Merge bfe5d11452 into 6b48f6ec26

2025-07-29 17:39:56 +03:00 · 2017-04-14 10:41:18 +00:00 · 2017-04-14 10:41:18 +00:00 · 39601f7147
commit 39601f7147
parent 6b48f6ec26 bfe5d11452
2 changed files with 3 additions and 3 deletions
--- a/lib/request/connect.py
+++ b/lib/request/connect.py
@ -310,8 +310,8 @@ class Connect(object):

            elif target:
                if conf.forceSSL and urlparse.urlparse(url).scheme != "https":
-                    url = re.sub("\Ahttp:", "https:", url, re.I)
-                    url = re.sub(":80/", ":443/", url, re.I)
+                    url = re.compile("\Ahttp:", re.I).sub("https:", url)
+                    url = re.sub(":80/", ":443/", url)

                if PLACE.GET in conf.parameters and not get:
                    get = conf.parameters[PLACE.GET]
--- a/lib/techniques/union/use.py
+++ b/lib/techniques/union/use.py
@ -226,7 +226,7 @@ def unionUse(expression, unpack=True, dump=False):

    if expressionFieldsList and len(expressionFieldsList) > 1 and "ORDER BY" in expression.upper():
        # Removed ORDER BY clause because UNION does not play well with it
-        expression = re.sub("\s*ORDER BY\s+[\w,]+", "", expression, re.I)
+        expression = re.compile("\s*ORDER BY\s+[\w,]+", re.I).sub("", expression)
        debugMsg = "stripping ORDER BY clause from statement because "
        debugMsg += "it does not play well with UNION query SQL injection"
        singleTimeDebugMessage(debugMsg)