Class: Ronin::Exploits::ClientSideWebVuln

Inherits:

WebVuln

• Object
• Exploit
• Web
• WebVuln
• Ronin::Exploits::ClientSideWebVuln

Defined in:

lib/ronin/exploits/client_side_web_vuln.rb

Overview

Represents a Client-Side web vulnerability.

Since:

• 1.0.0

Direct Known Subclasses

OpenRedirect, XSS

Constant Summary

Constants included from Mixins::HTTP

Mixins::HTTP::HTTP_USER_AGENT_ALIASES

Instance Attribute Summary

Attributes included from Mixins::HasPayload

#payload

Instance Method Summary

• #format_exploit ⇒ String private

  Formats the exploit based on the format param.

• #launch ⇒ Object

  Prints the client side exploit.

Methods inherited from WebVuln

base_path, cookie, #cookie, cookie_param, form_data, #form_data, form_param, header_name, headers, #headers, query_param, referer, #referer, request_method, #test, #url, #vuln, #web_vuln_kwargs

Methods included from Mixins::HasPayload

included, #initialize, #perform_build, #perform_cleanup, #perform_launch, #perform_validate

Methods included from Mixins::HTTP

#http, #http_allowed_methods, #http_cookie, #http_copy, #http_delete, #http_get, #http_get_body, #http_get_cookies, #http_get_headers, #http_head, #http_headers, #http_lock, #http_mkcol, #http_move, #http_ok?, #http_options, #http_password, #http_patch, #http_post, #http_post_body, #http_post_headers, #http_powered_by_header, #http_propfind, #http_proppatch, #http_proxy, #http_put, #http_request, #http_response_body, #http_response_headers, #http_response_status, #http_server_header, #http_trace, #http_unlock, #http_user, #http_user_agent, included

Methods inherited from Exploit

#NotVulnerable, #Unknown, #Vulnerable, advisories, advisory, #build, #cleanup, disclosed?, disclosure_date, exploit, #exploit, exploit_type, #fail, #initialize, #perform_build, #perform_cleanup, #perform_launch, #perform_test, #perform_validate, quality, register, release_date, released?, software, software_versions, #test, #validate

Instance Method Details

#format_exploit ⇒ String

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Formats the exploit based on the format param.

Returns:

• (String) —

  The formatted exploit.

Raises:

• (NotImplementedError) —

  The format format was not supported.

Since:

• 1.0.0

# File 'lib/ronin/exploits/client_side_web_vuln.rb', line 49

def format_exploit
  case params[:format]
  when :http then vuln.to_http(payload)
  when :curl then vuln.to_curl(payload)
  else
    raise(NotImplementedError,"output format not supported: #{params[:format].inspect}")
  end
end

#launch ⇒ Object

Prints the client side exploit.

Since:

• 1.0.0

# File 'lib/ronin/exploits/client_side_web_vuln.rb', line 61

def launch
  print_info "Copy and paste the following exploit:"
  puts
  puts(format_exploit)
  puts
end