first commit regarding Feature #144

lib/core/agent.py

@@ -99,6 +99,8 @@ class Agent:
         # Before identifing the injectable parameter
         elif parameter == "User-Agent":
             retValue = value.replace(value, newValue)
+        elif parameter == "URI":
+            retValue = value.replace('*', newValue)
         else:
             paramString = conf.parameters[place]
 

lib/core/target.py

@@ -83,6 +83,12 @@ def __setRequestParams():
 
         conf.method = "POST"
 
+    if '*' in conf.url:
+        conf.parameters["URI"] = conf.url
+        conf.paramDict["URI"] = { "URI": conf.url } # similar as for User-Agent
+        conf.url = conf.url.replace('*', '')
+        __testableParameters = True
+
     # Perform checks on Cookie parameters
     if conf.cookie:
         conf.parameters["Cookie"] = conf.cookie

lib/request/connect.py

@@ -293,6 +293,8 @@ class Connect:
         ua          = None
         page        = None
         pageLength  = None
+        uri         = conf.url
+        raise404    = place != "URI"
 
         if not place:
             place = kb.injPlace
@@ -309,6 +311,9 @@ class Connect:
         if "User-Agent" in conf.parameters:
             ua = conf.parameters["User-Agent"] if place != "User-Agent" or not value else value
 
+        if "URI" in conf.parameters:
+            uri = conf.url if place != "URI" or not value else value
+
         if conf.safUrl and conf.saFreq > 0:
             kb.queryCounter += 1
             if kb.queryCounter % conf.saFreq == 0:
@@ -316,19 +321,19 @@ class Connect:
 
         if not content and kb.nullConnection:
             if kb.nullConnection == "HEAD":
-                _, headers = Connect.getPage(get=get, post=post, cookie=cookie, ua=ua, silent=silent, method="HEAD", auxHeaders=auxHeaders)
+                _, headers = Connect.getPage(url=uri, get=get, post=post, cookie=cookie, ua=ua, silent=silent, method="HEAD", auxHeaders=auxHeaders, raise404=raise404)
                 pageLength = int(headers['Content-Length'])
             elif kb.nullConnection == "Range":
                 if not auxHeaders:
                     auxHeaders = {}
                 auxHeaders["Range"] = "bytes=-1"
-                _, headers = Connect.getPage(get=get, post=post, cookie=cookie, ua=ua, silent=silent, method=method, auxHeaders=auxHeaders)
+                _, headers = Connect.getPage(url=uri, get=get, post=post, cookie=cookie, ua=ua, silent=silent, method=method, auxHeaders=auxHeaders, raise404=raise404)
                 pageLength = int(headers['Content-Range'][headers['Content-Range'].find('/') + 1:])
             else:
                 kb.nullConnection = None
 
         if not pageLength:
-            page, headers = Connect.getPage(get=get, post=post, cookie=cookie, ua=ua, silent=silent, method=method, auxHeaders=auxHeaders)
+            page, headers = Connect.getPage(url=uri, get=get, post=post, cookie=cookie, ua=ua, silent=silent, method=method, auxHeaders=auxHeaders, raise404=raise404)
 
         if content:
             return page, headers