Metasploit mailing list archives
Adding Basic-Auth to HTTP Client
From: grutz at jingojango.net (Kurt Grutzmacher)
Date: Sun, 22 Apr 2007 20:30:07 -0500
I opened a Trac ticket but I made a small patch to add Basic Auth to the HTTP client.rb. --- client.rb.orig 2007-04-22 08:36:07.000000000 -0700 +++ client.rb 2007-04-22 08:35:41.000000000 -0700 @@ -111,6 +111,7 @@ c_head = opts['headers'] || config['headers'] || {} c_rawh = opts['raw_headers']|| config['raw_headers'] || '' c_conn = opts['connection'] + c_auth = opts['basic_auth'] uri = set_uri(c_uri) req = '' @@ -129,6 +130,11 @@ req += set_version(c_prot, c_vers) req += set_host_header(c_host) req += set_agent_header(c_ag) + + if (c_auth.length > 0) + req += set_basic_auth_header(c_auth) + end + req += set_cookie_header(c_cook) req += set_connection_header(c_conn) req += set_extra_headers(c_head) @@ -160,6 +166,7 @@ c_host = opts['vhost'] || config['vhost'] c_conn = opts['connection'] c_path = opts['path_info'] + c_auth = opts['basic_auth'] uri = set_cgi(c_cgi) qstr = c_qs pstr = c_body @@ -213,6 +220,11 @@ req += set_version(c_prot, c_vers) req += set_host_header(c_host) req += set_agent_header(c_ag) + + if (c_auth.length > 0) + req += set_basic_auth_header(c_auth) + end + req += set_cookie_header(c_cook) req += set_connection_header(c_conn) req += set_extra_headers(c_head) @@ -647,6 +659,13 @@ end # + # Return the Authorization basic-auth header + # + def set_basic_auth_header(auth) + auth ? set_formatted_header("Authorization", "Basic " + Rex::Text.encode_base64(auth)) : "" + end + + # # Return a string of formatted extra headers # def set_extra_headers(headers) -- ..:[ grutz at jingojango dot net ]:.. GPG fingerprint: 5FD6 A27D 63DB 3319 140F B3FB EC95 2A03 8CB3 ECB4 "There's just no amusing way to say, 'I have a CISSP'." -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 191 bytes Desc: not available URL: <http://mail.metasploit.com/pipermail/framework/attachments/20070422/f7a7f57d/attachment.pgp>
Current thread:
- Adding Basic-Auth to HTTP Client Kurt Grutzmacher (Apr 22)