Giters

ghostsecurity / reaper

💀 Don't fear the Reaper 👻

Home Page:https://ghostsecurity.github.io/reaper/

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

feat: Workflow Extractor - header regex

joshlarsen opened this issue · comments

commented

With the newly introduce Extractor node, we can grab headers and match body regex. One issue that can arise when trying to extract header content is a server that sets multiple headers of the same type (e.g. Set-Cookie):

< HTTP/1.1 200 OK
< Server: nginx
< Date: Fri, 29 Sep 2023 19:19:19 GMT
< Content-Type: text/html; charset=utf-8
< Transfer-Encoding: chunked
< Connection: keep-alive
< Vary: Accept-Encoding
< Cache-Control: max-age=0, private, must-revalidate
< Content-Security-Policy: 
< Etag: W/"945ac0ce9851eda7d74a558abb3b2929"
< Set-Cookie: preferred_language=en; path=/
< Set-Cookie: _session=6e490cb6b7648fa44fab40b9ffd82eb6; path=/; expires=Fri, 29 Sep 2023 21:19:19 GMT; HttpOnly
< Vary: Accept
< X-Content-Type-Options: nosniff

Currently, the header Extractor will match on the first header.

If we want to extract a specific cookie (like the session cookie above), perhaps we can leverage regex patterns on the headers in a similar way as the body regex extractor.