#VERSION,2.00
#LASTMOD,11.10.2007

###############################################################################
#  Copyright (C) 2007 CIRT, Inc.
#
#  This program is free software; you can redistribute it and/or
#  modify it under the terms of the GNU General Public License
#  as published by the Free Software Foundation; version 2
#  of the License only.
#
#  This program is distributed in the hope that it will be useful,
#  but WITHOUT ANY WARRANTY; without even the implied warranty of
#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
#  GNU General Public License for more details.
#
#  You should have received a copy of the GNU General Public License
#  along with this program; if not, write to the Free Software
#  Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
###############################################################################

###############################################################################
# PURPOSE
# Try put and then delete a file
###############################################################################

sub nikto_put_del_test
{
    # PUT a page
    LW2::http_close(\%request);    # force-close any old connections
    LW2::http_fixup_request(\%request);
    LW2::http_reset();
    my $uri = "/nikto-test-" . LW2::utils_randstr(8) . ".html";
    $request{'whisker'}->{'data'} = "This was a Nikto test.";
    $request{'whisker'}->{'version'}  = "1.0";
    (my $RES, $CONTENT) = fetch($uri, "PUT", "This was a Nikto test.");

    # Request it back
    if ($RES eq 201)
     {
      LW2::http_close(\%request);    # force-close any old connections
      LW2::http_fixup_request(\%request);
      LW2::http_reset();
      (my $RES, $CONTENT) = fetch($uri, "GET");
      if ($CONTENT =~ /This was a Nikto test/)
       {
        $TARGETS{$CURRENT_HOST_ID}{total_vulns};
        nprint("+ OSVDB-397: HTTP method 'PUT' allows clients to save files on the web server. File '$uri' was created.", "", "kb"); 

        # we were able to put it there--can we delete it?
        (my $RES, $CONTENT) = fetch($uri, "DELETE");
        if ($RES eq 200)
         {
           (my $RES, $CONTENT) = fetch($uri, "GET");
           if ($CONTENT !~ /This was a Nikto test/)  # gone now
            {
             $TARGETS{$CURRENT_HOST_ID}{total_vulns};
             nprint("+ OSVDB-5646: HTTP method 'DELETE' allows clients to delete file on the web server. File '$uri' was deleted.", "", "kb");
            }
         } 
       }
     }
}

1;