diff --git a/lib/core/dicts.py b/lib/core/dicts.py index 2acc4736a..66d7e5627 100644 --- a/lib/core/dicts.py +++ b/lib/core/dicts.py @@ -197,5 +197,6 @@ SQL_STATEMENTS = { POST_HINT_CONTENT_TYPES = { POST_HINT.JSON: "application/json", - POST_HINT.SOAP: "application/soap+xml" + POST_HINT.SOAP: "application/soap+xml", + POST_HINT.XML: "application/xml" } diff --git a/lib/core/enums.py b/lib/core/enums.py index 18abc9cf7..62d45acde 100644 --- a/lib/core/enums.py +++ b/lib/core/enums.py @@ -68,6 +68,7 @@ class PLACE: class POST_HINT: SOAP = "SOAP" JSON = "JSON" + XML = "XML (generic)" class HTTPMETHOD: GET = "GET" diff --git a/lib/core/target.py b/lib/core/target.py index 980a19ed7..f5c6c7dcb 100644 --- a/lib/core/target.py +++ b/lib/core/target.py @@ -99,7 +99,7 @@ def __setRequestParams(): kb.postHint = POST_HINT.JSON elif re.search(SOAP_RECOGNITION_REGEX, conf.data): - message = "SOAP like data found in POST data. " + message = "SOAP/XML like data found in POST data. " message += "Do you want to process it? [Y/n/q] " test = readInput(message, default="Y") if test and test[0] in ("q", "Q"): @@ -107,7 +107,7 @@ def __setRequestParams(): elif test[0] not in ("n", "N"): conf.data = re.sub(r"(<([^>]+)( [^<]*)?>)([^<]+)(\g<4>*\g<5>", conf.data) kb.processUserMarks = True - kb.postHint = POST_HINT.SOAP + kb.postHint = POST_HINT.SOAP if "soap" in conf.data.lower() else POST_HINT.XML else: place = PLACE.POST diff --git a/lib/request/connect.py b/lib/request/connect.py index 3812a3fb3..9666d6f11 100644 --- a/lib/request/connect.py +++ b/lib/request/connect.py @@ -583,8 +583,8 @@ class Connect: logger.log(CUSTOM_LOGGING.PAYLOAD, safecharencode(payload)) if place == PLACE.CUSTOM_POST: - if kb.postHint == POST_HINT.SOAP: - # payloads in SOAP should have chars > and < replaced + if kb.postHint in (POST_HINT.SOAP, POST_HINT.XML): + # payloads in SOAP/XML should have chars > and < replaced # with their HTML encoded counterparts payload = payload.replace('>', ">").replace('<', "<") elif kb.postHint == POST_HINT.JSON: