Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Katana JSONL file Issue on raw request field #876

Open
exploit-io opened this issue May 3, 2024 · 0 comments
Open

Katana JSONL file Issue on raw request field #876

exploit-io opened this issue May 3, 2024 · 0 comments
Assignees
@dogancanbakir
Labels
Type: Bug Inconsistencies or issues which will cause an issue or problem for users or implementors.

Comments

@exploit-io
Copy link

Katana JSONL file has issues on saving POST requests, for Example:

{"timestamp":"2024-05-02T16:28:07.690561274Z","request":{"method":"POST","endpoint":"http://testphp.vulnweb.com/secured/newuser.php","body":"signup=signup\u0026uuname=katana\u0026upass=katanaP@assw0rd1\u0026upass2=katanaP@assw0rd1\u0026urname=katana\u0026ucc=katana\u0026uemail=katana\u0026uphone=katana","headers":{"Content-Type":"application/x-www-form-urlencoded"},"tag":"form","attribute":"action","source":"http://testphp.vulnweb.com/signup.php","raw":"GET /secured/newuser.php HTTP/1.1\r\nHost: testphp.vulnweb.com\r\nUser-Agent: Go-http-client/1.1\r\nCookie: PHPSESSIONID=XXXXXXXXX\r\nHost-Header: hostname.tld\r\nX-Api-Key: XXXXX\r\nX-Powered-By: Raider\r\nAccept-Encoding: gzip\r\n\r\n"},"response":{"status_code":200,"headers":{"x_powered_by":"PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1","content_encoding":"gzip","server":"nginx/1.19.0","date":"Thu, 02 May 2024 16:28:05 GMT","content_type":"text/html; charset=UTF-8","transfer_encoding":"chunked","connection":"keep-alive"},"body":"\u003chtml\u003e\u003chead\u003e\n\u003ctitle\u003eadd new user\u003c/title\u003e\n\u003cmeta http-equiv=\"Content-Type\" content=\"text/html; charset=iso-8859-1\"\u003e\n\u003clink href=\"style.css\" rel=\"stylesheet\" type=\"text/css\"\u003e\n\u003c/head\u003e\n\u003cbody\u003e\n\u003cdiv id=\"masthead\"\u003e \n  \u003ch1 id=\"siteName\"\u003eACUNETIX ART\u003c/h1\u003e \n\u003c/div\u003e\n\u003cdiv id=\"content\"\u003e\n\t\u003c/div\u003e\n\n\n\u003c/body\u003e\u003c/html\u003e","technologies":["PHP:5.6.40","Nginx:1.19.0","Ubuntu"],"raw":"HTTP/1.1 200 OK\r\nContent-Length: 415\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nContent-Type: text/html; charset=UTF-8\r\nDate: Thu, 02 May 2024 16:28:05 GMT\r\nServer: nginx/1.19.0\r\nX-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1\r\n\r\n\u003c!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\" \"http://www.w3.org/TR/html4/loose.dtd\"\u003e\r\n\u003chtml\u003e\r\n\u003chead\u003e\r\n\u003ctitle\u003eadd new user\u003c/title\u003e\r\n\u003cmeta http-equiv=\"Content-Type\" content=\"text/html; charset=iso-8859-1\"\u003e\r\n\u003clink href=\"style.css\" rel=\"stylesheet\" type=\"text/css\"\u003e\r\n\u003c/head\u003e\r\n\u003cbody\u003e\r\n\u003cdiv id=\"masthead\"\u003e \r\n  \u003ch1 id=\"siteName\"\u003eACUNETIX ART\u003c/h1\u003e \r\n\u003c/div\u003e\r\n\u003cdiv id=\"content\"\u003e\r\n\t\u003c/div\u003e\r\n\u003c/body\u003e\r\n\u003c/html\u003e\r\n"}}

but it seems OK in GET Requests:

{"timestamp":"2024-05-02T16:28:03.490823562Z","request":{"method":"GET","endpoint":"http://testphp.vulnweb.com/artists.php?artist=1","tag":"a","attribute":"href","source":"http://testphp.vulnweb.com/artists.php","raw":"GET /artists.php?artist=1 HTTP/1.1\r\nHost: testphp.vulnweb.com\r\nUser-Agent: Go-http-client/1.1\r\nCookie: PHPSESSIONID=XXXXXXXXX\r\nHost-Header: hostname.tld\r\nX-Api-Key: XXXXX\r\nX-Powered-By: Raider\r\nAccept-Encoding: gzip\r\n\r\n"},"response":{"status_code":200,"headers":{"server":"nginx/1.19.0","date":"Thu, 02 May 2024 16:28:01 GMT","content_type":"text/html; charset=UTF-8","transfer_encoding":"chunked","connection":"keep-alive","x_powered_by":"PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1","content_encoding":"gzip"},"body":"\u003chtml\u003e\u003chead\u003e\u003c/head\u003e\u003cbody\u003eWarning: mysql_connect(): Connection refused in /hj/var/www/database_connect.php on line 2\nWebsite is out of order. Please visit back later. Thank you for understanding.\u003c/body\u003e\u003c/html\u003e","technologies":["PHP:5.6.40","Nginx:1.19.0","Ubuntu"],"raw":"HTTP/1.1 200 OK\r\nContent-Length: 170\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nContent-Type: text/html; charset=UTF-8\r\nDate: Thu, 02 May 2024 16:28:01 GMT\r\nServer: nginx/1.19.0\r\nX-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1\r\n\r\n\nWarning: mysql_connect(): Connection refused in /hj/var/www/database_connect.php on line 2\nWebsite is out of order. Please visit back later. Thank you for understanding."}}
@exploit-io exploit-io added the Type: Bug Inconsistencies or issues which will cause an issue or problem for users or implementors. label May 3, 2024
@dogancanbakir dogancanbakir self-assigned this May 6, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@dogancanbakir dogancanbakir

Labels
Type: Bug Inconsistencies or issues which will cause an issue or problem for users or implementors.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@dogancanbakir @exploit-io