Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix aff config err #676

Merged
merged 1 commit into from
Nov 30, 2023
Merged

Fix aff config err #676

merged 1 commit into from
Nov 30, 2023

Conversation

dogancanbakir
Copy link
Member

without email:

$ cat ~/.config/katana/form-config.yaml
color: '#e66465'
password: katanaP@assw0rd1
phone: "2124567890"
placeholder: katana

$ go run . -u http://0.0.0.0:8000/ -aff -v

   __        __                
  / /_____ _/ /____ ____  ___ _
 /  '_/ _  / __/ _  / _ \/ _  /
/_/\_\\_,_/\__/\_,_/_//_/\_,_/                                                   

                projectdiscovery.io

[INF] Current katana version v1.0.4 (latest)
[INF] Started standard crawling for => http://0.0.0.0:8000/
[GET] http://0.0.0.0:8000/
[form] [POST] http://0.0.0.0:8000/submit

with email:

$ cat ~/.config/katana/form-config.yaml
email: [email protected]
color: '#e66465'
password: katanaP@assw0rd1
phone: "2124567890"
placeholder: katana

$ go run . -u http://0.0.0.0:8000/ -aff -v

   __        __                
  / /_____ _/ /____ ____  ___ _
 /  '_/ _  / __/ _  / _ \/ _  /
/_/\_\\_,_/\__/\_,_/_//_/\_,_/                                                   

                projectdiscovery.io

[INF] Current katana version v1.0.4 (latest)
[INF] Started standard crawling for => http://0.0.0.0:8000/
[GET] http://0.0.0.0:8000/
[form] [POST] http://0.0.0.0:8000/submit [[email protected]]

Closes #675.

@dogancanbakir dogancanbakir self-assigned this Nov 28, 2023
@dogancanbakir dogancanbakir removed the request for review from Mzack9999 November 28, 2023 09:34
@dogancanbakir dogancanbakir changed the base branch from main to dev November 28, 2023 09:34
Mzack9999
Mzack9999 approved these changes Nov 29, 2023
View reviewed changes
Copy link
Member

@Mzack9999 Mzack9999 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm - I think there is an inconsistency in behavior from a real browser which sends fields with empty value, whereas we skip them totally if the field is absent from file config.

<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>Email Form</title>
</head>
<body>
    <h1>Email Submission Form</h1>
    <form action="/submit" method="post">
        <label for="email">Email:</label>
        <input type="email" id="email" name="email">
        <br>
        <input type="submit" value="Submit">
    </form>
</body>
</html>

For example firefox would send the field with an empty value
Screenshot 2023-11-29 at 17 09 48

katana would send an empty body.
Probably this might be tracked as a minor issue within a follow up ticket.

@Mzack9999 Mzack9999 added the Type: Bug Inconsistencies or issues which will cause an issue or problem for users or implementors. label Nov 29, 2023
@dogancanbakir dogancanbakir mentioned this pull request Nov 30, 2023
Closed
@ehsandeep ehsandeep merged commit 54891e9 into dev Nov 30, 2023
@ehsandeep ehsandeep deleted the fix_aff_config_err branch November 30, 2023 08:40
@Mzack9999 Mzack9999 mentioned this pull request Dec 6, 2023
Closed
@Porkepix Porkepix mentioned this pull request Jan 12, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ehsandeep ehsandeep ehsandeep approved these changes

@Mzack9999 Mzack9999 Mzack9999 approved these changes

Assignees

@dogancanbakir dogancanbakir

Labels
Type: Bug Inconsistencies or issues which will cause an issue or problem for users or implementors.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Katana -aff not filling out form as expected based on form-config.yaml
3 participants
@dogancanbakir @ehsandeep @Mzack9999