csrf regex -update

2022-12-27 19:30:11 +05:30 · 2022-12-27 19:30:11 +05:30 · ff14e71422
parent 4c847ecb89
commit ff14e71422
1 changed files with 13 additions and 12 deletions
--- a/default-logins/kanboard-default-login.yaml
+++ b/default-logins/kanboard-default-login.yaml
@ -25,7 +25,7 @@ requests:
        Host: {{Hostname}}
        Content-Type: application/x-www-form-urlencoded

-        username={{user}}&password={{pass}}&csrf_token={{token}}
+        username={{user}}&password={{pass}}&csrf_token={{csrf_token}}

      - |
        GET /?controller=DashboardController&action=show HTTP/1.1
@ -37,24 +37,25 @@ requests:
        - admin
      pass:
        - admin
-
+    extractors:
+      - type: regex
+        name: csrf_token
+        part: body
+        internal: true
+        group: 1
+        regex:
+          - "hidden\" name=\"csrf_token\" value=\"([0-9a-z]+)\""
+          
    cookie-reuse: true
    matchers-condition: and
    matchers:
      - type: word
        words:
-          - 'kanboard'
-          - 'admin'
+          - 'New project'
+          - 'Project management'
        condition: and
+        case-insensitive: true

      - type: status
        status:
          - 200
-
-    extractors:
-      - type: regex
-        name: token
-        part: body
-        regex:
-          - '([a-f0-9]{64})'
-        internal: true