Merge pull request #211 from duolaAOA/master

Post type Url auto-identification
2019-03-15 19:31:04 +05:30
parent 20dfc7faa0 5abe0c33c6
commit fc432e5256
1 changed files with 14 additions and 0 deletions
--- a/modes/scan.py
+++ b/modes/scan.py
@@ -32,6 +32,20 @@ def scan(target, paramData, encoding, headers, delay, timeout, skipDOM, find, sk
            target = 'http://' + target
    logger.debug('Scan target: {}'.format(target))
    response = requester(target, {}, headers, GET, delay, timeout).text
+
+
+    foundMethod = 'GET'
+    find_post_method = re.findall(
+        r'<form.*?method=\'(.*?)\'.*?>|<form.*?method="(.*?)".*?>', response)
+    for method in find_post_method:
+        try:
+            foundMethod = method[1]
+        except UnboundLocalError:
+            pass
+
+    if foundMethod.upper() == 'POST':
+        GET, POST = (False, True)
+
    if not skipDOM:
        logger.run('Checking for DOM vulnerabilities')
        highlighted = dom(response)