sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-07-27 08:30:10 +03:00
Code Issues Packages Projects Releases Wiki Activity

Adds support for [] and null in JSON values.

Browse Source
This commit is contained in:
Henri Salo 2020-05-01 10:01:49 +03:00
parent 881d767df8
commit 8c4516efa7
1 changed files with 13 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
lib/core/common.py
View File

@ -676,7 +676,13 @@ def paramToDict(place, parameters=None):
for key in current.keys(): for key in current.keys():
value = current[key] value = current[key]
if isinstance(value, (list, tuple, set, dict)): if isinstance(value, (list, tuple, set, dict)):
if value: original = current[key]
if str(value) == "['']":
current[key] = "['%s']" % BOUNDED_INJECTION_MARKER
candidates["%s (%s)" % (parameter, key)] = re.sub(r"\b(%s\s*=\s*)%s" % (re.escape(parameter), re.escape(testableParameters[parameter])), r"\g<1>%s" % json.dumps(deserialized, separators=(',', ':') if ", " not in testableParameters[parameter] else None), parameters)
current[key] = original
walk(head, value)
elif value:
walk(head, value) walk(head, value)
elif isinstance(value, (bool, int, float, six.string_types)): elif isinstance(value, (bool, int, float, six.string_types)):
original = current[key] original = current[key]
@ -687,7 +693,12 @@ def paramToDict(place, parameters=None):
candidates["%s (%s)" % (parameter, key)] = re.sub(r"\b(%s\s*=\s*)%s" % (re.escape(parameter), re.escape(testableParameters[parameter])), r"\g<1>%s" % json.dumps(deserialized, separators=(',', ':') if ", " not in testableParameters[parameter] else None), parameters) candidates["%s (%s)" % (parameter, key)] = re.sub(r"\b(%s\s*=\s*)%s" % (re.escape(parameter), re.escape(testableParameters[parameter])), r"\g<1>%s" % json.dumps(deserialized, separators=(',', ':') if ", " not in testableParameters[parameter] else None), parameters)
current[key] = original current[key] = original
deserialized = json.loads(testableParameters[parameter]) # Changes null to "null" in JSON value,
# Otherwise it is None in Python.
null_fixed = re.sub(r'null', '"null"', str(testableParameters[parameter]))
# Changes [] to [""] in JSON value.
brackets_fixed = re.sub(r'\[\]', '[""]', str(null_fixed))
deserialized = json.loads(brackets_fixed)
walk(deserialized) walk(deserialized)
if candidates: if candidates: