Add #send_request to Metasploit::Framework::LoginScanner::HTTP

wchen-r7 · wchen-r7 · commit 8f95624bf7d8 · 2015-03-25T01:40:02.000-05:00
diff --git a/lib/metasploit/framework/login_scanner/http.rb b/lib/metasploit/framework/login_scanner/http.rb
@@ -187,6 +187,40 @@ def check_setup
           error_message
         end
 
+        # Sends a HTTP request with Rex
+        #
+        # @param (see Rex::Proto::Http::Request#request_raw)
+        # @raise [Rex::ConnectionError] Something has gone wrong while sending the HTTP request
+        # @return [Rex::Proto::Http::Response] The HTTP response
+        def send_request(opts)
+          res = nil
+          cli = Rex::Proto::Http::Client.new(host, port,
+            {
+              'Msf' => framework,
+              'MsfExploit' => framework_module
+            },
+            ssl,
+            ssl_version,
+            proxies
+          )
+          configure_http_client(cli)
+          begin
+            cli.connect
+            req = cli.request_cgi(opts)
+            res = cli.send_recv(req)
+          rescue ::Errno::EPIPE, ::Timeout::Error => e
+            # We are trying to mimic the same type of exception rescuing in
+            # Msf::Exploit::Remote::HttpClient. But instead of returning nil, we'll consistently
+            # raise Rex::ConnectionError so the #attempt_login can return the error message back
+            # to the login module.
+            raise Rex::ConnectionError, e.message
+          ensure
+            cli.close
+          end
+
+          res
+        end
+
         # Attempt a single login with a single credential against the target.
         #
         # @param credential [Credential] The credential object to attempt to
