implementation of referer feature

2025-12-07 13:11:29 +00:00 · 2011-02-11 23:07:03 +00:00
parent a6ab24e0b5
commit 535eb9f3eb
6 changed files with 31 additions and 7 deletions
--- a/lib/core/agent.py
+++ b/lib/core/agent.py
@@ -108,7 +108,7 @@ class Agent:
            retValue = ET.tostring(root)
        elif place == PLACE.URI:
            retValue = paramString.replace("%s%s" % (origValue, URI_INJECTION_MARK_CHAR), self.addPayloadDelimiters(newValue))
-        elif place == PLACE.UA:
+        elif place in (PLACE.UA, PLACE.REFERER):
            retValue = paramString.replace(origValue, self.addPayloadDelimiters(newValue))
        else:
            retValue = paramString.replace("%s=%s" % (parameter, origValue),
--- a/lib/core/enums.py
+++ b/lib/core/enums.py
@@ -41,6 +41,7 @@ class PLACE:
    URI     = "URI"
    COOKIE  = "Cookie"
    UA      = "User-Agent"
+    REFERER = "Referer"

 class HTTPMETHOD:
    GET     = "GET"
--- a/lib/core/target.py
+++ b/lib/core/target.py
@@ -123,6 +123,20 @@ def __setRequestParams():
                    conf.paramDict[PLACE.UA] = { PLACE.UA: headerValue }
                    __testableParameters = True

+            elif httpHeader == PLACE.REFERER:
+                # No need for url encoding/decoding the referer
+                conf.parameters[PLACE.REFERER] = urldecode(headerValue)
+
+                condition  = not conf.testParameter
+                condition |= PLACE.REFERER in conf.testParameter
+                condition |= "referer" in conf.testParameter
+                condition |= "referrer" in conf.testParameter
+                condition |= "ref" in conf.testParameter
+
+                if condition:
+                    conf.paramDict[PLACE.REFERER] = { PLACE.REFERER: headerValue }
+                    __testableParameters = True
+
    if not conf.parameters:
        errMsg  = "you did not provide any GET, POST and Cookie "
        errMsg += "parameter, neither an User-Agent header"