From 304c9822bd36b32c749bb8cd2b0b7492af178ad5 Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Thu, 17 Oct 2013 16:38:07 +0200 Subject: [PATCH] Patch for an Issue #545 --- lib/core/agent.py | 6 ++++-- lib/core/settings.py | 2 +- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/lib/core/agent.py b/lib/core/agent.py index 0a4a52791..db0b5663f 100644 --- a/lib/core/agent.py +++ b/lib/core/agent.py @@ -961,14 +961,16 @@ class Agent(object): Extracts payload from inside of the input string """ - return extractRegexResult("(?s)%s(?P.*?)%s" % (PAYLOAD_DELIMITER, PAYLOAD_DELIMITER), inpStr) + _ = re.escape(PAYLOAD_DELIMITER) + return extractRegexResult("(?s)%s(?P.*?)%s" % (_, _), inpStr) def replacePayload(self, inpStr, payload): """ Replaces payload inside the input string with a given payload """ - return re.sub("(%s.*?%s)" % (PAYLOAD_DELIMITER, PAYLOAD_DELIMITER), ("%s%s%s" % (PAYLOAD_DELIMITER, payload, PAYLOAD_DELIMITER)).replace("\\", r"\\"), inpStr) if inpStr else inpStr + _ = re.escape(PAYLOAD_DELIMITER) + return re.sub("(%s.*?%s)" % (_, _), ("%s%s%s" % (PAYLOAD_DELIMITER, payload, PAYLOAD_DELIMITER)).replace("\\", r"\\"), inpStr) if inpStr else inpStr def runAsDBMSUser(self, query): if conf.dbmsCred and "Ad Hoc Distributed Queries" not in query: diff --git a/lib/core/settings.py b/lib/core/settings.py index d6ce3ed75..c13cbd212 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -43,7 +43,7 @@ URI_QUESTION_MARKER = "__QUESTION_MARK__" ASTERISK_MARKER = "__ASTERISK_MARK__" REPLACEMENT_MARKER = "__REPLACEMENT_MARK__" -PAYLOAD_DELIMITER = "\x00" +PAYLOAD_DELIMITER = "\x00\x00\x00" CHAR_INFERENCE_MARK = "%c" PRINTABLE_CHAR_REGEX = r"[^\x00-\x1f\x7f-\xff]"