-
-
Notifications
You must be signed in to change notification settings - Fork 1.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
bug: Global Variable - custom_header does not parse correctly #1220
Comments
👋 Hi @Zeetaz, |
May also add that it appears as if custom_header: 'User-Agent: hello' will only work for nuclei as of right now. |
this issue still exists unfortunately, having the same problem... |
Hi @Zeetaz @oz9un This has been fixed,
And scan specific custom headers are no longer supported them, instead they will be used as global variables. This is because next update for rengine will introduce a different UI on how we initiate scan, allowing us to pass global scan variables for each scans instead of hardcoding in scan engines. Thanks |
Is there an existing issue for this?
Current Behavior
When trying to run a scan utilzing the global variable "custom_header" it will be parsed differently depending on which tool it is assigned to.
For example, running the following YAML scanner config:
It will break:
If you instead were to run a vulnerability scan instead for fetch_url it will function correctly for nuclei.
It is possible to make this work as a temporary solution:
But this reuqires you to run two separate scans for vulnerability scans and fetching URL's... I am also not sure if it will break other tools or if it is only katana that is currently broken an expects "items" instead of strings.
Expected Behavior
The expected behavior, for most tools and for katan, would be to run the configuration as:
And it should be appended to the tool (katan in this case) as
-H "User-Agent: testing"
Steps To Reproduce
Note that the scan fails as it does not expect a str value.
Run the following - modified - configuration:
(it will append the header to katana as
-H "User-Agent: Hello_Working_PoC"
)Environment
- reNgine: 2.0.3
Anything else?
No response
The text was updated successfully, but these errors were encountered: