diff --git a/lib/core/common.py b/lib/core/common.py index 409e5d8ff..4d6108788 100644 --- a/lib/core/common.py +++ b/lib/core/common.py @@ -2510,21 +2510,3 @@ def isBinaryData(value): if isinstance(value, basestring): retVal = reduce(lambda x, y: x or not (y in string.printable or ord(y) > 255), value, False) return retVal - -def getSafeHexEncodedBinaryData(value): - """ - Returns safe representation of given basestring value - - >>> getSafeEncodedBinaryData(u'test123') - u'test123' - >>> getSafeEncodedBinaryData(u'test\01\02\03') - u'test\\1\\2\\3' - """ - - retVal = value - if isinstance(value, basestring): - retVal = reduce(lambda x, y: x + (y if (y in string.printable or ord(y) > 255) else '\%x' % ord(y)), value, unicode()) - elif isinstance(value, list): - for i in xrange(len(value)): - retVal[i] = getSafeHexEncodedBinaryData(value[i]) - return retVal diff --git a/lib/core/convert.py b/lib/core/convert.py index fccff8186..a76041935 100644 --- a/lib/core/convert.py +++ b/lib/core/convert.py @@ -15,6 +15,7 @@ except: import pickle import sys +import string import struct import urllib @@ -126,3 +127,21 @@ def htmlescape(value): def htmlunescape(value): return value.replace('&', '&').replace('<', '<').replace('>', '>').replace('"', '"').replace(''', "'").replace(' ', ' ') + +def safehexencode(value): + """ + Returns safe hex representation of a given basestring value + + >>> safehexencode(u'test123') + u'test123' + >>> safehexencode(u'test\x01\x02\xff') + u'test\\01\\02\\03\\ff' + """ + + retVal = value + if isinstance(value, basestring): + retVal = reduce(lambda x, y: x + (y if (y in string.printable or ord(y) > 255) else '\%02x' % ord(y)), value, unicode()) + elif isinstance(value, list): + for i in xrange(len(value)): + retVal[i] = safehexencode(value[i]) + return retVal diff --git a/lib/request/inject.py b/lib/request/inject.py index f4c6f9297..de7cb1321 100644 --- a/lib/request/inject.py +++ b/lib/request/inject.py @@ -17,7 +17,6 @@ from lib.core.common import cleanQuery from lib.core.common import dataToSessionFile from lib.core.common import expandAsteriskForColumns from lib.core.common import getPublicTypeMembers -from lib.core.common import getSafeHexEncodedBinaryData from lib.core.common import initTechnique from lib.core.common import isNumPosStrValue from lib.core.common import isTechniqueAvailable @@ -28,6 +27,7 @@ from lib.core.common import randomInt from lib.core.common import readInput from lib.core.common import replaceNewlineTabs from lib.core.common import safeStringFormat +from lib.core.convert import safehexencode from lib.core.data import conf from lib.core.data import kb from lib.core.data import logger @@ -495,7 +495,7 @@ def getValue(expression, blind=True, inband=True, error=True, time=True, fromUse value = None if safeHexEncode: - value = getSafeHexEncodedBinaryData(value) + value = safehexencode(value) return value