- Added cookie option to argparse

- Cookies add during request - Tested on bwapp
RedSiege · May 17, 2023 · 076bc1e · 076bc1e
1 parent 4ce99d0
commit 076bc1e
Show file tree

Hide file tree

Showing 2 changed files with 22 additions and 1 deletion.
diff --git a/Python/EyeWitness.py b/Python/EyeWitness.py
@@ -126,6 +126,8 @@ def create_cli_parser():
                               help='Prepend http:// and https:// to URLs without either')
     http_options.add_argument('--selenium-log-path', default='./geckodriver.log', action='store',
                               help='Selenium geckodriver log path')
+    http_options.add_argument('--cookies', metavar='key1=value1,key2=value2', default=None,
+                              help='Additional cookies to add to the request')
 
     resume_options = parser.add_argument_group('Resume Options')
     resume_options.add_argument('--resume', metavar='ew.db',
@@ -203,6 +205,17 @@ def create_cli_parser():
         parser.print_help()
         sys.exit()
 
+    if args.cookies:
+        cookies_list = []
+        for one_cookie in args.cookies.split(","):
+            if "=" not in args.cookies:
+                print("[*] Error: Cookies must be in the form of key1=value1,key2=value2")
+                sys.exit()
+            cookies_list.append({
+                "name": one_cookie.split("=")[0],
+                "value": one_cookie.split("=")[1]
+            })
+        args.cookies = cookies_list
     args.ua_init = False
     return args
 
@@ -224,7 +237,6 @@ def single_mode(cli_parsed):
 
     web_index_head = create_web_index_head(cli_parsed.date, cli_parsed.time)
 
-    print('Attempting to screenshot {0}'.format(http_object.remote_system))
     driver = create_driver(cli_parsed)
     result, driver = capture_host(cli_parsed, http_object, driver)
     result = default_creds_category(result)

diff --git a/Python/modules/selenium_module.py b/Python/modules/selenium_module.py
@@ -105,7 +105,12 @@ def capture_host(cli_parsed, http_object, driver, ua=None):
 
     # Attempt to take the screenshot
     try:
+        # If cookie is presented we need to avoid cookie-averse error. To do so, we need to get the page twice.
         driver.get(http_object.remote_system)
+        if cli_parsed.cookies is not None:
+            for cookie in cli_parsed.cookies:
+                driver.add_cookie(cookie)
+            driver.get(http_object.remote_system)
     except KeyboardInterrupt:
         print('[*] Skipping: {0}'.format(http_object.remote_system))
         http_object.error_state = 'Skipped'
@@ -140,6 +145,10 @@ def capture_host(cli_parsed, http_object, driver, ua=None):
             http_object.error_state = None
             try:
                 driver.get(http_object.remote_system)
+                if cli_parsed.cookies is not None:
+                    for cookie in cli_parsed.cookies:
+                        driver.add_cookie(cookie)
+                    driver.get(http_object.remote_system)
                 break
             except TimeoutException:
                 # Another timeout results in an error state and a return