(Fixed #139, #140) Added --only-custom-payload / --skip-grepping flags

hahwul · Nov 2, 2020 · eaa2d84 · eaa2d84
1 parent 8f91476
commit eaa2d84
Show file tree

Hide file tree

Showing 3 changed files with 13 additions and 6 deletions.
diff --git a/cmd/root.go b/cmd/root.go
@@ -17,9 +17,9 @@ var optionsBool = make(map[string]bool)
 var config, cookie, data, header, p, customPayload, userAgent, blind, output, format, foundAction, proxy, grep string
 var ignoreReturn, miningWord, method string
 var timeout, concurrence, delay int
-var onlyDiscovery, silence, followRedirect, mining, findingDOM, noColor, noSpinner bool
+var onlyDiscovery, silence, followRedirect, mining, findingDOM, noColor, noSpinner, onlyCustomPayload bool
 var options model.Options
-var skipMiningDom, skipMiningDict, skipMiningAll, skipXSSScan, skipBAV bool
+var skipMiningDom, skipMiningDict, skipMiningAll, skipXSSScan, skipBAV, skipGrep bool
 
 // rootCmd represents the base command when called without any subcommands
 var rootCmd = &cobra.Command{
@@ -80,6 +80,8 @@ func init() {
 	rootCmd.PersistentFlags().BoolVar(&skipMiningDict, "skip-mining-dict", false, "Skipping Dict base parameter mining")
 	rootCmd.PersistentFlags().BoolVar(&skipMiningAll, "skip-mining-all", false, "Skipping ALL parameter mining")
 	rootCmd.PersistentFlags().BoolVar(&skipXSSScan, "skip-xss-scanning", false, "Skipping XSS Scanning (same '--only-discovery' option)")
+	rootCmd.PersistentFlags().BoolVar(&onlyCustomPayload, "only-custom-payload", false, "Only testing custom payload (required --custom-payload")
+	rootCmd.PersistentFlags().BoolVar(&skipGrep, "skip-grepping", false, "Skipping built-in grepping")
 
 	printing.Banner()
 }
@@ -104,6 +106,7 @@ func initConfig() {
 		Concurrence:       concurrence,
 		Delay:             delay,
 		OnlyDiscovery:     onlyDiscovery,
+		OnlyCustomPayload: onlyCustomPayload,
 		Silence:           silence,
 		FollowRedirect:    followRedirect,
 		Scan:              make(map[string]model.Scan),
@@ -114,6 +117,7 @@ func initConfig() {
 		Method:            method,
 		NoSpinner:         noSpinner,
 		NoBAV:             skipBAV,
+		NoGrep:            skipGrep,
 	}
 	// var skipMiningDom, skipMiningDict, skipMiningAll, skipXSSScan, skipBAV bool
 

diff --git a/pkg/model/options.go b/pkg/model/options.go
@@ -24,6 +24,7 @@ type Options struct {
 	NowURL            int
 	Sequence          int
 	OnlyDiscovery     bool
+	OnlyCustomPayload bool
 	Silence           bool
 	IsAPI             bool
 	Mass              bool
@@ -38,6 +39,7 @@ type Options struct {
 	NoBAV             bool
 	ServerHost        string
 	ServerPort        int
+	NoGrep            bool
 }
 
 // Scan is struct of scan

diff --git a/pkg/scanning/scan.go b/pkg/scanning/scan.go
@@ -200,7 +200,7 @@ func Scan(target string, options model.Options, sid string) {
 
 		// set path base xss
 
-		if isAllowType(policy["Content-Type"]) {
+		if (isAllowType(policy["Content-Type"]) && !options.OnlyCustomPayload){
 
 			arr := getCommonPayload()
 			for _, avv := range arr {
@@ -847,10 +847,11 @@ func SendReq(req *http.Request, payload string, options model.Options) (string,
 	//for SSTI
 	ssti := getSSTIPayload()
 
-	//grepResult := make(map[string][]string)
-
-	grepResult := builtinGrep(str)
+	grepResult := make(map[string][]string)
 
+	if !options.NoGrep {
+		grepResult = builtinGrep(str)
+	}
 	for k, v := range grepResult {
 		if k == "dalfox-ssti" {
 			really := false