diff --git a/lib/core/common.py b/lib/core/common.py index d98d0e549..80b54dda8 100644 --- a/lib/core/common.py +++ b/lib/core/common.py @@ -61,6 +61,7 @@ from lib.core.settings import IS_WIN from lib.core.settings import PLATFORM from lib.core.settings import SITE from lib.core.settings import ERROR_PARSING_REGEXES +from lib.core.settings import NON_CONTROL_CHAR_REGEX from lib.core.settings import SQL_STATEMENTS from lib.core.settings import SUPPORTED_DBMS from lib.core.settings import UNKNOWN_DBMS_VERSION @@ -1823,6 +1824,13 @@ def filterStringValue(value, regex, replace=None): return retVal +def filterControlChars(value): + """ + Returns string value with control + chars being supstituted with ' ' + """ + return filterStringValue(output, NON_CONTROL_CHAR_REGEX, ' ') + def isDBMSVersionAtLeast(version): """ Checks if the recognized DBMS version diff --git a/lib/core/settings.py b/lib/core/settings.py index 73c2b04d4..0427c79b9 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -52,7 +52,7 @@ DUMP_STOP_MARKER = "__STOP__" PAYLOAD_DELIMITER = "\x00" CHAR_INFERENCE_MARK = "%c" -READABLE_CHAR_REGEX = r'[\ -~]' +NON_CONTROL_CHAR_REGEX = r'[^\x00-\x1f]' # coefficient used for a time-based query delay checking (must be >= 7) TIME_STDEV_COEFF = 10 diff --git a/lib/techniques/blind/inference.py b/lib/techniques/blind/inference.py index b4f379fbc..4935086b5 100644 --- a/lib/techniques/blind/inference.py +++ b/lib/techniques/blind/inference.py @@ -14,6 +14,7 @@ import traceback from lib.core.agent import agent from lib.core.common import dataToSessionFile from lib.core.common import dataToStdout +from lib.core.common import filterControlChars from lib.core.common import getCharset from lib.core.common import goGoodSamaritan from lib.core.common import getPartRun @@ -324,7 +325,7 @@ def bisection(payload, expression, length=None, charsetType=None, firstChar=None output += status if count != length else " "*len(status) iolock.acquire() - dataToStdout("\r[%s] [INFO] retrieved: %s" % (time.strftime("%X"), replaceNewlineTabs(output, stdout=True))) + dataToStdout("\r[%s] [INFO] retrieved: %s" % (time.strftime("%X"), filterControlChars(output))) iolock.release() if not kb.threadContinue: @@ -394,10 +395,10 @@ def bisection(payload, expression, length=None, charsetType=None, firstChar=None if partialValue: finalValue = partialValue - infoMsg = "\r[%s] [INFO] partially retrieved: %s" % (time.strftime("%X"), finalValue) + infoMsg = "\r[%s] [INFO] partially retrieved: %s" % (time.strftime("%X"), filterControlChars(finalValue)) else: finalValue = "".join(value) - infoMsg = "\r[%s] [INFO] retrieved: %s" % (time.strftime("%X"), finalValue) + infoMsg = "\r[%s] [INFO] retrieved: %s" % (time.strftime("%X"), filterControlChars(finalValue)) if isinstance(finalValue, basestring) and len(finalValue) > 0: dataToSessionFile(replaceNewlineTabs(finalValue)) @@ -499,7 +500,7 @@ def bisection(payload, expression, length=None, charsetType=None, firstChar=None dataToStdout("\n") if ( conf.verbose in ( 1, 2 ) and showEta ) or conf.verbose >= 3: - infoMsg = "retrieved: %s" % finalValue + infoMsg = "retrieved: %s" % filterControlChars(finalValue) logger.info(infoMsg) if not partialValue: