new: the user-agent for the http plugins is now randomized by default…

…, new --http-ua argument replaced --http-random-ua
evilsocket · Jan 12, 2024 · efc8925 · efc8925
1 parent ed9a56a
commit efc8925
Show file tree

Hide file tree

Showing 2 changed files with 13 additions and 12 deletions.
diff --git a/src/plugins/http/mod.rs b/src/plugins/http/mod.rs
@@ -63,7 +63,7 @@ pub(crate) struct HTTP {
     domain: String,
     workstation: String,
 
-    random_ua: bool,
+    user_agent: Option<String>,
     success_codes: Vec<u16>,
     success_string: Option<String>,
     failure_string: Option<String>,
@@ -97,7 +97,7 @@ impl HTTP {
             enum_ext_placeholder: String::new(),
             method: Method::GET,
             headers: HeaderMap::default(),
-            random_ua: false,
+            user_agent: None,
             payload: None,
             proxy: None,
             proxy_user: None,
@@ -265,14 +265,15 @@ impl HTTP {
     fn setup_headers(&self) -> HeaderMap {
         let mut headers = self.headers.clone();
 
-        if self.random_ua {
-            headers.append(
-                USER_AGENT,
-                HeaderValue::from_str(ua::USER_AGENTS.choose(&mut rand::thread_rng()).unwrap())
-                    .unwrap(),
-            );
-        }
+        let user_agent = if let Some(ua) = self.user_agent.as_ref() {
+            // use selected user-agent
+            ua.as_str()
+        } else {
+            // pick user-agent randomly
+            ua::USER_AGENTS.choose(&mut rand::thread_rng()).unwrap()
+        };
 
+        headers.append(USER_AGENT, HeaderValue::from_str(user_agent).unwrap());
         headers
     }
 
@@ -468,7 +469,7 @@ impl Plugin for HTTP {
     }
 
     fn setup(&mut self, opts: &Options) -> Result<(), Error> {
-        self.random_ua = opts.http.http_random_ua;
+        self.user_agent = opts.http.http_ua.clone();
 
         self.csrf = if let Some(csrf_page) = opts.http.http_csrf_page.as_ref() {
             Some(csrf::Config::new(csrf_page, &opts.http.http_csrf_regexp)?)

diff --git a/src/plugins/http/options.rs b/src/plugins/http/options.rs
@@ -8,8 +8,8 @@ pub(crate) struct Options {
     /// Comma separated status codes to consider as successful authentication attempts for HTTP based plugins.
     pub http_success_codes: String,
     #[clap(long)]
-    /// Randomize requests User-Agent.
-    pub http_random_ua: bool,
+    /// Set a User-Agent. If none is specified, it'll be picked randomly for each request.
+    pub http_ua: Option<String>,
     #[clap(long)]
     /// Check for the presence of this string in the response in order to recognize a succesful attempt.
     pub http_success_string: Option<String>,