more changes regarding path (URI) injection

2025-03-14 15:14:31 +03:00 · 2010-09-24 09:19:14 +00:00 · 2010-09-24 09:19:14 +00:00 · ff419f7384
commit ff419f7384
parent 78ba5da4f7
2 changed files with 12 additions and 4 deletions
--- a/lib/core/agent.py
+++ b/lib/core/agent.py
@ -102,7 +102,7 @@ class Agent:
        # Before identifing the injectable parameter
        elif parameter == "User-Agent":
            retValue = value.replace(value, newValue)
-        elif parameter == "URI":
+        elif place == "URI":
            retValue = value.replace("*", " %s " % newValue.replace(value, str()))
        else:
            paramString = conf.parameters[place]
--- a/lib/core/target.py
+++ b/lib/core/target.py
@ -83,10 +83,18 @@ def __setRequestParams():

        conf.method = "POST"

-    if '*' in conf.url:
+    if "*" in conf.url:
        conf.parameters["URI"] = conf.url
-        conf.paramDict["URI"] = { "URI": conf.url } # similar as for User-Agent
-        conf.url = conf.url.replace('*', '')
+        conf.paramDict["URI"] = {}
+        parts = conf.url.split("*")
+        for i in range(len(parts)-1):
+            result = str()
+            for j in range(len(parts)):
+                result += parts[j]
+                if i == j:
+                    result += "*"
+            conf.paramDict["URI"]["#%d" % (i+1)] = result
+        conf.url = conf.url.replace("*", str())
        __testableParameters = True

    # Perform checks on Cookie parameters