Fixing branch issues for cookie patch

vpnguy-zz · Jan 11, 2018 · 4b51a9d · 4b51a9d
1 parent 6d4ed50
commit 4b51a9d
Show file tree

Hide file tree

Showing 2 changed files with 45 additions and 16 deletions.
diff --git a/README.md b/README.md
@@ -24,7 +24,7 @@ HandyHeaderHacker is a script to examine HTTP responses from a server for best s
 			Handy Header Hacker (HHH)
 				by DarkRed
 			Examine HTTP response headers for common security issues
-				Ver: 1.2 - 6/26/2017
+				Ver: 1.3 - 1/11/2018
 		
     optional arguments:
       -h, --help Show this help message and exit
@@ -37,6 +37,8 @@ HandyHeaderHacker is a script to examine HTTP responses from a server for best s
       -a, --headers Inspect anomalous headers on target
       -k, --insecure Ignore certificate errors on the remote host
       -rf, --refpolicy Inspect only the Referrer-Policy header on target
+	  -b "COOKIE", --cookie "COOKIE" Pass a cookie to your request to simulate an authenticated user, EX: ./hhh.py -t https://google.com -b "cookie1=test;cookie2=google
+
 
 
     Required:

diff --git a/hhh.py b/hhh.py
@@ -2,7 +2,7 @@
 from argparse import RawTextHelpFormatter
 import argparse
 import sys
-import urllib
+import urllib2
 import datetime
 import ssl #For SSL context modification
 
@@ -106,31 +106,52 @@ def AnomalousHeaders(searchheaders):
 		if not any(y.lower() in header.lower() for y in KnownHeaders):
 			print "\033[1;34m[I]\033[0m Anomalous Header detected '" + header.rstrip() + "' \033[1;34m(Possible Informational)\033[0m"
 
-def RetrieveHeader(Target):
+def RetrieveHeader(Target, **cookiekey):
 	ReplyHeaders = ""
+	CookieGlobal = ""
+	if 'cookie' in cookiekey: #detect if keyword function param is set
+		CookieGlobal =  cookiekey['cookie']
+
+	if "http" not in Target[:4].lower():
+		print "You must specify a protocol (\"http\" or \"https\")"
+		sys.exit(0)
 	if "https" in Target[:5]:
 		sslcontext = ssl.create_default_context()
 		if args.insecure:
 			print "Ignoring certificate errors..."
 			sslcontext = ssl._create_unverified_context() #Ignore all SSL context 
 		try:
-			ReplyHeaders = urllib.urlopen(Target,context=sslcontext).headers.headers
+			if len(CookieGlobal) > 0:
+				print "Using provided cookie..."
+				RequestFormed = urllib2.Request(Target, headers={"Cookie" : CookieGlobal})
+				ReplyHeaders = urllib2.urlopen(RequestFormed, context=sslcontext).headers.headers
+			else:
+				RequestFormed = urllib2.Request(Target)
+				ReplyHeaders = urllib2.urlopen(RequestFormed, context=sslcontext).headers.headers
 		except ssl.CertificateError:
 			print "SSL Certificate error, ignore with -k flag"
 			sys.exit(0)
 		return ReplyHeaders
 	else:
-		ReplyHeaders = urllib.urlopen(Target).headers.headers
+		if len(CookieGlobal) > 0:
+			print "Using provided cookie..."
+			RequestFormed = urllib2.Request(Target,  headers={"Cookie" : CookieGlobal})
+			ReplyHeaders = urllib2.urlopen(RequestFormed).headers.headers
+		else:
+			ReplyHeaders = urllib2.urlopen(Target).headers.headers
 		return ReplyHeaders
 
+def CookieList(string):
+	return string.split(';')
+
 
 if __name__ == '__main__':
 	parser = argparse.ArgumentParser(description="""
 
 			Handy Header Hacker (HHH)
 				by DarkRed
 			Examine HTTP response headers for common security issues
-				Ver: 1.2 - 6/26/2017
+				Ver: 1.3 - 1/11/2018
 
 
 		""",formatter_class=RawTextHelpFormatter)
@@ -147,59 +168,65 @@ def RetrieveHeader(Target):
 	parser.add_argument('-a','--headers', help='Inspect anomalous headers on target', required=False, action='store_true')
 	parser.add_argument('-k','--insecure', help='Ignore certificate errors on the remote host', required=False, action='store_true')
 	parser.add_argument('-rf','--refpolicy', help='Inspect only the Referrer-Policy header on target', required=False, action='store_true')
+	parser.add_argument('-b','--cookie', help='Pass a cookie to your request to simulate an authenticated user, EX: ./hhh.py -t https://google.com -b "cookie1=test;cookie2=google', required=False, type=CookieList)
 
 	args = parser.parse_args()
 	multiarg = False 
 	print "Starting Handy Header Hacker... "
+	CookieGlobal = "" #Define an empty cookie variable
+	if args.cookie:
+		delim = ';'
+		CookieGlobal = delim.join(args.cookie)
+
 
 	if args.securechecks:
 		multiarg = True
 		if  "https" in args.target[:5]:
 			print "Attempting checks against HTTPS headers on " + args.target
-			Headers = RetrieveHeader(args.target)
+			Headers = RetrieveHeader(args.target, cookie=CookieGlobal)
 			SecureChecks(Headers)
 		else:
 			print "Target is not utilizing HTTPS, exiting..."
 			sys.exit(0)
 	if args.refpolicy:
 		multiarg = True
 		print "Attempting check against Referrer-Policy header on " + args.target
-		Headers = RetrieveHeader(args.target)
+		Headers = RetrieveHeader(args.target, cookie=CookieGlobal)
 		ReferrerPolicy(Headers)
 	if args.xframeoptions:
 		multiarg = True
 		print "Attempting check against X-Frame-Options header on " + args.target
-		Headers = RetrieveHeader(args.target)
+		Headers = RetrieveHeader(args.target, cookie=CookieGlobal)
 		XFrameOptions(Headers)
 	if args.xxssprotection:
 		multiarg = True
 		print "Attempting check against X-XSS-Protection header on " + args.target
-		Headers = RetrieveHeader(args.target)
+		Headers = RetrieveHeader(args.target, cookie=CookieGlobal)
 		XXSSProtection(Headers)
 	if args.xcontenttypeoptions:
 		multiarg = True
 		print "Attempting check against X-Content-Type-Options header on " + args.target
-		Headers = RetrieveHeader(args.target)
+		Headers = RetrieveHeader(args.target, cookie=CookieGlobal)
 		XContentTypeOptions(Headers)
 	if args.general:
 		multiarg = True
 		print "Attempting general header checks on " + args.target
-		Headers = RetrieveHeader(args.target)
+		Headers = RetrieveHeader(args.target, cookie=CookieGlobal)
 		GeneralInspect(Headers)
 	if args.cookies:
 		multiarg = True
 		print "Attempting cookie checks on " + args.target
-		Headers = RetrieveHeader(args.target)
+		Headers = RetrieveHeader(args.target, cookie=CookieGlobal)
 		CookieInspection(Headers)
 	if args.headers:
 		multiarg = True
 		print "Attempting anomalous header check on " + args.target
-		Headers = RetrieveHeader(args.target)
+		Headers = RetrieveHeader(args.target, cookie=CookieGlobal)
 		AnomalousHeaders(Headers)
 
 	if multiarg == False:	#Do not run all checks if checks specified
 		print "Launching Handy Header Hacker against: " + args.target
-		Headers = RetrieveHeader(args.target)
+		Headers = RetrieveHeader(args.target, cookie=CookieGlobal)
 		XFrameOptions(Headers)
 		ContentSecurityPolicy(Headers)
 		XXSSProtection(Headers)
@@ -211,4 +238,4 @@ def RetrieveHeader(Target):
 			SecureChecks(Headers)
 		AnomalousHeaders(Headers)
 	print 'Completed at: {:%H:%M:%S on %m-%d-%Y}'.format(datetime.datetime.now())
-	sys.exit(0)
+	sys.exit(0)