katana.units.web.logon_cookies
— Check Authentication Cookies¶
Add or adjust cookies after fake logon.
This unit will attempt to authenticate with the credentials guest/guest
and then adjust the found cookies to claim that this user has administrator
privileges.
It passes a User-Agent to act as a regular Firefox web browser.
This unit inherits from katana.units.web.WebUnit
as that contains
lots of predefined variables that can be used throughout multiple web units.
Warning
This unit automatically attempts to perform malicious actions on the target. DO NOT use this in any circumstances where you do not have the authority to operate!
-
class
katana.units.web.logon_cookies.
Unit
(*args, **kwargs) Bases:
katana.units.web.WebUnit
-
GROUPS
= ['web', 'cookies', 'logon_cookies'] These are “tags” for a unit. Considering it is a Web unit, “web” is included, as well as the name of the unit, “logon_cookies”.
-
PRIORITY
= 30 Priority works with 0 being the highest priority, and 100 being the lowest priority. 50 is the default priorty. This unit has moderately high priority due to speed and broadness of applicability
-
RECURSE_SELF
= False This unit does not recures into itself. It would not make sense to recurse on cookies
-
evaluate
(case) Evaluate the target. Authenticate to the site with a bogey login and then adjust or add cookies.
Parameters: case – A case returned by enumerate
. For this unit, theenumerate
function is not used.Returns: None. This function should not return any data.
-