| skipped 170 lines |
171 | 171 | | url=url, data=data, headers=full_headers, cookies=raw_cookies |
172 | 172 | | ) |
173 | 173 | | custom_injection_in = obj.custom_injection_in |
174 | | - | if "COOKIE" in custom_injection_in: |
175 | | - | level = 2 |
176 | | - | if "HEADER" in custom_injection_in: |
177 | | - | level = 3 |
178 | 174 | | injection_points = obj.injection_point |
179 | 175 | | conf.is_multipart = is_multipart = obj.is_multipart |
180 | 176 | | conf.is_json = is_json = obj.is_json |
| skipped 27 lines |
208 | 204 | | exit(0) |
209 | 205 | | for injection_type in list(injection_points.keys()): |
210 | 206 | | if custom_injection_in: |
211 | | - | question = "y" |
| 207 | + | if "COOKIE" in custom_injection_in: |
| 208 | + | level = 2 |
| 209 | + | if "HEADER" in custom_injection_in: |
| 210 | + | level = 3 |
| 211 | + | question = None |
212 | 212 | | if "POST" in custom_injection_in: |
213 | 213 | | if not is_asked: |
214 | 214 | | question = logger.read_input( |
| skipped 20 lines |
235 | 235 | | is_asked = True |
236 | 236 | | if question and question == "y": |
237 | 237 | | injection_types = custom_injection_in |
| 238 | + | if question and question == "n": |
| 239 | + | # when custom injection marker '*' is found but user don't want to scan those we will go with default level 1 |
| 240 | + | level = 1 |
| 241 | + | custom_injection_in = [] |
238 | 242 | | if level == 1 and not injection_types: |
239 | 243 | | injection_types = ["GET", "POST"] |
240 | 244 | | if level == 2 and not injection_types: |
| skipped 572 lines |