Metasploit mailing list archives

Previous By Date Next
Previous By Thread Next

Adding Basic-Auth to HTTP Client

From: grutz at jingojango.net (Kurt Grutzmacher)
Date: Sun, 22 Apr 2007 20:30:07 -0500
I opened a Trac ticket but I made a small patch to add Basic Auth to the
HTTP client.rb.

--- client.rb.orig      2007-04-22 08:36:07.000000000 -0700
+++ client.rb   2007-04-22 08:35:41.000000000 -0700
@@ -111,6 +111,7 @@
                c_head = opts['headers']    || config['headers'] || {}
                c_rawh = opts['raw_headers']|| config['raw_headers'] || ''
                c_conn = opts['connection']
+               c_auth = opts['basic_auth']
                uri    = set_uri(c_uri)

                req = ''
@@ -129,6 +130,11 @@
                req += set_version(c_prot, c_vers)
                req += set_host_header(c_host)
                req += set_agent_header(c_ag)
+
+               if (c_auth.length > 0)
+                       req += set_basic_auth_header(c_auth)
+               end
+
                req += set_cookie_header(c_cook)
                req += set_connection_header(c_conn)
                req += set_extra_headers(c_head)
@@ -160,6 +166,7 @@
                c_host = opts['vhost']      || config['vhost']
                c_conn = opts['connection']
                c_path = opts['path_info']
+               c_auth = opts['basic_auth']
                uri    = set_cgi(c_cgi)
                qstr   = c_qs
                pstr   = c_body
@@ -213,6 +220,11 @@
                req += set_version(c_prot, c_vers)
                req += set_host_header(c_host)
                req += set_agent_header(c_ag)
+
+               if (c_auth.length > 0)
+                       req += set_basic_auth_header(c_auth)
+               end
+
                req += set_cookie_header(c_cook)
                req += set_connection_header(c_conn)
                req += set_extra_headers(c_head)
@@ -647,6 +659,13 @@
        end

        #
+       # Return the Authorization basic-auth header
+       #
+       def set_basic_auth_header(auth)
+               auth ? set_formatted_header("Authorization", "Basic " + Rex::Text.encode_base64(auth)) : ""
+       end
+
+       #
        # Return a string of formatted extra headers
        #
        def set_extra_headers(headers)


-- 
                 ..:[ grutz at jingojango dot net ]:..
     GPG fingerprint: 5FD6 A27D 63DB 3319 140F  B3FB EC95 2A03 8CB3 ECB4
        "There's just no amusing way to say, 'I have a CISSP'."
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 191 bytes
Desc: not available
URL: <http://mail.metasploit.com/pipermail/framework/attachments/20070422/f7a7f57d/attachment.pgp>
Previous By Date Next
Previous By Thread Next

Current thread: