Reset this back to master's copy, fixes this pull

HD Moore · HD Moore · commit adc9532ec70f · 2012-10-28T23:13:32.000-05:00
diff --git a/lib/rex/proto/http/client.rb b/lib/rex/proto/http/client.rb
@@ -195,7 +195,8 @@ def request_raw(opts={})
 	# - cookie:        Cookie header value
 	# - ctype:         Content-Type header value, default: +application/x-www-form-urlencoded+
 	# - data:          HTTP data (only useful with some methods, see rfc2616)
-	# - encode:        URI encode the supplied URI
+	# - encode:        URI encode the supplied URI, default: false
+	# - encode_params: URI encode the GET or POST variables (names and values), default: true
 	# - headers:       HTTP headers as a hash, e.g. <code>{ "X-MyHeader" => "value" }</code>
 	# - method:        HTTP method to use in the request, not limited to standard methods defined by rfc2616, default: GET
 	# - proto:         protocol, default: HTTP
@@ -208,28 +209,28 @@ def request_raw(opts={})
 	# - vhost:         Host header value
 	#
 	def request_cgi(opts={})
-		c_enc  = opts['encode']     || false
-		c_cgi  = opts['uri']        || '/'
-		c_body = opts['data']       || ''
-		c_meth = opts['method']     || 'GET'
-		c_prot = opts['proto']      || 'HTTP'
-		c_vers = opts['version']    || config['version'] || '1.1'
-		c_qs   = opts['query']      || ''
-		c_varg = opts['vars_get']   || {}
-		c_varp = opts['vars_post']  || {}
-		c_head = opts['headers']    || config['headers'] || {}
-		c_rawh = opts['raw_headers']|| config['raw_headers'] || ''
-		c_type = opts['ctype']      || 'application/x-www-form-urlencoded'
-		c_ag   = opts['agent']      || config['agent']
-		c_cook = opts['cookie']     || config['cookie']
-		c_host = opts['vhost']      || config['vhost']
-		c_conn = opts['connection']
-		c_path = opts['path_info']
-		c_auth = opts['basic_auth'] || config['basic_auth'] || ''
-
-		uri    = set_cgi(c_cgi)
-		qstr   = c_qs
-		pstr   = c_body
+		c_enc   = opts['encode']      || false
+		c_enc_p = (opts['encode_params'] == true or opts['encode_params'].nil? ? true : false)
+		c_cgi   = opts['uri']         || '/'
+		c_body  = opts['data']        || ''
+		c_meth  = opts['method']      || 'GET'
+		c_prot  = opts['proto']       || 'HTTP'
+		c_vers  = opts['version']     || config['version'] || '1.1'
+		c_qs    = opts['query']       || ''
+		c_varg  = opts['vars_get']    || {}
+		c_varp  = opts['vars_post']   || {}
+		c_head  = opts['headers']     || config['headers'] || {}
+		c_rawh  = opts['raw_headers'] || config['raw_headers'] || ''
+		c_type  = opts['ctype']       || 'application/x-www-form-urlencoded'
+		c_ag    = opts['agent']       || config['agent']
+		c_cook  = opts['cookie']      || config['cookie']
+		c_host  = opts['vhost']       || config['vhost']
+		c_conn  = opts['connection']
+		c_path  = opts['path_info']
+		c_auth  = opts['basic_auth']  || config['basic_auth'] || ''
+		uri     = set_cgi(c_cgi)
+		qstr    = c_qs
+		pstr    = c_body
 
 		if (config['pad_get_params'])
 			1.upto(config['pad_get_params_count'].to_i) do |i|
@@ -242,25 +243,27 @@ def request_cgi(opts={})
 
 		c_varg.each_pair do |var,val|
 			qstr << '&' if qstr.length > 0
-			qstr << set_encode_uri(var)
+			qstr << (c_enc_p ? set_encode_uri(var) : var) 
 			qstr << '='
-			qstr << set_encode_uri(val)
+			qstr << (c_enc_p ? set_encode_uri(val) : val)
 		end
 
 		if (config['pad_post_params'])
 			1.upto(config['pad_post_params_count'].to_i) do |i|
+				rand_var = Rex::Text.rand_text_alphanumeric(rand(32)+1)
+				rand_val = Rex::Text.rand_text_alphanumeric(rand(32)+1)
 				pstr << '&' if pstr.length > 0
-				pstr << set_encode_uri(Rex::Text.rand_text_alphanumeric(rand(32)+1))
+				pstr << (c_enc_p ? set_encode_uri(rand_var) : rand_var)
 				pstr << '='
-				pstr << set_encode_uri(Rex::Text.rand_text_alphanumeric(rand(32)+1))
+				pstr << (c_enc_p ? set_encode_uri(rand_val) : rand_val)
 			end
 		end
 
 		c_varp.each_pair do |var,val|
 			pstr << '&' if pstr.length > 0
-			pstr << set_encode_uri(var)
+			pstr << (c_enc_p ? set_encode_uri(var) : var)
 			pstr << '='
-			pstr << set_encode_uri(val)
+			pstr << (c_enc_p ? set_encode_uri(val) : val)
 		end
 
 		req = ''
@@ -294,6 +297,7 @@ def request_cgi(opts={})
 		req << set_chunked_header()
 		req << set_raw_headers(c_rawh)
 		req << set_body(pstr)
+
 		req
 	end
 
