💡 [REQUEST] - Implement http_request action type

[d0n601]

Implementation PR

No response

Reference Issues

No response

Summary

We should have a step/action type called http_request that works like this:

GET

---
 http_request: https://facebook.com
    type: GET
    proxy: http://localhost:8080
    cleanup:
      inline: |
        echo "No cleanup required."

POST

    http_request: https://api.someexample.com/api/v1/someendoint/
    type: POST
    headers:
      - field: User-Agent
        value: {{.Args.user_agent}}
      - field: Content-Type
        value: application/x-www-form-urlencoded; charset=UTF-8
      - field: Accepted-Encoding
        value: gzip, deflate
    body: >
      params={
        "client_input_params": {
          "username_input": "",
        },
        "server_params": {
          "is_from_logged_out": 0,
          "device_id": "android-3072a22f5cc5db69",
          "waterfall_id": null,
          "event_source": "login_home_page",
        }
      }
      bloks_versioning_id=bda53c582346682c04dc1a0c2e6c3a8722128bacb46018428c2e82f7376c46f7
    regex: |
      [^"]*arm
    cleanup:
      inline: |
        echo "No cleanup required."

The fields shouldhave the following meaning:

http_request: 
  `url`: URL to which the request is made.
  `type`: The http request type (GET, POST, PUT, PATCH, DELETE).
  `headers`: The http request headers, `field` and `value`.
  `parameters`: The http request parameters, `name` and `value`.
  `body`:  String for request body data.
  `proxy`: The http proxy to use for requests
  `regex`: Regular expression, if specified return only matching string. 
  `response`: Shell variable name to store request's response. 

Basic Example

see above

Drawbacks

It is an additional action type, and a potentially complex one at that. This seems very useful for automating kill chains with many http requests.

Unresolved questions

No response