Navigation

← Previous Changeset
Next Changeset →

Changeset 5493

Timestamp:

04/22/08 23:17:30 (3 weeks ago)

Author:

hdm

Message:

New, cleaner form snippets

Files:

Legend:

: Unmodified
: Added
: Removed
: Modified
: Copied
: Moved

framework3/trunk/data/exploits/capture/http/forms/grabforms.rb

r5492	r5493
33	33	fd = File.open(out, "a")
34	34
35		~~begin~~
36		~~Timeout.timeout(10) do~~
37		~~doc = Hpricot(open("http://#{site}/"))~~
38		~~doc.search("//form").each do \|form\|~~
39	35
40		# Extract the form
41		res = "<form"
42		form.attributes.each do \|attr\|
43		res << " #{attr[0]}='#{attr[1].gsub("'", "")}'"
	36	["", "www."].each do \|prefix\|
	37	begin
	38	Timeout.timeout(10) do
	39	doc = Hpricot(open("http://#{prefix}#{site}/"))
	40	doc.search("//form").each do \|form\|
	41
	42	# Extract the form
	43	res = "<form"
	44	form.attributes.each do \|attr\|
	45	res << " #{attr[0]}='#{attr[1].gsub("'", "")}'"
	46	end
	47	res << "> "
	48
	49	# Strip out the value
	50	form.search("//input") do \|inp\|
	51
	52	inp.attributes.keys.each do \|ikey\|
	53	if (ikey.downcase == "value")
	54	inp[ikey] = ""
	55	next
	56	end
	57
	58	if(inp.attributes[ikey] =~ /^http/i)
	59	inp[ikey] = ""
	60	next
	61	end
	62
	63	end
	64
	65	res << inp.to_html
	66	end
	67	res << "</form>"
	68
	69	fd.write(res)
44	70	end
45		~~res << "> "~~
46
47		~~# Strip out the value~~
48		~~form.search("//input") do \|inp\|~~
49
50		~~inp.attributes.keys.each do \|ikey\|~~
51		~~if (ikey.downcase == "value")~~
52		~~inp.attributes[ikey] = ""~~
53		~~end~~
54
55		~~if(inp.attributes[ikey] =~ /^http/i)~~
56		~~inp.attributes[ikey] = ""~~
57		~~end~~
58		~~end~~
59
60