fix custom cookie parameter (`-c`, `--cookie`) not work on some situation

[chesskuo]

I noticed that the custom cookie parameter is not working in some situation.

For example, I use a LFI vulnerability on DVWA to test this bug.

It needs to login to get the vulnerable web page, so I need to login and get the PHPSESSID first. And then, I need to pass the cookie to Neo-reGeorg custom cookie field.

But it will exit on neoreg.py#631, because it would not get any Set-Cookie header from response. (I already set the PHPSESSID cookie, so it would never get that.) Here is the first bug.

And then I comment neoreg.py#632 to make this program go ahead for test. When I proxied some traffic, it would get the second bug. It show me "[HTTP] Response Format Error: " (neoreg.py#438). This is because of the value rinfo is None.

When I checked what is causing this, I noticed that the response.content always show me a DVWA login page, so I confirmed this issue is the parameter --cookie would not send my custom cookie to the remote correctly.

I correct these two bugs according this PR, please review it ~ If you have any problem, please let me know. Thank you for developing this so wonderful tool.

[L-codes]

First of all, thank you for your PR. This --cookie is for initialization settings, which will be used in the first request. If you have fixed cookie settings, do you think it would be better to use the --header parameter?

[chesskuo]

Hi, thanks for your reply.

In this situation, setting cookie in the header parameter is a good way to avoid trigger the 2nd bug. But the first bug still have. Because the web server would not return any Set-Cookie header back.

In my opinion, if --cookie option exist, it should work in correct behavior too and not only works on --header option.

[L-codes]

The --cookie parameter here is used to deal with load balancing scenarios that return Set-Cookie based on specific cookies.

In your scenario, you should use tools such as burpsuite to capture packets to obtain fixed cookies and use --header to solve it. ：）

[chesskuo]

Hello sir, I understand your opinion about the --cookie option mean and I know I can get the fixed cookie by burp. Maybe we can focus on the "If response didn't receive Set-Cookie header, the program will exit." (this is the first bug I mentioned in previous comment.)

I used the --header to set my fixed cookie (this cookie called PHPSESSID, it is the default php env cookie name). In this situation, it would break on neoreg.py#634 (this is the line number in my commit).

log.error('[Ask NeoGeorg] There is no valid cookie return')

Because neo regeorg didn't receive any Set-Cookie header in response.

And the server would not send other cookie again, because I already set a fixed cookie called PHPSESSID. This situation will make neo regeorg exit.

I think this is a bug, because I need to set a login session cookie to get some web page contain neo regeorg page. But if I set the cookie, the server would not send Set-Cookie header and trigger the program exit. Maybe we can have a mechanism to sure neo regeorg working on the the situation about "no Set-Cookie header return", right ?

How do you think about this issue?

Thanks

[L-codes]

Oh, there is indeed this problem. I just added the --php-skip-cookie parameter to skip the cookie validity verification. You can test it.