Adding README

2025-03-04 10:58:05 +01:00 · 2021-01-23 12:45:42 +01:00 · 2021-01-23 12:45:42 +01:00 · 4a4d389a41
commit 4a4d389a41
parent 7ae9468733
1 changed files with 102 additions and 1 deletions
--- a/README.md
+++ b/README.md
@ -1 +1,102 @@
-# http-chained-requests-automator
+# HTTP Chained Requests Automator
 This PHP script automates and chains HTTP requests, extracting values from headers or body and use them for the next requests. Very useful for penetration tests.
 It has been ispired by a business-logic challenge of Port Swigger:
 https://portswigger.net/web-security/logic-flaws/examples/lab-logic-flaws-infinite-money
 ## Usage
 ```bash
 $ php hcra.php params.json DEBUG
 ```
 - params.json: is the filename of the JSON file with specifications of the HTTP requests
 - DEBUG: use only for debug purpose. It additionally prints out the body response of every HTTP request
 ## Configuration
 To configure HTTP request you have to code your custom JSON file. You can start from the example in the repository:
 ```json
 [
    {
        "url": "http://localhost/mysite/login",
        "method": "POST",
        "headers": null,
        "body": "username=admin&password=s3cr3t",
        "header-regexp": [
            {
                "next_url": "/Location: (.+?)$/"
            },
            {
                "cookie": "/Set-Cookie: (.+?)$/"
            }
        ],
        "body-regexp": null
    },
    {
        "url": "http://localhost§next_url§",
        "method": "GET",
        "headers": {
            "Cookie": "§cookie§"
        },
        "body": null,
        "header-regexp": null,
        "body-regexp": [
            {
                "email": "/<p>Your email is: (.+?)<\\/p>/"
            }
        ]
    },
    {
        "url": "http://localhost/mysite/sign-up",
        "method": "POST",
        "headers": {
            "Cookie": "§cookie§"
        },
        "body": "op=signup&email=§email§",
        "header-regexp": null,
        "body-regexp": null
    }
 ]
 ```
 Every JSON object is an HTTP request with specific parameters:
 - **url**: the URL to request
 - **method**: GET|POST (you could also use PUT, DELETE, etc, but not yet tested!)
 - **headers**: a JSON array with all headers you want to send with the request
 - **body**: the body of the request in case you send a POST request
 - **header-regexp**: an array of regular expressions you want to use to extract values from the headers. IMPORTANT: only the first value per regexp will be matched
 - **body-regexp**: like header-regexp, but the values will be matched against the response body
 Example:
 ```php
 "next_url": "/Location: (.+?)$/"
 ```
 This will match the redirection after the first request, for example:
 ```http
 Location: /mysite/welcome
 ```
 If match happens, you can use
 ```php
 §next_url§
 ```
 as a variable on the next requests, so the 2nd url will change from:
 ```json
 "url": "http://localhost§next_url§",
 ```
 to:
 ```json
 "url": "http://localhost/mysite/welcome",
 ```
 until you match another **next_url** values with another regular expression with the next requests.
 ## TODO
 - better error managing
 - add some logics, so for example the script can restart from a specific request after getting some specific results from the variables