Add a /network/http route

ronin-rb · Jul 2, 2024 · c726693 · c726693
1 parent cb23f7b
commit c726693
Show file tree

Hide file tree

Showing 4 changed files with 447 additions and 0 deletions.
diff --git a/app.rb b/app.rb
@@ -39,6 +39,7 @@
 # param validations
 require 'ronin/app/validations/install_repo_params'
 require 'ronin/app/validations/import_params'
+require 'ronin/app/validations/http_params'
 
 # schema builders
 require 'ronin/app/schemas/payloads/encoders/encode_schema'
@@ -354,6 +355,27 @@ class App < Sinatra::Base
     erb :queue
   end
 
+  get '/network/http' do
+    erb :"network/http"
+  end
+
+  post '/network/http' do
+    result = Validations::HTTPParams.call(params)
+    if result.success?
+      kwargs = result.to_h
+      method = kwargs.delete(:method)
+      url    = kwargs.delete(:url)
+
+      @http_response = Ronin::Support::Network::HTTP.request(method, url, **kwargs)
+
+      erb :"network/http"
+    else
+      @params = params
+      @errors = result.errors
+      halt 400, erb(:"network/http")
+    end
+  end
+
   private
 
   #

diff --git a/lib/ronin/app/validations/http_params.rb b/lib/ronin/app/validations/http_params.rb
@@ -0,0 +1,114 @@
+# frozen_string_literal: true
+#
+# ronin-app - a local web app for Ronin.
+#
+# Copyright (c) 2023-2024 Hal Brodigan ([email protected])
+#
+# ronin-app is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# ronin-app is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with ronin-app.  If not, see <http://www.gnu.org/licenses/>.
+#
+
+require 'dry/validation'
+
+module Ronin
+  module App
+    module Validations
+      #
+      # Validations for the form params submitted to `POST /network/http`.
+      #
+      class HTTPParams < Dry::Validation::Contract
+
+        HTTPMethods = Types::Symbol.enum(
+          copy: 'COPY',
+          delete: 'DELETE',
+          get: 'GET',
+          head: 'HEAD',
+          lock: 'LOCK',
+          mkcol: 'MKCOL',
+          move: 'MOVE',
+          options: 'OPTIONS',
+          patch: 'PATCH',
+          post: 'POST',
+          propfind: 'PROPFIND',
+          proppatch: 'PROPPATCH',
+          put: 'PUT',
+          trace: 'TRACE',
+          unlock: 'UNLOCK'
+        )
+
+        Versions = (Types::Float | Types::Integer).enum(
+          1 => '1.0',
+          1.1 => '1.1',
+          1.2 => '1.2'
+        )
+
+        VerificationModes = Types::Symbol.enum(
+          none:                'none',
+          peer:                'peer',
+          fail_if_no_peer_cer: 'fail_if_no_peer_cer'
+        )
+
+        Headers = Types::Hash.constructor do |input, type|
+          if input.is_a?(String)
+            input.split(',').each_with_object({}) do |header, memory|
+              key, value        = header.split(':', 2)
+              memory[key.strip] = value.strip if key && value
+            end
+          elsif type.valid?(input)
+            input
+          else
+            type.call(input)
+          end
+        end
+
+        params do
+          required(:method).filled(HTTPMethods)
+          required(:url).filled(:string)
+
+          optional(:body).maybe(:string)
+          optional(:headers).maybe(Headers)
+
+          optional(:proxy).maybe(:string)
+          optional(:user_agent).maybe(:string)
+          optional(:user).maybe(:string)
+          optional(:password).maybe(:string)
+          optional(:cookie).maybe(:string)
+
+          optional(:ssl).hash do
+            optional(:timeout).maybe(:integer)
+            optional(:version).maybe(Versions)
+            optional(:min_version).maybe(Versions)
+            optional(:max_version).maybe(Versions)
+            optional(:verify).maybe(VerificationModes)
+            optional(:verify_depth).maybe(:integer)
+            optional(:verify_hostname).maybe(:bool)
+          end
+        end
+
+        #
+        # Initializes and calls the validation contract.
+        #
+        # @param [Hash{String => Object}] params
+        #   The HTTP params to validate.
+        #
+        # @return [Dry::Validation::Result]
+        #   The validation result.
+        #
+        def self.call(params)
+          new.call(params)
+        end
+
+      end
+    end
+  end
+end
diff --git a/views/layout.erb b/views/layout.erb
@@ -60,6 +60,14 @@
                 </div>
               </div>
 
+              <div class="navbar-item has-dropdown is-hoverable">
+                <a class="navbar-item">network</a>
+
+                <div class="navbar-dropdown">
+                  <a href="/network/http" class="navbar-item">http</a>
+                </div>
+              </div>
+
               <a href="/queue" class="navbar-item">queue</a>
               <a href="/about" class="navbar-item">about</a>
             </div>