From 2ffdee57331f1fff74fb08e7ff42b3aa16639767 Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Wed, 26 Feb 2014 11:41:48 +0100 Subject: [PATCH] Bug fix for PAYLOAD.WHERE.REPLACE payloads containing custom injection marker ([ORIGVALUE] was screwed) --- lib/controller/checks.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/lib/controller/checks.py b/lib/controller/checks.py index 99b4b70b2..ffdcd19ae 100644 --- a/lib/controller/checks.py +++ b/lib/controller/checks.py @@ -253,7 +253,7 @@ def checkSqlInjection(place, parameter, value): # Parse test's comment = agent.getComment(test.request) if len(conf.boundaries) > 1 else None - fstPayload = agent.cleanupPayload(test.request.payload, origValue=value) + fstPayload = agent.cleanupPayload(test.request.payload, origValue=value if place not in (PLACE.URI, PLACE.CUSTOM_POST, PLACE.CUSTOM_HEADER) else None) # Favoring non-string specific boundaries in case of digit-like parameter values if value.isdigit(): @@ -359,13 +359,13 @@ def checkSqlInjection(place, parameter, value): # payload was successful # Parse test's for method, check in test.response.items(): - check = agent.cleanupPayload(check, origValue=value) + check = agent.cleanupPayload(check, origValue=value if place not in (PLACE.URI, PLACE.CUSTOM_POST, PLACE.CUSTOM_HEADER) else None) # In case of boolean-based blind SQL injection if method == PAYLOAD.METHOD.COMPARISON: # Generate payload used for comparison def genCmpPayload(): - sndPayload = agent.cleanupPayload(test.response.comparison, origValue=value) + sndPayload = agent.cleanupPayload(test.response.comparison, origValue=value if place not in (PLACE.URI, PLACE.CUSTOM_POST, PLACE.CUSTOM_HEADER) else None) # Forge response payload by prepending with # boundary's prefix and appending the boundary's