From 45e2716fcd33046efdf694a0004659f3edc25f78 Mon Sep 17 00:00:00 2001
From: Oussama <oussama@cyberwatch.fr>
Date: Tue, 23 Jul 2024 11:28:56 +0200
Subject: [PATCH] =?UTF-8?q?Ajout=20d'une=20option=20--cookie-value=20Ajout?=
 =?UTF-8?q?er=20une=20option=20qui=20permet=20aux=20utilisateurs=20de=20fo?=
 =?UTF-8?q?urnir=20les=20cookies=20n=C3=A9cessaires=20pour=20le=20scan=20a?=
 =?UTF-8?q?uthentifi=C3=A9?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 doc/wapiti.1                      | 24 +++++++++++++++---------
 doc/wapiti.1.html                 |  9 +++++++--
 doc/wapiti.ronn                   |  6 ++++++
 wapitiCore/main/wapiti.py         |  3 +++
 wapitiCore/parsers/commandline.py | 10 ++++++++++
 5 files changed, 41 insertions(+), 11 deletions(-)

diff --git a/doc/wapiti.1 b/doc/wapiti.1
index 75282b250..983c87dc3 100644
--- a/doc/wapiti.1
+++ b/doc/wapiti.1
@@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "WAPITI" "1" "March 2024" "" ""
+.TH "WAPITI" "1" "August 2024" "" ""
 .
 .SH "NAME"
 \fBwapiti\fR \- A web application vulnerability scanner in Python
@@ -101,6 +101,9 @@ PROXY AND AUTHENTICATION OPTIONS:
 \fB\-c\fR, \fB\-\-cookie\fR \fICOOKIE_FILE_OR_BROWSER_NAME\fR
 .
 .IP "\(bu" 4
+\fB\-C\fR, \fB\-\-cookie\-value\fR \fICOOKIE_VALUE\fR
+.
+.IP "\(bu" 4
 \fB\-\-drop\-set\-cookie\fR
 .
 .IP "" 0
@@ -138,6 +141,9 @@ SCAN AND ATTACKS TUNING:
 \fB\-x\fR, \fB\-\-exclude\fR \fIURL\fR
 .
 .IP "\(bu" 4
+\fB\-\-swagger\fR \fIURL\fR
+.
+.IP "\(bu" 4
 \fB\-r\fR, \fB\-\-remove\fR \fIPARAMETER\fR
 .
 .IP "\(bu" 4
@@ -439,6 +445,9 @@ Load cookies from a Wapiti JSON cookie file\. See wapiti\-getcookie(1) for more
 You can also import cookies from your browser by passing "chrome" or "firefox" as value (MS Edge is not supported)\.
 .
 .IP "\(bu" 4
+\fB\-C\fR, \fB\-\-cookie\-value\fR \fICOOKIE_VALUE\fR Set cookies from a valid user cookies\. You can import all the session cookies by copying the value of the cookies sent with headers from a request sent by an authenticated user\. For example: \-\-cookie\-value "PHPSESSIONID=5f4dcc3b5aa765d61d8327deb882cf99;cookie_2=somevalue"
+.
+.IP "\(bu" 4
 \fB\-\-drop\-set\-cookie\fR
 .
 .br
@@ -526,22 +535,19 @@ Prevent the given URL from being scanned\. Common use is to exclude the logout U
 This option can be applied several times\. Excluded URL given as a parameter can contain wildcards for basic pattern matching\.
 .
 .IP "\(bu" 4
-\fB\-r\fR, \fB\-\-remove\fR \fIPARAMETER\fR
-.
-.br
-If the given parameter is found in scanned URL it will be automatically removed (URLs are edited)\.
+\fB\-\-swagger\fR \fIURL\fR
 .
 .br
-This option can be used several times\.
+Extract API requests from the specified Swagger file\. Extracted requests are added to the crawler\.
 .
 .IP "\(bu" 4
-\fB\-\-swagger\fR \fIURL\fR
+\fB\-r\fR, \fB\-\-remove\fR \fIPARAMETER\fR
 .
 .br
-Extract API requests from the specified Swagger file\.
+If the given parameter is found in scanned URL it will be automatically removed (URLs are edited)\.
 .
 .br
-Extracted requests are added to the crawler\.
+This option can be used several times\.
 .
 .IP "\(bu" 4
 \fB\-\-skip\fR \fIPARAMETER\fR
diff --git a/doc/wapiti.1.html b/doc/wapiti.1.html
index 3bdb6ecf6..8cfa663c1 100644
--- a/doc/wapiti.1.html
+++ b/doc/wapiti.1.html
@@ -141,6 +141,7 @@ <h2 id="OPTIONS-SUMMARY">OPTIONS SUMMARY</h2>
 <li><code>--form-enctype</code> <var>ENCTYPE</var></li>
 <li><code>--form-script</code> <var>FILENAME</var></li>
 <li><code>-c</code>, <code>--cookie</code> <var>COOKIE_FILE_OR_BROWSER_NAME</var></li>
+<li><code>-C</code>, <code>--cookie-value</code> <var>COOKIE_VALUE</var></li>
 <li><code>--drop-set-cookie</code></li>
 </ul>
 
@@ -317,6 +318,10 @@ <h2 id="PROXY-AND-AUTHENTICATION">PROXY AND AUTHENTICATION</h2>
 <li><p><code>-c</code>, <code>--cookie</code> <var>COOKIE_FILE_OR_BROWSER_NAME</var><br />
 Load cookies from a Wapiti JSON cookie file. See <span class="man-ref">wapiti-getcookie<span class="s">(1)</span></span> for more information.<br />
 You can also import cookies from your browser by passing "chrome" or "firefox" as value (MS Edge is not supported).</p></li>
+<li><p><code>-C</code>, <code>--cookie-value</code> <var>COOKIE_VALUE</var>
+Set cookies from a valid user cookies.
+You can import all the session cookies by copying the value of the cookies sent with headers from a request sent by an authenticated user.
+For example: --cookie-value "PHPSESSIONID=5f4dcc3b5aa765d61d8327deb882cf99;cookie_2=somevalue"</p></li>
 <li><p><code>--drop-set-cookie</code><br />
 Ignore cookies given in HTTP responses. Cookies that have been loaded using <code>-c</code> will be kept.</p></li>
 </ul>
@@ -360,7 +365,7 @@ <h2 id="SCAN-AND-ATTACKS-TUNING">SCAN AND ATTACKS TUNING</h2>
 This option can be applied several times. Excluded URL given as a parameter can contain wildcards for basic pattern matching.</p></li>
 <li><p><code>--swagger</code> <var>URL</var><br />
 Extract API requests from the specified Swagger file.
-Extracted requests are added to the crawler.
+Extracted requests are added to the crawler.</p></li>
 <li><p><code>-r</code>, <code>--remove</code> <var>PARAMETER</var><br />
 If the given parameter is found in scanned URL it will be automatically removed (URLs are edited).<br />
 This option can be used several times.</p></li>
@@ -525,7 +530,7 @@ <h2 id="SEE-ALSO">SEE ALSO</h2>
 
   <ol class='man-decor man-foot man foot'>
     <li class='tl'></li>
-    <li class='tc'>March 2024</li>
+    <li class='tc'>August 2024</li>
     <li class='tr'>wapiti(1)</li>
   </ol>
 
diff --git a/doc/wapiti.ronn b/doc/wapiti.ronn
index 64d5e27b8..3f801511b 100644
--- a/doc/wapiti.ronn
+++ b/doc/wapiti.ronn
@@ -49,6 +49,7 @@ PROXY AND AUTHENTICATION OPTIONS:
   * `--form-enctype` <ENCTYPE>
   * `--form-script` <FILENAME>
   * `-c`, `--cookie` <COOKIE_FILE_OR_BROWSER_NAME>
+  * `-C`, `--cookie-value` <COOKIE_VALUE>
   * `--drop-set-cookie`
 
 SESSION OPTIONS:
@@ -201,6 +202,11 @@ OTHER OPTIONS:
   * `-c`, `--cookie` <COOKIE_FILE_OR_BROWSER_NAME>  
     Load cookies from a Wapiti JSON cookie file. See wapiti-getcookie(1) for more information.  
     You can also import cookies from your browser by passing "chrome" or "firefox" as value (MS Edge is not supported).
+
+  * `-C`, `--cookie-value` <COOKIE_VALUE>
+    Set cookies from a valid user cookies.
+    You can import all the session cookies by copying the value of the cookies sent with headers from a request sent by an authenticated user.
+    For example: --cookie-value "PHPSESSIONID=5f4dcc3b5aa765d61d8327deb882cf99;cookie_2=somevalue"
     
   * `--drop-set-cookie`  
     Ignore cookies given in HTTP responses. Cookies that have been loaded using `-c` will be kept.
diff --git a/wapitiCore/main/wapiti.py b/wapitiCore/main/wapiti.py
index e9a851656..8c5673bba 100755
--- a/wapitiCore/main/wapiti.py
+++ b/wapitiCore/main/wapiti.py
@@ -284,6 +284,9 @@ async def wapiti_main():
         if "user_agent" in args:
             wap.add_custom_header("User-Agent", args.user_agent)
 
+        if "cookie_value" in args:
+            wap.add_custom_header("Cookie", args.cookie_value)
+
         for custom_header in args.headers:
             if ":" in custom_header:
                 hdr_name, hdr_value = custom_header.split(":", 1)
diff --git a/wapitiCore/parsers/commandline.py b/wapitiCore/parsers/commandline.py
index 47fc91832..04245225b 100644
--- a/wapitiCore/parsers/commandline.py
+++ b/wapitiCore/parsers/commandline.py
@@ -226,6 +226,16 @@ def parse_args():
         metavar="COOKIE_FILE"
     )
 
+    parser.add_argument(
+        "-C", "--cookie-value",
+        default=argparse.SUPPRESS,
+        help=("Set a cookie to use for every request for authenticated scan.\n"
+              "You can put multiple cookies separated by semicolons as a value"
+              ),
+        metavar="COOKIE_VALUE",
+        dest="cookie_value"
+    )
+
     parser.add_argument(
         "--drop-set-cookie",
         action="store_true",