From 75279ea75aaf2ecbe73badea23e01ed6ee912aca Mon Sep 17 00:00:00 2001
From: Miroslav Stampar <miroslav.stampar@gmail.com>
Date: Fri, 27 Jun 2014 13:07:34 +0200
Subject: [PATCH] Fix for DNS exfiltration of boolean checks

---
 lib/request/inject.py | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/lib/request/inject.py b/lib/request/inject.py
index c8bdf5db5..27caeaa87 100644
--- a/lib/request/inject.py
+++ b/lib/request/inject.py
@@ -71,7 +71,7 @@ def _goInference(payload, expression, charsetType=None, firstChar=None, lastChar
 
     value = _goDns(payload, expression)
 
-    if value:
+    if value is not None:
         return value
 
     timeBasedCompare = (kb.technique in (PAYLOAD.TECHNIQUE.TIME, PAYLOAD.TECHNIQUE.STACKED))
@@ -291,6 +291,12 @@ def _goBooleanProxy(expression):
     query = agent.prefixQuery(vector)
     query = agent.suffixQuery(query)
     payload = agent.payload(newValue=query)
+
+    output = _goDns(payload, expression)
+
+    if output is not None:
+        return output
+
     timeBasedCompare = kb.technique in (PAYLOAD.TECHNIQUE.TIME, PAYLOAD.TECHNIQUE.STACKED)
 
     output = hashDBRetrieve(expression, checkConf=True)