      print_line(res.to_s) if datastore['HttpTrace']
+      res
     rescue ::Errno::EPIPE, ::Timeout::Error
       nil
     end
