Using alpha character as a boundary in union/error techniques (instead of ':') to support wider range of (output filtering) cases

lib/core/option.py

@@ -101,6 +101,7 @@ from lib.core.settings import DEFAULT_TOR_SOCKS_PORT
 from lib.core.settings import FIREBIRD_ALIASES
 from lib.core.settings import INJECT_HERE_MARK
 from lib.core.settings import IS_WIN
+from lib.core.settings import KB_CHARS_BOUNDARY_CHAR
 from lib.core.settings import LOCALHOST
 from lib.core.settings import MAXDB_ALIASES
 from lib.core.settings import MAX_CONNECT_RETRIES
@@ -1569,9 +1570,9 @@ def _setKnowledgeBaseAttributes(flushAll=True):
 
     kb.chars = AttribDict()
     kb.chars.delimiter = randomStr(length=6, lowercase=True)
-    kb.chars.start = ":%s:" % randomStr(length=3, lowercase=True)
-    kb.chars.stop = ":%s:" % randomStr(length=3, lowercase=True)
-    kb.chars.at, kb.chars.space, kb.chars.dollar, kb.chars.hash_ = (":%s:" % _ for _ in randomStr(length=4, lowercase=True))
+    kb.chars.start = "%s%s%s" % (KB_CHARS_BOUNDARY_CHAR, randomStr(length=3, lowercase=True), KB_CHARS_BOUNDARY_CHAR)
+    kb.chars.stop = "%s%s%s" % (KB_CHARS_BOUNDARY_CHAR, randomStr(length=3, lowercase=True), KB_CHARS_BOUNDARY_CHAR)
+    kb.chars.at, kb.chars.space, kb.chars.dollar, kb.chars.hash_ = ("%s%s%s" % (KB_CHARS_BOUNDARY_CHAR, _, KB_CHARS_BOUNDARY_CHAR) for _ in randomStr(length=4, lowercase=True))
 
     kb.commonOutputs = None
     kb.counters = {}

lib/core/settings.py

@@ -563,6 +563,9 @@ BRUTE_DOC_ROOT_SUFFIXES = ("", "html", "htdocs", "httpdocs", "php", "public", "s
 # String used for marking target name inside used brute force web server document root
 BRUTE_DOC_ROOT_TARGET_MARK = "%TARGET%"
 
+# Character used as a boundary in kb.chars (preferably less frequent letter)
+KB_CHARS_BOUNDARY_CHAR = 'q'
+
 # CSS style used in HTML dump format
 HTML_DUMP_CSS_STYLE = """<style>
 table{