adding in-template cookie reuse

2025-12-18 05:05:23 +00:00 · 2020-07-16 16:15:24 +02:00 · 2020-07-16 16:15:24 +02:00 · a256a56993
commit a256a56993
parent a4ac439790
4 changed files with 19 additions and 2 deletions
--- a/v2/internal/runner/runner.go
+++ b/v2/internal/runner/runner.go
@ -259,6 +259,7 @@ func (r *Runner) processTemplateWithList(template *templates.Template, request i
 			ProxySocksURL: r.options.ProxySocksURL,
 			CustomHeaders: r.options.CustomHeaders,
 			JSON:          r.options.JSON,
+			CookieReuse:   value.CookieReuse,
 		})
 	}
 	if err != nil {
--- a/v2/pkg/executer/executer_http.go
+++ b/v2/pkg/executer/executer_http.go
@ -7,6 +7,7 @@ import (
 	"io"
 	"io/ioutil"
 	"net/http"
+	"net/http/cookiejar"
 	"net/http/httputil"
 	"net/url"
 	"os"
@ -36,6 +37,7 @@ type HTTPExecuter struct {
 	writer        *bufio.Writer
 	outputMutex   *sync.Mutex
 	customHeaders requests.CustomHeaders
+	CookieJar     *cookiejar.Jar
 }

 // HTTPOptions contains configuration options for the HTTP executer.
@ -50,6 +52,8 @@ type HTTPOptions struct {
 	Debug         bool
 	JSON          bool
 	CustomHeaders requests.CustomHeaders
+	CookieReuse   bool
+	CookieJar     *cookiejar.Jar
 }

 // NewHTTPExecuter creates a new HTTP executer from a template
@ -68,6 +72,15 @@ func NewHTTPExecuter(options *HTTPOptions) (*HTTPExecuter, error) {
 	// Create the HTTP Client
 	client := makeHTTPClient(proxyURL, options)
 	client.CheckRetry = retryablehttp.HostSprayRetryPolicy()
+	if options.CookieJar != nil {
+		client.HTTPClient.Jar = options.CookieJar
+	} else if options.CookieReuse {
+		jar, err := cookiejar.New(nil)
+		if err != nil {
+			return nil, err
+		}
+		client.HTTPClient.Jar = jar
+	}

 	executer := &HTTPExecuter{
 		debug:         options.Debug,
@ -79,6 +92,7 @@ func NewHTTPExecuter(options *HTTPOptions) (*HTTPExecuter, error) {
 		outputMutex:   &sync.Mutex{},
 		writer:        options.Writer,
 		customHeaders: options.CustomHeaders,
+		CookieJar:     options.CookieJar,
 	}
 	return executer, nil
 }
--- a/v2/pkg/requests/http-request.go
+++ b/v2/pkg/requests/http-request.go
@ -34,6 +34,8 @@ type HTTPRequest struct {
 	Headers map[string]string `yaml:"headers,omitempty"`
 	// Body is an optional parameter which contains the request body for POST methods, etc
 	Body string `yaml:"body,omitempty"`
+	// CookieReuse is an optional setting that makes cookies shared within requests
+	CookieReuse bool `yaml:"cookie-reuse,omitempty"`
 	// Matchers contains the detection mechanism for the request to identify
 	// whether the request was successful
 	Matchers []*matchers.Matcher `yaml:"matchers,omitempty"`
--- a/v2/pkg/workflows/var.go
+++ b/v2/pkg/workflows/var.go
@ -42,12 +42,12 @@ func (n *NucleiVar) Call(args ...tengo.Object) (ret tengo.Object, err error) {

 	// if external variables are specified and matches the template ones, these gets overwritten
 	if len(args) >= 1 {
-		headers = iterableToMapString(&args[0])
+		headers = iterableToMapString(args[0])
 	}

 	// if external variables are specified and matches the template ones, these gets overwritten
 	if len(args) >= 2 {
-		externalVars = iterableToMap(&args[1])
+		externalVars = iterableToMap(args[1])
 	}

 	var gotResult bool