Merge pull request #211 from duolaAOA/master

Post type Url auto-identification
s0md3v · Mar 15, 2019 · fc432e5 · fc432e5
2 parents 20dfc7f + 5abe0c3
commit fc432e5
Showing 1 changed file with 14 additions and 0 deletions.
diff --git a/modes/scan.py b/modes/scan.py
@@ -32,6 +32,20 @@ def scan(target, paramData, encoding, headers, delay, timeout, skipDOM, find, sk
             target = 'http://' + target
     logger.debug('Scan target: {}'.format(target))
     response = requester(target, {}, headers, GET, delay, timeout).text
+
+
+    foundMethod = 'GET'
+    find_post_method = re.findall(
+        r'<form.*?method=\'(.*?)\'.*?>|<form.*?method="(.*?)".*?>', response)
+    for method in find_post_method:
+        try:
+            foundMethod = method[1]
+        except UnboundLocalError:
+            pass
+
+    if foundMethod.upper() == 'POST':
+        GET, POST = (False, True)
+
     if not skipDOM:
         logger.run('Checking for DOM vulnerabilities')
         highlighted = dom(response)