major fix for MySQL error based injections

2025-03-03 11:45:46 +03:00 · 2010-10-19 15:17:16 +00:00 · 2010-10-19 15:17:16 +00:00 · d7622bb9cf
commit d7622bb9cf
parent 1fce9683f8
1 changed files with 5 additions and 0 deletions
--- a/lib/request/inject.py
+++ b/lib/request/inject.py
@ -355,11 +355,16 @@ def __goError(expression, resumeValue=True):
    result = Request.queryPage(urlencode(forgedPayload), content=True)

    match = re.search(temp.errorRegex, result[0], re.DOTALL | re.IGNORECASE)
+    #import pdb
+    #pdb.set_trace()
    if match:
        output = match.group('result')
        if output:
            output = output.replace("%c%c%c" % (58, 95, 58), " ").replace("%c%c%c" % (58, 120, 58), "") #':_:' -> EMPTY CHAR, ':x:' -> SPACE CHAR

+            if kb.dbms == "MySQL":
+                output = output[:-1]
+
    return output