From 686fe4d0e9f75bc8216ec6103d634d9f0a5d7856 Mon Sep 17 00:00:00 2001
From: Miroslav Stampar <miroslav.stampar@gmail.com>
Date: Fri, 27 Jun 2014 14:22:00 +0200
Subject: [PATCH] Another patch for DNS exfiltration and boolean checks

---
 lib/request/inject.py | 13 ++++++++-----
 1 file changed, 8 insertions(+), 5 deletions(-)

diff --git a/lib/request/inject.py b/lib/request/inject.py
index 96efcae6a..e75b3d267 100644
--- a/lib/request/inject.py
+++ b/lib/request/inject.py
@@ -286,17 +286,20 @@ def _goBooleanProxy(expression):
 
     initTechnique(kb.technique)
 
+    query = agent.prefixQuery(kb.injection.data[kb.technique].vector)
+    query = agent.suffixQuery(query)
+    payload = agent.payload(newValue=query)
+    output = _goDns(payload, expression)
+
+    if output is not None:
+        return output
+
     vector = kb.injection.data[kb.technique].vector
     vector = vector.replace("[INFERENCE]", expression)
     query = agent.prefixQuery(vector)
     query = agent.suffixQuery(query)
     payload = agent.payload(newValue=query)
 
-    output = _goDns(payload, expression)
-
-    if output is not None:
-        return output
-
     timeBasedCompare = kb.technique in (PAYLOAD.TECHNIQUE.TIME, PAYLOAD.TECHNIQUE.STACKED)
 
     output = hashDBRetrieve(expression, checkConf=True)