Module: Ronin::Exploits::Mixins::HTTP

Included in:

Web

Defined in:

lib/ronin/exploits/mixins/http.rb

Overview

Adds HTTP helper methods for communicating with a web server.

Since:

• 1.0.0

Constant Summary

HTTP_USER_AGENT_ALIASES =

This constant is part of a private API. You should avoid using this constant if possible, as it may be removed or be changed in the future.

Possible values for the user_agent param.

Since:

• 1.0.0

[
  :random,
  :chrome,
  :firefox,
  :safari,
  :linux,
  :macos,
  :windows,
  :iphone,
  :ipad,
  :android
] + Support::Network::HTTP::UserAgents::ALIASES.keys

Class Method Summary

• .included(exploit) ⇒ Object private

  Adds the required base_url params to the exploit class.

Instance Method Summary

• #http ⇒ Ronin::Support::Network::HTTP

  A persistent HTTP connection to the target host and port.

• #http_allowed_methods(path, **kwargs) {|response| ... } ⇒ Array<Symbol>

  Performs a OPTIONS HTTP request for the given URI and parses the Allow response header.

• #http_cookie ⇒ String^? private

  The Cookie to use for HTTP requests.

• #http_copy(path, **kwargs) {|response| ... } ⇒ Net::HTTPResponse

  Performs a COPY request for the given URI.

• #http_delete(path, **kwargs) {|response| ... } ⇒ Net::HTTPResponse

  Performs a DELETE request for the given URI.

• #http_get(path, **kwargs) {|response| ... } ⇒ Net::HTTPResponse

  Performs a GET request for the given URI.

• #http_get_body(path, **kwargs) ⇒ String

  Performs a GET request for the given URI and returns the response body.

• #http_get_cookies(path, **kwargs) ⇒ Array<Ronin::Support::Network::HTTPSetCookie>^?

  Sends an HTTP request and returns the parsed Set-Cookie header(s).

• #http_get_headers(path, **kwargs) ⇒ Hash{String => String}

  Performs a GET request for the given URI and returns the response headers.

• #http_head(path, **kwargs) {|response| ... } ⇒ Net::HTTPResponse

  Performs a HEAD request for the given URI.

• #http_headers ⇒ Hash{Symbol,String => String,Array} private

  Additional default headers to send with every HTTP request.

• #http_lock(path, **kwargs) {|response| ... } ⇒ Net::HTTPResponse

  Performs a LOCK request for the given URI.

• #http_mkcol(path, **kwargs) {|response| ... } ⇒ Net::HTTPResponse

  Performs a MKCOL request for the given URI.

• #http_move(path, **kwargs) {|response| ... } ⇒ Net::HTTPResponse

  Performs a MOVE request for the given URI.

• #http_ok?(method = :head, path, **kwargs) ⇒ Boolean

  Sends a HTTP request and determines if the response status was 200.

• #http_options(path, **kwargs) {|response| ... } ⇒ Net::HTTPResponse

  Performs a OPTIONS request for the given URI.

• #http_password ⇒ String^? private

  The HTTP Basic-Auth password to use for all HTTP requests.

• #http_patch(path, **kwargs) {|response| ... } ⇒ Net::HTTPResponse

  Performs a PATCH request for the given URI.

• #http_post(path, **kwargs) {|response| ... } ⇒ Net::HTTPResponse

  Performs a POST request for the given URI.

• #http_post_body(path, **kwargs) ⇒ String

  Performs a POST request for the given URI and returns the response body.

• #http_post_headers(path, **kwargs) ⇒ Hash{String => String}

  Performs a POST request on the given URI and returns the response headers.

• #http_powered_by_header(path, method: :head, **kwargs) ⇒ String^?

  Sends an HTTP request and returns the X-Powered-By header.

• #http_propfind(path, **kwargs) {|response| ... } ⇒ Net::HTTPResponse (also: #http_prop_find)

  Performs a PROPFIND request for the given URI.

• #http_proppatch(path, **kwargs) {|response| ... } ⇒ Net::HTTPResponse (also: #http_prop_patch)

  Performs a PROPPATCH request for the given URI.

• #http_proxy ⇒ String^? private

  The HTTP proxy to use for all HTTP requests.

• #http_put(path, **kwargs) {|response| ... } ⇒ Net::HTTPResponse

  Performs a PUT request for the given URI.

• #http_request(method, path, **kwargs) {|response| ... } ⇒ Net::HTTPResponse

  Performs and arbitrary HTTP request.

• #http_response_body(method = :get, path, **kwargs) ⇒ String

  Sends an arbitrary HTTP request and returns the response body.

• #http_response_headers(method = :head, path, **kwargs) ⇒ Hash{String => String}

  Sends an arbitrary HTTP request and returns the response headers.

• #http_response_status(method = :head, path, **kwargs) ⇒ Integer

  Sends an arbitrary HTTP request and returns the response status.

• #http_server_header(path, method: :head, **kwargs) ⇒ String^?

  Sends an HTTP request and returns the Server header.

• #http_trace(path, **kwargs) {|response| ... } ⇒ Net::HTTPResponse

  Performs a TRACE request for the given URI.

• #http_unlock(path, **kwargs) {|response| ... } ⇒ Net::HTTPResponse

  Performs a UNLOCK request for the given URI.

• #http_user ⇒ String^? private

  The HTTP Basic-Auth user to use for all HTTP requests.

• #http_user_agent ⇒ String, ... private

  The User-Agent to use for HTTP requests.

Class Method Details

.included(exploit) ⇒ Object

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Adds the required base_url params to the exploit class.

Parameters:

• exploit (Class<Ronin::Exploits::Exploit>) —

  The exploit class that included Ronin::Exploits::Mixins::HTTP.

Since:

• 1.0.0

# File 'lib/ronin/exploits/mixins/http.rb', line 60

def self.included(exploit)
  exploit.include Params::BaseURL

  exploit.param :http_proxy, desc: 'The HTTP proxy to use'

  exploit.param :http_user, desc: 'The HTTP Basic-Auth user'

  exploit.param :http_password, desc: 'The HTTP Basic-Auth password'

  exploit.param :user_agent, Core::Params::Types::Enum.new(HTTP_USER_AGENT_ALIASES), desc: 'The HTTP User-Agent to select'

  exploit.param :raw_user_agent, desc: 'The raw HTTP User-Agent string to use'

  exploit.param :http_cookie, desc: 'The raw HTTP Cookie to use'
end

Instance Method Details

#http ⇒ Ronin::Support::Network::HTTP

Note:

This method will lazily initialize the HTTP connection on the first time this method is called and memoize the HTTP object.

A persistent HTTP connection to the target host and port.

Returns:

• (Ronin::Support::Network::HTTP) —

  The HTTP connection.

Since:

• 1.0.0

# File 'lib/ronin/exploits/mixins/http.rb', line 183

def http
  @http ||= Support::Network::HTTP.connect_uri(
    params[:base_url], proxy:      http_proxy,
                       headers:    http_headers,
                       user_agent: http_user_agent,
                       cookie:     http_cookie,
                       user:       http_user,
                       password:   http_password
  )
end

#http_allowed_methods(path, **kwargs) {|response| ... } ⇒ Array<Symbol>

Performs a OPTIONS HTTP request for the given URI and parses the Allow response header.

Parameters:

• path (String) —

  The path to create the HTTP request for.

• kwargs (Hash) —

  a customizable set of options

Options Hash (**kwargs):

• :user (String, nil) — default: http_user —

  The Basic-Auth user to authenticate as.

• :password (String, nil) — default: http_password —

  The Basic-Auth password to authenticate with.

• :query (String, nil) —

  The query-string to append to the request path.

• :query_params (Hash, nil) —

  The query-params to append to the request path.

• :body (String, nil) —

  The body of the request.

• :form_data (Hash, String, nil) —

  The form data that may be sent in the body of the request.

• :user (String, nil) — default: http_user —

  The user to authenticate as.

• :password (String, nil) — default: http_password —

  The password to authenticate with.

• :headers (Hash{Symbol,String => String}, nil) —

  Additional HTTP headers to use for the request.

Yields:

• (response) —

  If a block is given it will be passed the received HTTP response.

Yield Parameters:

• response (Net::HTTPRresponse) —

  The received HTTP response object.

Returns:

• (Array<Symbol>) —

  The allowed HTTP request methods for the given URL.

Since:

• 1.0.0

# File 'lib/ronin/exploits/mixins/http.rb', line 640

def http_allowed_methods(path,**kwargs,&block)
  if debug?
    print_debug "Checking allowed HTTP methods for #{url_for(path)} ..."
  end

  http.allowed_methods(path,**kwargs)
end

#http_cookie ⇒ String^?

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

The Cookie to use for HTTP requests.

Returns:

• (String, nil)

Since:

• 1.0.0

# File 'lib/ronin/exploits/mixins/http.rb', line 139

def http_cookie
  params[:http_cookie]
end

#http_copy(path, **kwargs) {|response| ... } ⇒ Net::HTTPResponse

Performs a COPY request for the given URI.

Parameters:

• path (String) —

  The path to create the HTTP request for.

• kwargs (Hash) —

  a customizable set of options

Options Hash (**kwargs):

• :user (String, nil) — default: http_user —

  The Basic-Auth user to authenticate as.

• :password (String, nil) — default: http_password —

  The Basic-Auth password to authenticate with.

• :query (String, nil) —

  The query-string to append to the request path.

• :query_params (Hash, nil) —

  The query-params to append to the request path.

• :body (String, nil) —

  The body of the request.

• :form_data (Hash, String, nil) —

  The form data that may be sent in the body of the request.

• :user (String, nil) — default: http_user —

  The user to authenticate as.

• :password (String, nil) — default: http_password —

  The password to authenticate with.

• :headers (Hash{Symbol,String => String}, nil) —

  Additional HTTP headers to use for the request.

Yields:

• (response) —

  If a block is given it will be passed the received HTTP response.

Yield Parameters:

• response (Net::HTTPRresponse) —

  The received HTTP response object.

Returns:

• (Net::HTTPResponse) —

  The new HTTP Request object.

Since:

• 1.0.0

# File 'lib/ronin/exploits/mixins/http.rb', line 379

def http_copy(path,**kwargs)
  if debug?
    print_debug "Requesting COPY #{url_for(path)} ..."
  end

  http.copy(path,**kwargs)
end

#http_delete(path, **kwargs) {|response| ... } ⇒ Net::HTTPResponse

Performs a DELETE request for the given URI.

Parameters:

• path (String) —

  The path to create the HTTP request for.

• kwargs (Hash) —

  a customizable set of options

Options Hash (**kwargs):

• :user (String, nil) — default: http_user —

  The Basic-Auth user to authenticate as.

• :password (String, nil) — default: http_password —

  The Basic-Auth password to authenticate with.

• :query (String, nil) —

  The query-string to append to the request path.

• :query_params (Hash, nil) —

  The query-params to append to the request path.

• :body (String, nil) —

  The body of the request.

• :form_data (Hash, String, nil) —

  The form data that may be sent in the body of the request.

• :user (String, nil) — default: http_user —

  The user to authenticate as.

• :password (String, nil) — default: http_password —

  The password to authenticate with.

• :headers (Hash{Symbol,String => String}, nil) —

  Additional HTTP headers to use for the request.

Yields:

• (response) —

  If a block is given it will be passed the received HTTP response.

Yield Parameters:

• response (Net::HTTPRresponse) —

  The received HTTP response object.

Returns:

• (Net::HTTPResponse) —

  The new HTTP Request object.

Since:

• 1.0.0

# File 'lib/ronin/exploits/mixins/http.rb', line 404

def http_delete(path,**kwargs,&block)
  if debug?
    print_debug "Requesting DELETE #{url_for(path)} ..."
  end

  http.delete(path,**kwargs)
end

#http_get(path, **kwargs) {|response| ... } ⇒ Net::HTTPResponse

Performs a GET request for the given URI.

Parameters:

• path (String) —

  The path to create the HTTP request for.

• kwargs (Hash) —

  a customizable set of options

Options Hash (**kwargs):

• :user (String, nil) — default: http_user —

  The Basic-Auth user to authenticate as.

• :password (String, nil) — default: http_password —

  The Basic-Auth password to authenticate with.

• :query (String, nil) —

  The query-string to append to the request path.

• :query_params (Hash, nil) —

  The query-params to append to the request path.

• :body (String, nil) —

  The body of the request.

• :form_data (Hash, String, nil) —

  The form data that may be sent in the body of the request.

• :user (String, nil) — default: http_user —

  The user to authenticate as.

• :password (String, nil) — default: http_password —

  The password to authenticate with.

• :headers (Hash{Symbol,String => String}, nil) —

  Additional HTTP headers to use for the request.

Yields:

• (response) —

  If a block is given it will be passed the received HTTP response.

Yield Parameters:

• response (Net::HTTPRresponse) —

  The received HTTP response object.

Returns:

• (Net::HTTPResponse) —

  The new HTTP Request object.

Since:

• 1.0.0

# File 'lib/ronin/exploits/mixins/http.rb', line 429

def http_get(path,**kwargs,&block)
  if debug?
    print_debug "Requesting GET #{url_for(path)} ..."
  end

  http.get(path,**kwargs)
end

#http_get_body(path, **kwargs) ⇒ String

Performs a GET request for the given URI and returns the response body.

Parameters:

• path (String) —

  The path to create the HTTP request for.

• kwargs (Hash) —

  a customizable set of options

Options Hash (**kwargs):

• :user (String, nil) — default: http_user —

  The Basic-Auth user to authenticate as.

• :password (String, nil) — default: http_password —

  The Basic-Auth password to authenticate with.

• :query (String, nil) —

  The query-string to append to the request path.

• :query_params (Hash, nil) —

  The query-params to append to the request path.

• :body (String, nil) —

  The body of the request.

• :form_data (Hash, String, nil) —

  The form data that may be sent in the body of the request.

• :user (String, nil) — default: http_user —

  The user to authenticate as.

• :password (String, nil) — default: http_password —

  The password to authenticate with.

• :headers (Hash{Symbol,String => String}, nil) —

  Additional HTTP headers to use for the request.

Returns:

• (String) —

  The response body.

Since:

• 1.0.0

# File 'lib/ronin/exploits/mixins/http.rb', line 489

def http_get_body(path,**kwargs)
  if debug?
    print_debug "Requesting body for GET #{url_for(path)} ..."
  end

  http.get_body(path,**kwargs)
end

#http_get_cookies(path, **kwargs) ⇒ Array<Ronin::Support::Network::HTTPSetCookie>^?

Sends an HTTP request and returns the parsed Set-Cookie header(s).

Parameters:

• path (String) —

  The path to create the HTTP request for.

• kwargs (Hash) —

  a customizable set of options

Options Hash (**kwargs):

• :user (String, nil) — default: http_user —

  The Basic-Auth user to authenticate as.

• :password (String, nil) — default: http_password —

  The Basic-Auth password to authenticate with.

• :query (String, nil) —

  The query-string to append to the request path.

• :query_params (Hash, nil) —

  The query-params to append to the request path.

• :body (String, nil) —

  The body of the request.

• :form_data (Hash, String, nil) —

  The form data that may be sent in the body of the request.

• :user (String, nil) — default: http_user —

  The user to authenticate as.

• :password (String, nil) — default: http_password —

  The password to authenticate with.

• :headers (Hash{Symbol,String => String}, nil) —

  Additional HTTP headers to use for the request.

Returns:

• (Array<Ronin::Support::Network::HTTPSetCookie>, nil) —

  The parsed SetCookie header(s).

Since:

• 1.0.0

# File 'lib/ronin/exploits/mixins/http.rb', line 469

def http_get_cookies(path,**kwargs)
  if debug?
    print_debug "Getting cookies for #{url_for(path)} ..."
  end

  http.get_cookies(path,**kwargs)
end

#http_get_headers(path, **kwargs) ⇒ Hash{String => String}

Performs a GET request for the given URI and returns the response headers.

Parameters:

• path (String) —

  The path to create the HTTP request for.

• kwargs (Hash) —

  a customizable set of options

Options Hash (**kwargs):

• :user (String, nil) — default: http_user —

  The Basic-Auth user to authenticate as.

• :password (String, nil) — default: http_password —

  The Basic-Auth password to authenticate with.

• :query (String, nil) —

  The query-string to append to the request path.

• :query_params (Hash, nil) —

  The query-params to append to the request path.

• :body (String, nil) —

  The body of the request.

• :form_data (Hash, String, nil) —

  The form data that may be sent in the body of the request.

• :user (String, nil) — default: http_user —

  The user to authenticate as.

• :password (String, nil) — default: http_password —

  The password to authenticate with.

• :headers (Hash{Symbol,String => String}, nil) —

  Additional HTTP headers to use for the request.

Returns:

• (Hash{String => String}) —

  The response headers.

Since:

• 1.0.0

# File 'lib/ronin/exploits/mixins/http.rb', line 449

def http_get_headers(path,**kwargs)
  if debug?
    print_debug "Requesting headers for GET #{url_for(path)} ..."
  end

  http.get_headers(path,**kwargs)
end

#http_head(path, **kwargs) {|response| ... } ⇒ Net::HTTPResponse

Performs a HEAD request for the given URI.

Parameters:

• path (String) —

  The path to create the HTTP request for.

• kwargs (Hash) —

  a customizable set of options

Options Hash (**kwargs):

• :user (String, nil) — default: http_user —

  The Basic-Auth user to authenticate as.

• :password (String, nil) — default: http_password —

  The Basic-Auth password to authenticate with.

• :query (String, nil) —

  The query-string to append to the request path.

• :query_params (Hash, nil) —

  The query-params to append to the request path.

• :body (String, nil) —

  The body of the request.

• :form_data (Hash, String, nil) —

  The form data that may be sent in the body of the request.

• :user (String, nil) — default: http_user —

  The user to authenticate as.

• :password (String, nil) — default: http_password —

  The password to authenticate with.

• :headers (Hash{Symbol,String => String}, nil) —

  Additional HTTP headers to use for the request.

Yields:

• (response) —

  If a block is given it will be passed the received HTTP response.

Yield Parameters:

• response (Net::HTTPRresponse) —

  The received HTTP response object.

Returns:

• (Net::HTTPResponse) —

  The new HTTP Request object.

Since:

• 1.0.0

# File 'lib/ronin/exploits/mixins/http.rb', line 514

def http_head(path,**kwargs,&block)
  if debug?
    print_debug "Requesting HEAD #{url_for(path)} ..."
  end

  http.head(path,**kwargs,&block)
end

#http_headers ⇒ Hash{Symbol,String => String,Array}

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Additional default headers to send with every HTTP request.

Returns:

• (Hash{Symbol,String => String,Array})

Since:

• 1.0.0

# File 'lib/ronin/exploits/mixins/http.rb', line 116

def http_headers
  {}
end

#http_lock(path, **kwargs) {|response| ... } ⇒ Net::HTTPResponse

Performs a LOCK request for the given URI.

Parameters:

• path (String) —

  The path to create the HTTP request for.

• kwargs (Hash) —

  a customizable set of options

Options Hash (**kwargs):

• :user (String, nil) — default: http_user —

  The Basic-Auth user to authenticate as.

• :password (String, nil) — default: http_password —

  The Basic-Auth password to authenticate with.

• :query (String, nil) —

  The query-string to append to the request path.

• :query_params (Hash, nil) —

  The query-params to append to the request path.

• :body (String, nil) —

  The body of the request.

• :form_data (Hash, String, nil) —

  The form data that may be sent in the body of the request.

• :user (String, nil) — default: http_user —

  The user to authenticate as.

• :password (String, nil) — default: http_password —

  The password to authenticate with.

• :headers (Hash{Symbol,String => String}, nil) —

  Additional HTTP headers to use for the request.

Yields:

• (response) —

  If a block is given it will be passed the received HTTP response.

Yield Parameters:

• response (Net::HTTPRresponse) —

  The received HTTP response object.

Returns:

• (Net::HTTPResponse) —

  The new HTTP Request object.

Since:

• 1.0.0

# File 'lib/ronin/exploits/mixins/http.rb', line 539

def http_lock(path,**kwargs,&block)
  if debug?
    print_debug "Requesting LOCK #{url_for(path)} ..."
  end

  http.lock(path,**kwargs,&block)
end

#http_mkcol(path, **kwargs) {|response| ... } ⇒ Net::HTTPResponse

Performs a MKCOL request for the given URI.

Parameters:

• path (String) —

  The path to create the HTTP request for.

• kwargs (Hash) —

  a customizable set of options

Options Hash (**kwargs):

• :user (String, nil) — default: http_user —

  The Basic-Auth user to authenticate as.

• :password (String, nil) — default: http_password —

  The Basic-Auth password to authenticate with.

• :query (String, nil) —

  The query-string to append to the request path.

• :query_params (Hash, nil) —

  The query-params to append to the request path.

• :body (String, nil) —

  The body of the request.

• :form_data (Hash, String, nil) —

  The form data that may be sent in the body of the request.

• :user (String, nil) — default: http_user —

  The user to authenticate as.

• :password (String, nil) — default: http_password —

  The password to authenticate with.

• :headers (Hash{Symbol,String => String}, nil) —

  Additional HTTP headers to use for the request.

Yields:

• (response) —

  If a block is given it will be passed the received HTTP response.

Yield Parameters:

• response (Net::HTTPRresponse) —

  The received HTTP response object.

Returns:

• (Net::HTTPResponse) —

  The new HTTP Request object.

Since:

• 1.0.0

# File 'lib/ronin/exploits/mixins/http.rb', line 564

def http_mkcol(path,**kwargs,&block)
  if debug?
    print_debug "Requesting MKCOL #{url_for(path)} ..."
  end

  http.mkcol(path,**kwargs,&block)
end

#http_move(path, **kwargs) {|response| ... } ⇒ Net::HTTPResponse

Performs a MOVE request for the given URI.

Parameters:

• path (String) —

  The path to create the HTTP request for.

• kwargs (Hash) —

  a customizable set of options

Options Hash (**kwargs):

• :user (String, nil) — default: http_user —

  The Basic-Auth user to authenticate as.

• :password (String, nil) — default: http_password —

  The Basic-Auth password to authenticate with.

• :query (String, nil) —

  The query-string to append to the request path.

• :query_params (Hash, nil) —

  The query-params to append to the request path.

• :body (String, nil) —

  The body of the request.

• :form_data (Hash, String, nil) —

  The form data that may be sent in the body of the request.

• :user (String, nil) — default: http_user —

  The user to authenticate as.

• :password (String, nil) — default: http_password —

  The password to authenticate with.

• :headers (Hash{Symbol,String => String}, nil) —

  Additional HTTP headers to use for the request.

Yields:

• (response) —

  If a block is given it will be passed the received HTTP response.

Yield Parameters:

• response (Net::HTTPRresponse) —

  The received HTTP response object.

Returns:

• (Net::HTTPResponse) —

  The new HTTP Request object.

Since:

• 1.0.0

# File 'lib/ronin/exploits/mixins/http.rb', line 589

def http_move(path,**kwargs,&block)
  if debug?
    print_debug "Requesting MOVE #{url_for(path)} ..."
  end

  http.move(path,**kwargs,&block)
end

#http_ok?(method = :head, path, **kwargs) ⇒ Boolean

Sends a HTTP request and determines if the response status was 200.

Parameters:

• method (Symbol, String) (defaults to: :head) —

  The HTTP method to use for the request.

• path (String) —

  The path to create the HTTP request for.

• kwargs (Hash) —

  a customizable set of options

Options Hash (**kwargs):

• :user (String, nil) — default: http_user —

  The Basic-Auth user to authenticate as.

• :password (String, nil) — default: http_password —

  The Basic-Auth password to authenticate with.

• :query (String, nil) —

  The query-string to append to the request path.

• :query_params (Hash, nil) —

  The query-params to append to the request path.

• :body (String, nil) —

  The body of the request.

• :form_data (Hash, String, nil) —

  The form data that may be sent in the body of the request.

• :user (String, nil) — default: http_user —

  The user to authenticate as.

• :password (String, nil) — default: http_password —

  The password to authenticate with.

• :headers (Hash{Symbol,String => String}, nil) —

  Additional HTTP headers to use for the request.

Returns:

• (Boolean) —

  Indicates that the response status was 200.

Since:

• 1.0.0

# File 'lib/ronin/exploits/mixins/http.rb', line 262

def http_ok?(method=:head,path,**kwargs)
  if debug?
    print_debug "Checking if response status for #{method.upcase} #{url_for(path)} is 200 ..."
  end

  http.ok?(method,path,**kwargs)
end

#http_options(path, **kwargs) {|response| ... } ⇒ Net::HTTPResponse

Performs a OPTIONS request for the given URI.

Parameters:

• path (String) —

  The path to create the HTTP request for.

• kwargs (Hash) —

  a customizable set of options

Options Hash (**kwargs):

• :user (String, nil) — default: http_user —

  The Basic-Auth user to authenticate as.

• :password (String, nil) — default: http_password —

  The Basic-Auth password to authenticate with.

• :query (String, nil) —

  The query-string to append to the request path.

• :query_params (Hash, nil) —

  The query-params to append to the request path.

• :body (String, nil) —

  The body of the request.

• :form_data (Hash, String, nil) —

  The form data that may be sent in the body of the request.

• :user (String, nil) — default: http_user —

  The user to authenticate as.

• :password (String, nil) — default: http_password —

  The password to authenticate with.

• :headers (Hash{Symbol,String => String}, nil) —

  Additional HTTP headers to use for the request.

Yields:

• (response) —

  If a block is given it will be passed the received HTTP response.

Yield Parameters:

• response (Net::HTTPRresponse) —

  The received HTTP response object.

Returns:

• (Net::HTTPResponse) —

  The new HTTP Request object.

Since:

• 1.0.0

# File 'lib/ronin/exploits/mixins/http.rb', line 614

def http_options(path,**kwargs,&block)
  if debug?
    print_debug "Requesting OPTIONS #{url_for(path)} ..."
  end

  http.options(path,**kwargs,&block)
end

#http_password ⇒ String^?

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

The HTTP Basic-Auth password to use for all HTTP requests.

Returns:

• (String, nil)

Since:

• 1.0.0

# File 'lib/ronin/exploits/mixins/http.rb', line 105

def http_password
  params[:http_password]
end

#http_patch(path, **kwargs) {|response| ... } ⇒ Net::HTTPResponse

Performs a PATCH request for the given URI.

Parameters:

• path (String) —

  The path to create the HTTP request for.

• kwargs (Hash) —

  a customizable set of options

Options Hash (**kwargs):

• :user (String, nil) — default: http_user —

  The Basic-Auth user to authenticate as.

• :password (String, nil) — default: http_password —

  The Basic-Auth password to authenticate with.

• :query (String, nil) —

  The query-string to append to the request path.

• :query_params (Hash, nil) —

  The query-params to append to the request path.

• :body (String, nil) —

  The body of the request.

• :form_data (Hash, String, nil) —

  The form data that may be sent in the body of the request.

• :user (String, nil) — default: http_user —

  The user to authenticate as.

• :password (String, nil) — default: http_password —

  The password to authenticate with.

• :headers (Hash{Symbol,String => String}, nil) —

  Additional HTTP headers to use for the request.

Yields:

• (response) —

  If a block is given it will be passed the received HTTP response.

Yield Parameters:

• response (Net::HTTPRresponse) —

  The received HTTP response object.

Returns:

• (Net::HTTPResponse) —

  The new HTTP Request object.

See Also:

• Network::HTTP.patch

Since:

• 1.0.0

# File 'lib/ronin/exploits/mixins/http.rb', line 667

def http_patch(path,**kwargs,&block)
  if debug?
    print_debug "Requesting PATCH #{url_for(path)} ..."
  end

  http.patch(path,**kwargs,&block)
end

#http_post(path, **kwargs) {|response| ... } ⇒ Net::HTTPResponse

Performs a POST request for the given URI.

Parameters:

• path (String) —

  The path to create the HTTP request for.

• kwargs (Hash) —

  a customizable set of options

Options Hash (**kwargs):

• :user (String, nil) — default: http_user —

  The Basic-Auth user to authenticate as.

• :password (String, nil) — default: http_password —

  The Basic-Auth password to authenticate with.

• :query (String, nil) —

  The query-string to append to the request path.

• :query_params (Hash, nil) —

  The query-params to append to the request path.

• :body (String, nil) —

  The body of the request.

• :form_data (Hash, String, nil) —

  The form data that may be sent in the body of the request.

• :user (String, nil) — default: http_user —

  The user to authenticate as.

• :password (String, nil) — default: http_password —

  The password to authenticate with.

• :headers (Hash{Symbol,String => String}, nil) —

  Additional HTTP headers to use for the request.

Yields:

• (response) —

  If a block is given it will be passed the received HTTP response.

Yield Parameters:

• response (Net::HTTPRresponse) —

  The received HTTP response object.

Returns:

• (Net::HTTPResponse) —

  The new HTTP Request object.

Since:

• 1.0.0

# File 'lib/ronin/exploits/mixins/http.rb', line 692

def http_post(path,**kwargs,&block)
  if debug?
    print_debug "Requesting POST #{url_for(path)} ..."
  end

  http.post(path,**kwargs,&block)
end

#http_post_body(path, **kwargs) ⇒ String

Performs a POST request for the given URI and returns the response body.

Parameters:

• path (String) —

  The path to create the HTTP request for.

• kwargs (Hash) —

  a customizable set of options

Options Hash (**kwargs):

• :user (String, nil) — default: http_user —

  The Basic-Auth user to authenticate as.

• :password (String, nil) — default: http_password —

  The Basic-Auth password to authenticate with.

• :query (String, nil) —

  The query-string to append to the request path.

• :query_params (Hash, nil) —

  The query-params to append to the request path.

• :body (String, nil) —

  The body of the request.

• :form_data (Hash, String, nil) —

  The form data that may be sent in the body of the request.

• :user (String, nil) — default: http_user —

  The user to authenticate as.

• :password (String, nil) — default: http_password —

  The password to authenticate with.

• :headers (Hash{Symbol,String => String}, nil) —

  Additional HTTP headers to use for the request.

Returns:

• (String) —

  The response body.

Since:

• 1.0.0

# File 'lib/ronin/exploits/mixins/http.rb', line 732

def http_post_body(path,**kwargs)
  if debug?
    print_debug "Requesting response body for POST #{url_for(path)} ..."
  end

  http.post_body(path,**kwargs)
end

#http_post_headers(path, **kwargs) ⇒ Hash{String => String}

Performs a POST request on the given URI and returns the response headers.

Parameters:

• path (String) —

  The path to create the HTTP request for.

• kwargs (Hash) —

  a customizable set of options

Options Hash (**kwargs):

• :user (String, nil) — default: http_user —

  The Basic-Auth user to authenticate as.

• :password (String, nil) — default: http_password —

  The Basic-Auth password to authenticate with.

• :query (String, nil) —

  The query-string to append to the request path.

• :query_params (Hash, nil) —

  The query-params to append to the request path.

• :body (String, nil) —

  The body of the request.

• :form_data (Hash, String, nil) —

  The form data that may be sent in the body of the request.

• :user (String, nil) — default: http_user —

  The user to authenticate as.

• :password (String, nil) — default: http_password —

  The password to authenticate with.

• :headers (Hash{Symbol,String => String}, nil) —

  Additional HTTP headers to use for the request.

Returns:

• (Hash{String => String}) —

  The response headers.

Since:

• 1.0.0

# File 'lib/ronin/exploits/mixins/http.rb', line 712

def http_post_headers(path,**kwargs)
  if debug?
    print_debug "Requesting response headers for POST #{url_for(path)} ..."
  end

  http.post_headers(path,**kwargs)
end

#http_powered_by_header(path, method: :head, **kwargs) ⇒ String^?

Sends an HTTP request and returns the X-Powered-By header.

The HTTP method to use for the request.

Parameters:

• path (String) —

  The path to create the HTTP request for.

• method (:copy, :delete, :get, :head, :lock, :mkcol, :move, :options, :patch, :post, :propfind, :proppatch, :put, :trace, :unlock) (defaults to: :head)
• kwargs (Hash) —

  a customizable set of options

Options Hash (**kwargs):

• :user (String, nil) — default: http_user —

  The Basic-Auth user to authenticate as.

• :password (String, nil) — default: http_password —

  The Basic-Auth password to authenticate with.

• :query (String, nil) —

  The query-string to append to the request path.

• :query_params (Hash, nil) —

  The query-params to append to the request path.

• :body (String, nil) —

  The body of the request.

• :form_data (Hash, String, nil) —

  The form data that may be sent in the body of the request.

• :user (String, nil) — default: http_user —

  The user to authenticate as.

• :password (String, nil) — default: http_password —

  The password to authenticate with.

• :headers (Hash{Symbol,String => String}, nil) —

  Additional HTTP headers to use for the request.

Returns:

• (String, nil) —

  The X-Powered-By header.

Since:

• 1.0.0

# File 'lib/ronin/exploits/mixins/http.rb', line 332

def http_powered_by_header(path, method: :head, **kwargs)
  if debug?
    print_debug "Requesting the 'X-Powered-By' header for #{method.upcase} #{url_for(path)} ..."
  end

  http.powered_by_header(path, method: method, **kwargs)
end

#http_propfind(path, **kwargs) {|response| ... } ⇒ Net::HTTPResponse Also known as: http_prop_find

Performs a PROPFIND request for the given URI.

Parameters:

• path (String) —

  The path to create the HTTP request for.

• kwargs (Hash) —

  a customizable set of options

Options Hash (**kwargs):

• :user (String, nil) — default: http_user —

  The Basic-Auth user to authenticate as.

• :password (String, nil) — default: http_password —

  The Basic-Auth password to authenticate with.

• :query (String, nil) —

  The query-string to append to the request path.

• :query_params (Hash, nil) —

  The query-params to append to the request path.

• :body (String, nil) —

  The body of the request.

• :form_data (Hash, String, nil) —

  The form data that may be sent in the body of the request.

• :user (String, nil) — default: http_user —

  The user to authenticate as.

• :password (String, nil) — default: http_password —

  The password to authenticate with.

• :headers (Hash{Symbol,String => String}, nil) —

  Additional HTTP headers to use for the request.

Yields:

• (response) —

  If a block is given it will be passed the received HTTP response.

Yield Parameters:

• response (Net::HTTPRresponse) —

  The received HTTP response object.

Returns:

• (Net::HTTPResponse) —

  The new HTTP Request object.

Since:

• 1.0.0

# File 'lib/ronin/exploits/mixins/http.rb', line 757

def http_propfind(path,**kwargs,&block)
  if debug?
    print_debug "Requesting PROPFIND #{url_for(path)} ..."
  end

  http.propfind(path,**kwargs,&block)
end

#http_proppatch(path, **kwargs) {|response| ... } ⇒ Net::HTTPResponse Also known as: http_prop_patch

Performs a PROPPATCH request for the given URI.

Parameters:

• path (String) —

  The path to create the HTTP request for.

• kwargs (Hash) —

  a customizable set of options

Options Hash (**kwargs):

• :user (String, nil) — default: http_user —

  The Basic-Auth user to authenticate as.

• :password (String, nil) — default: http_password —

  The Basic-Auth password to authenticate with.

• :query (String, nil) —

  The query-string to append to the request path.

• :query_params (Hash, nil) —

  The query-params to append to the request path.

• :body (String, nil) —

  The body of the request.

• :form_data (Hash, String, nil) —

  The form data that may be sent in the body of the request.

• :user (String, nil) — default: http_user —

  The user to authenticate as.

• :password (String, nil) — default: http_password —

  The password to authenticate with.

• :headers (Hash{Symbol,String => String}, nil) —

  Additional HTTP headers to use for the request.

Yields:

• (response) —

  If a block is given it will be passed the received HTTP response.

Yield Parameters:

• response (Net::HTTPRresponse) —

  The received HTTP response object.

Returns:

• (Net::HTTPResponse) —

  The new HTTP Request object.

Since:

• 1.0.0

# File 'lib/ronin/exploits/mixins/http.rb', line 784

def http_proppatch(path,**kwargs,&block)
  if debug?
    print_debug "Requesting PROPPATCH #{url_for(path)} ..."
  end

  http.proppatch(path,**kwargs,&block)
end

#http_proxy ⇒ String^?

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

The HTTP proxy to use for all HTTP requests.

Returns:

• (String, nil)

Since:

• 1.0.0

# File 'lib/ronin/exploits/mixins/http.rb', line 83

def http_proxy
  params[:http_proxy]
end

#http_put(path, **kwargs) {|response| ... } ⇒ Net::HTTPResponse

Performs a PUT request for the given URI.

Parameters:

• path (String) —

  The path to create the HTTP request for.

• kwargs (Hash) —

  a customizable set of options

Options Hash (**kwargs):

• :user (String, nil) — default: http_user —

  The Basic-Auth user to authenticate as.

• :password (String, nil) — default: http_password —

  The Basic-Auth password to authenticate with.

• :query (String, nil) —

  The query-string to append to the request path.

• :query_params (Hash, nil) —

  The query-params to append to the request path.

• :body (String, nil) —

  The body of the request.

• :form_data (Hash, String, nil) —

  The form data that may be sent in the body of the request.

• :user (String, nil) — default: http_user —

  The user to authenticate as.

• :password (String, nil) — default: http_password —

  The password to authenticate with.

• :headers (Hash{Symbol,String => String}, nil) —

  Additional HTTP headers to use for the request.

Yields:

• (response) —

  If a block is given it will be passed the received HTTP response.

Yield Parameters:

• response (Net::HTTPRresponse) —

  The received HTTP response object.

Returns:

• (Net::HTTPResponse) —

  The new HTTP Request object.

Since:

• 1.0.0

# File 'lib/ronin/exploits/mixins/http.rb', line 811

def http_put(path,**kwargs,&block)
  if debug?
    print_debug "Requesting PUT #{url_for(path)} ..."
  end

  http.put(path,**kwargs,&block)
end

#http_request(method, path, **kwargs) {|response| ... } ⇒ Net::HTTPResponse

Performs and arbitrary HTTP request.

Parameters:

• method (Symbol, String) —

  The HTTP method to use for the request.

• path (String) —

  The path to create the HTTP request for.

• kwargs (Hash) —

  a customizable set of options

Options Hash (**kwargs):

• :user (String, nil) — default: http_user —

  The Basic-Auth user to authenticate as.

• :password (String, nil) — default: http_password —

  The Basic-Auth password to authenticate with.

• :query (String, nil) —

  The query-string to append to the request path.

• :query_params (Hash, nil) —

  The query-params to append to the request path.

• :body (String, nil) —

  The body of the request.

• :form_data (Hash, String, nil) —

  The form data that may be sent in the body of the request.

• :user (String, nil) — default: http_user —

  The user to authenticate as.

• :password (String, nil) — default: http_password —

  The password to authenticate with.

• :headers (Hash{Symbol,String => String}, nil) —

  Additional HTTP headers to use for the request.

Yields:

• (response) —

  If a block is given it will be passed the received HTTP response.

Yield Parameters:

• response (Net::HTTPRresponse) —

  The received HTTP response object.

Returns:

• (Net::HTTPResponse) —

  The new HTTP Request object.

Raises:

• (ArgumentError) —

  The :method option did not match a known Net::HTTP request class.

Since:

• 1.0.0

# File 'lib/ronin/exploits/mixins/http.rb', line 218

def http_request(method,path,**kwargs,&block)
  if debug?
    print_debug "Sending #{method.upcase} request to #{url_for(path)} ..."
  end

  http.request(method,path,**kwargs,&block)
end

#http_response_body(method = :get, path, **kwargs) ⇒ String

Sends an arbitrary HTTP request and returns the response body.

Parameters:

• method (Symbol, String) (defaults to: :get) —

  The HTTP method to use for the request.

• path (String) —

  The path to create the HTTP request for.

• kwargs (Hash) —

  a customizable set of options

Options Hash (**kwargs):

• :user (String, nil) — default: http_user —

  The Basic-Auth user to authenticate as.

• :password (String, nil) — default: http_password —

  The Basic-Auth password to authenticate with.

• :query (String, nil) —

  The query-string to append to the request path.

• :query_params (Hash, nil) —

  The query-params to append to the request path.

• :body (String, nil) —

  The body of the request.

• :form_data (Hash, String, nil) —

  The form data that may be sent in the body of the request.

• :user (String, nil) — default: http_user —

  The user to authenticate as.

• :password (String, nil) — default: http_password —

  The password to authenticate with.

• :headers (Hash{Symbol,String => String}, nil) —

  Additional HTTP headers to use for the request.

Returns:

• (String) —

  The response body.

Since:

• 1.0.0

# File 'lib/ronin/exploits/mixins/http.rb', line 354

def http_response_body(method=:get, path,**kwargs)
  if debug?
    print_debug "Requesting response body for #{method.upcase} #{url_for(path)} ..."
  end

  http.response_body(method, path,**kwargs)
end

#http_response_headers(method = :head, path, **kwargs) ⇒ Hash{String => String}

Sends an arbitrary HTTP request and returns the response headers.

Parameters:

• method (Symbol, String) (defaults to: :head) —

  The HTTP method to use for the request.

• path (String) —

  The path to create the HTTP request for.

• kwargs (Hash) —

  a customizable set of options

Options Hash (**kwargs):

• :user (String, nil) — default: http_user —

  The Basic-Auth user to authenticate as.

• :password (String, nil) — default: http_password —

  The Basic-Auth password to authenticate with.

• :query (String, nil) —

  The query-string to append to the request path.

• :query_params (Hash, nil) —

  The query-params to append to the request path.

• :body (String, nil) —

  The body of the request.

• :form_data (Hash, String, nil) —

  The form data that may be sent in the body of the request.

• :user (String, nil) — default: http_user —

  The user to authenticate as.

• :password (String, nil) — default: http_password —

  The password to authenticate with.

• :headers (Hash{Symbol,String => String}, nil) —

  Additional HTTP headers to use for the request.

Returns:

• (Hash{String => String}) —

  The response headers.

Since:

• 1.0.0

# File 'lib/ronin/exploits/mixins/http.rb', line 284

def http_response_headers(method=:head,path,**kwargs)
  if debug?
    print_debug "Requesting response headers for #{method.upcase} #{url_for(path)} ..."
  end

  http.response_headers(method,path,**kwargs)
end

#http_response_status(method = :head, path, **kwargs) ⇒ Integer

Sends an arbitrary HTTP request and returns the response status.

Parameters:

• method (Symbol, String) (defaults to: :head) —

  The HTTP method to use for the request.

• path (String) —

  The path to create the HTTP request for.

• kwargs (Hash) —

  a customizable set of options

Options Hash (**kwargs):

• :user (String, nil) — default: http_user —

  The Basic-Auth user to authenticate as.

• :password (String, nil) — default: http_password —

  The Basic-Auth password to authenticate with.

• :query (String, nil) —

  The query-string to append to the request path.

• :query_params (Hash, nil) —

  The query-params to append to the request path.

• :body (String, nil) —

  The body of the request.

• :form_data (Hash, String, nil) —

  The form data that may be sent in the body of the request.

• :user (String, nil) — default: http_user —

  The user to authenticate as.

• :password (String, nil) — default: http_password —

  The password to authenticate with.

• :headers (Hash{Symbol,String => String}, nil) —

  Additional HTTP headers to use for the request.

Returns:

• (Integer) —

  The status code of the response.

Since:

• 1.0.0

# File 'lib/ronin/exploits/mixins/http.rb', line 240

def http_response_status(method=:head,path,**kwargs)
  if debug?
    print_debug "Checking response status for #{method.upcase} #{url_for(path)} ..."
  end

  http.response_status(method,path,**kwargs)
end

#http_server_header(path, method: :head, **kwargs) ⇒ String^?

Sends an HTTP request and returns the Server header.

The HTTP method to use for the request.

Parameters:

• path (String) —

  The path to create the HTTP request for.

• method (:copy, :delete, :get, :head, :lock, :mkcol, :move, :options, :patch, :post, :propfind, :proppatch, :put, :trace, :unlock) (defaults to: :head)
• kwargs (Hash) —

  a customizable set of options

Options Hash (**kwargs):

• :user (String, nil) — default: http_user —

  The Basic-Auth user to authenticate as.

• :password (String, nil) — default: http_password —

  The Basic-Auth password to authenticate with.

• :query (String, nil) —

  The query-string to append to the request path.

• :query_params (Hash, nil) —

  The query-params to append to the request path.

• :body (String, nil) —

  The body of the request.

• :form_data (Hash, String, nil) —

  The form data that may be sent in the body of the request.

• :user (String, nil) — default: http_user —

  The user to authenticate as.

• :password (String, nil) — default: http_password —

  The password to authenticate with.

• :headers (Hash{Symbol,String => String}, nil) —

  Additional HTTP headers to use for the request.

Returns:

• (String, nil) —

  The Server header.

Since:

• 1.0.0

# File 'lib/ronin/exploits/mixins/http.rb', line 308

def http_server_header(path, method: :head, **kwargs)
  if debug?
    print_debug "Requesting the 'Server' header for #{method.upcase} #{url_for(path)} ..."
  end

  http.server_header(path, method: method, **kwargs)
end

#http_trace(path, **kwargs) {|response| ... } ⇒ Net::HTTPResponse

Performs a TRACE request for the given URI.

Parameters:

• path (String) —

  The path to create the HTTP request for.

• kwargs (Hash) —

  a customizable set of options

Options Hash (**kwargs):

• :user (String, nil) — default: http_user —

  The Basic-Auth user to authenticate as.

• :password (String, nil) — default: http_password —

  The Basic-Auth password to authenticate with.

• :query (String, nil) —

  The query-string to append to the request path.

• :query_params (Hash, nil) —

  The query-params to append to the request path.

• :body (String, nil) —

  The body of the request.

• :form_data (Hash, String, nil) —

  The form data that may be sent in the body of the request.

• :user (String, nil) — default: http_user —

  The user to authenticate as.

• :password (String, nil) — default: http_password —

  The password to authenticate with.

• :headers (Hash{Symbol,String => String}, nil) —

  Additional HTTP headers to use for the request.

Yields:

• (response) —

  If a block is given it will be passed the received HTTP response.

Yield Parameters:

• response (Net::HTTPRresponse) —

  The received HTTP response object.

Returns:

• (Net::HTTPResponse) —

  The new HTTP Request object.

Since:

• 1.0.0

# File 'lib/ronin/exploits/mixins/http.rb', line 836

def http_trace(path,**kwargs,&block)
  if debug?
    print_debug "Requesting TRACE #{url_for(path)} ..."
  end

  http.trace(path,**kwargs,&block)
end

#http_unlock(path, **kwargs) {|response| ... } ⇒ Net::HTTPResponse

Performs a UNLOCK request for the given URI.

Parameters:

• path (String) —

  The path to create the HTTP request for.

• kwargs (Hash) —

  a customizable set of options

Options Hash (**kwargs):

• :user (String, nil) — default: http_user —

  The Basic-Auth user to authenticate as.

• :password (String, nil) — default: http_password —

  The Basic-Auth password to authenticate with.

• :query (String, nil) —

  The query-string to append to the request path.

• :query_params (Hash, nil) —

  The query-params to append to the request path.

• :body (String, nil) —

  The body of the request.

• :form_data (Hash, String, nil) —

  The form data that may be sent in the body of the request.

• :user (String, nil) — default: http_user —

  The user to authenticate as.

• :password (String, nil) — default: http_password —

  The password to authenticate with.

• :headers (Hash{Symbol,String => String}, nil) —

  Additional HTTP headers to use for the request.

Yields:

• (response) —

  If a block is given it will be passed the received HTTP response.

Yield Parameters:

• response (Net::HTTPRresponse) —

  The received HTTP response object.

Returns:

• (Net::HTTPResponse) —

  The new HTTP Request object.

Since:

• 1.0.0

# File 'lib/ronin/exploits/mixins/http.rb', line 861

def http_unlock(path,**kwargs,&block)
  if debug?
    print_debug "Requesting UNLOCK #{url_for(path)} ..."
  end

  http.unlock(path,**kwargs,&block)
end

#http_user ⇒ String^?

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

The HTTP Basic-Auth user to use for all HTTP requests.

Returns:

• (String, nil)

Since:

• 1.0.0

# File 'lib/ronin/exploits/mixins/http.rb', line 94

def http_user
  params[:http_user]
end

#http_user_agent ⇒ String, ...

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

The User-Agent to use for HTTP requests.

Returns:

• (String, Symbol, :random, nil) —

  The User-Agent string or an alias name (ex: :chrome_linux).

Since:

• 1.0.0

# File 'lib/ronin/exploits/mixins/http.rb', line 128

def http_user_agent
  params[:raw_user_agent] || params[:user_agent]
end