While doing HTTP fuzzing, I'm using a script to grab a CSRF token from a page and save it to a file every minute. It would be very handy to have Patator be able to read from this file while running and include the updated token in the requests.
It would probably provide the most flexibility if there was a function to run a command every n requests or every n seconds, and use the output in subsequent requests. In the case of reading a file, it could simply be done with cat.
Example:
patator http_fuzz url="http://localhost/test.php" method=POST body="csrf-token=SCRIPT0" 0="./get_token.sh:60S"
Where one could specify 0="[command]:N[S|R] where N is the number, and S or R specifies either seconds or requests.
While doing HTTP fuzzing, I'm using a script to grab a CSRF token from a page and save it to a file every minute. It would be very handy to have Patator be able to read from this file while running and include the updated token in the requests.
It would probably provide the most flexibility if there was a function to run a command every n requests or every n seconds, and use the output in subsequent requests. In the case of reading a file, it could simply be done with
cat
.Example:
patator http_fuzz url="http://localhost/test.php" method=POST body="csrf-token=SCRIPT0" 0="./get_token.sh:60S"
Where one could specify0="[command]:N[S|R]
whereN
is the number, andS
orR
specifies either seconds or requests.