Fixes #1202

lib/controller/controller.py

@@ -30,6 +30,8 @@ from lib.core.common import hashDBWrite
 from lib.core.common import intersect
 from lib.core.common import isListLike
 from lib.core.common import parseTargetUrl
+from lib.core.common import popValue
+from lib.core.common import pushValue
 from lib.core.common import randomStr
 from lib.core.common import readInput
 from lib.core.common import safeCSValue
@@ -488,6 +490,10 @@ def start():
                         kb.testedParams.add(paramKey)
 
                         if testSqlInj:
+                            if place == PLACE.COOKIE:
+                                pushValue(kb.mergeCookies)
+                                kb.mergeCookies = False
+
                             check = heuristicCheckSqlInjection(place, parameter)
 
                             if check != HEURISTIC_TEST.POSITIVE:
@@ -523,6 +529,9 @@ def start():
                                 warnMsg += "injectable"
                                 logger.warn(warnMsg)
 
+                            if place == PLACE.COOKIE:
+                                kb.mergeCookies = popValue()
+
             if len(kb.injections) == 0 or (len(kb.injections) == 1 and kb.injections[0].place is None):
                 if kb.vainRun and not conf.multipleTargets:
                     errMsg = "no parameter(s) found for testing in the provided data "

lib/request/basic.py

@@ -94,7 +94,7 @@ def forgeHeaders(items=None):
                         _ = readInput(message, default="Y")
                         kb.mergeCookies = not _ or _[0] in ("y", "Y")
 
-                    if kb.mergeCookies:
+                    if kb.mergeCookies and kb.injection.place != PLACE.COOKIE:
                         _ = lambda x: re.sub(r"(?i)\b%s=[^%s]+" % (re.escape(cookie.name), conf.cookieDel or DEFAULT_COOKIE_DELIMITER), "%s=%s" % (cookie.name, getUnicode(cookie.value)), x)
                         headers[HTTP_HEADER.COOKIE] = _(headers[HTTP_HEADER.COOKIE])