-
Notifications
You must be signed in to change notification settings - Fork 2.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Feature] Add More Global Variables #491
Comments
I second this. Also {{.Proto}} for http/https. |
Ive run into this as well, for wanting to use full paths in templates. The list of Jaeles Project Declares would be awesome to have available! |
This should be covered in #641 (still in development) as all the above are accessible through the scripting engine. |
This is now supported in dev version:- Newly added Global variables:-
Template example:- id: basic-example
info:
name: Test HTTP Template
author: pdteam
severity: info
requests:
- method: GET
path:
- "{{BaseURL}}"
headers:
A: '{{BaseURL}}'
B: '{{RootURL}}'
C: '{{Hostname}}'
D: '{{Host}}'
E: '{{Port}}'
F: '{{Scheme}}'
G: '{{Path}}' Example output:-
|
Thank You 💖 |
Hi team, I'm also need to take control in GET/POST Parameters, there is a Global Variable for that? How can por example if my request is to site.com/sqli.php?vulnerableID=1 just use all the URL complete |
It Is Possible To Add More Global Variables In Row Request , You Only Declared {{Hostname}} And {{BaseURL}} So It Will Be A Great If You Add More e.g. Jaeles Project Declares
So You Can Add e.g.
{{Path}} It Will Help Us If We Need Do Action On Specific Endpoint e.g. Use It To Spoof Origin Endpoint By Using Header e.g. X-Original-URL: {{Path}}
{{Parameters}} It Will Help Us If We Need To Control On GET Queries OR POST Body e.g. Change Request From GET To POST Or Vice Versa
{{CustomHeader}} It Will Help Us If We Need To Add Custom Headers From stdin
Also It Will Be A Great If You Add UpdateLength Option To Help Us To Control On Content-Length Header , That Will Be Awesome While Doing HTTP Request Smuggler e.g. If I Set -UpdateLength 6 Then Content-Length Header Will Be Like This Content-Length: 6 And If I Set -UpdateLength All Then Content-Length Header Will Be Length Of The Whole Body Of Request
The text was updated successfully, but these errors were encountered: