Rex http protocol

[skoda306 at yahoo.com (daniel)]

First of all to all metasploit developers, GOOD JOB :)

Ok I am new to metasploit developing, and have 1 day experience with ruby so bare with me.
I want to start helping in the metasploit developing, I am starting to write a http fuzzer plugin for 
it but Ive been having problems with the rex http protocol.
I overwrote sample.rb and added a trigger command that does as fallow:
        
        cli = Client.new("www.google.com")
        req = Request.new()
        cli.send_request(req)
        response = cli.read_response
        puts response

When runned this piece of code with latest metasploit I got a compile error, since send_request(req) end up calling:
> From client.rb
def send_request(req) 
                # Connect to the server
                connect

                # build the request
                req_string = req.to_s

                # Send it on over
                ret = conn.put(req)

                # Tell the remote side if we aren't pipelining
                conn.shutdown(::Socket::SHUT_WR) if (!pipelining?)
                
                ret
        end
The problem is in conn.put(req) which requires that the length of req can be accesed. I dont know if its a bug, but did 
you meant:
ret = conn.put(req_string)

After I edited this on client.rb the this change my code seems to work just fine. 
Also I am having some trouble loading/unloading modules. Whenever I load a module, test it, then edit it
unload and load back again, the old code is loaded, and I have to restart the msfconsole back again to
load my new code, is this normal behavior ?

Thanks for the answers
daniel


This is my test plugin:
 module Msf

  ###
  # 
  # This class illustrates a sample plugin.  Plugins can change the behavior of
  # the framework by adding new features, new user interface commands, or
  # through any other arbitrary means.  They are designed to have a very loose
  # definition in order to make them as useful as possible.
  #
  ###
  class Plugin::Http_fuzz < Msf::Plugin

    ###
    #
    # This class implements a sample console command dispatcher.
    #
    ###
    class HttpFuzzer
      include Rex::Proto::Http
      include Msf::Ui::Console::CommandDispatcher

      #
      # The dispatcher's name.
      #
      def name
        "Http_fuzz"
      end

      #
      # Returns the hash of commands supported by this dispatcher.
      #
      def commands
        {
          "trigger" => "Command to start the fuzzer"
         # "target" => "Command to set the target to fuzz"
         # "port"   => "Command to set the port to fuzz"
        }
      end

      #
      # This method handles the sample command.
      #
      def cmd_trigger(*args)
        #Start the fuzzer here
        cli = Client.new("www.google.com")
        req = Request.new()
        cli.send_request(re)
        response = cli.read_response
        puts response
        
        
      end

    end

    #
    # The constructor is called when an instance of the plugin is created.  The
    # framework instance that the plugin is being associated with is passed in
    # the framework parameter.  Plugins should call the parent constructor when
    # inheriting from Msf::Plugin to ensure that the framework attribute on
    # their instance gets set.
    #
    def initialize(framework, opts)
      super

      # If this plugin is being loaded in the context of a console application
      # that uses the framework's console user interface driver, register
      # console dispatcher commands.
      add_console_dispatcher(HttpFuzzer)

      print_status("Sample plugin loaded.")
    end

    #
    # The cleanup routine for plugins gives them a chance to undo any actions
    # they may have done to the framework.  For instance, if a console
    # dispatcher was added, then it should be removed in the cleanup routine.
    #
    def cleanup
      # If we had previously registered a console dispatcher with the console,
      # deregister it now.
      remove_console_dispatcher('Http_fuzz') 
    end

    #
    # This method returns a short, friendly name for the plugin.
    #
    def name
      "http fuzzer"
    end

    #
    # This method returns a brief description of the plugin.  It should be no
    # more than 60 characters, but there are no hard limits.
    #
    def desc
      "Http fuzzer testing"
    end

    protected
  end

end
        




__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.metasploit.com/pipermail/framework/attachments/20070421/e669fc98/attachment.htm>