unescaping of char marked payloads

This commit is contained in:
Miroslav Stampar 2011-01-24 12:00:16 +00:00
parent 4441e11f68
commit 8d0c2efbe2

View File

@ -183,7 +183,10 @@ def bisection(payload, expression, length=None, charsetType=None, firstChar=None
if CHAR_INFERENCE_MARK not in payload: if CHAR_INFERENCE_MARK not in payload:
forgedPayload = safeStringFormat(payload, (expressionUnescaped, idx, posValue)) forgedPayload = safeStringFormat(payload, (expressionUnescaped, idx, posValue))
else: else:
forgedPayload = safeStringFormat(payload, (expressionUnescaped, idx)).replace(CHAR_INFERENCE_MARK, chr(posValue) if posValue < 128 else decodeIntToUnicode(posValue)) # e.g.: ... > '%c' -> ... > ORD(..)
markingValue = "'%s'" % CHAR_INFERENCE_MARK
unescapedCharValue = unescaper.unescape(markingValue % chr(posValue) if posValue < 128 else decodeIntToUnicode(posValue))
forgedPayload = safeStringFormat(payload, (expressionUnescaped, idx)).replace(markingValue, unescapedCharValue)
queriesCount[0] += 1 queriesCount[0] += 1
result = Request.queryPage(forgedPayload, timeBasedCompare=timeBasedCompare, raise404=False) result = Request.queryPage(forgedPayload, timeBasedCompare=timeBasedCompare, raise404=False)