search

jaeles-project / jaeles

The Swiss Army knife for automated Web Application Testing
https://jaeles-project.github.io/
MIT License
2.11k stars 321 forks source link

Is "Body" works as intended? #19

Open Sh1Yo opened 4 years ago

Sh1Yo commented 4 years ago

As we can see in the docs:

Header() and Body() have same usage of Query() generator.

- Query("{{.payload}}", "{{.name}}") works fine, but - Body("{{.payload}}", "{{.name}}") just ignored. I tried to set the method to POST, but anyways it doesn't work My config is -

id: ci-fuzz-01
info:
  name: Command Injection Reflection
  risk: High
payloads:
- 'echo TJEGSE$((2314+6548321))$(echo TJEGSE)TJEGSE' 
requests:
- detections:
  - StringSearch("response", "6550635") && (StringCount("response", "6550635") > StringCount("oresponse",
    "6550635"))
  generators:
  - Body("{{.payload}}", "{{.name}}")
type: fuzz
variables:
- name: 'cmd

'
j3ssie commented 4 years ago

This look like a bug let me investigate and let you know.

j3ssie commented 4 years ago

Body("{{.payload}}") this should works. Because I do not support body select param yet

Sh1Yo commented 4 years ago

Okay, but I think that select param for Body is a necessary option so I will leave the issue open until you add it.