PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-12-06 12:41:30 +00:00
Code Issues Projects Releases Wiki Activity

Implementation for an Issue #48

Browse Source
This commit is contained in:
Miroslav Stampar
2013-01-13 16:22:43 +01:00
parent 81848c723d
commit 03dd958d96
5 changed files with 43 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
lib/core/agent.py
View File

@@ -90,6 +90,10 @@ class Agent(object):
paramString = origValue
origValue = origValue.split(CUSTOM_INJECTION_MARK_CHAR)[0]
origValue = extractRegexResult(r"(?s)(?P<result>(\W+\Z|\w+\Z))", origValue)
elif place == PLACE.CUSTOM_HEADER:
paramString = origValue
origValue = origValue.split(CUSTOM_INJECTION_MARK_CHAR)[0]
origValue = origValue[origValue.index(',') + 1:]
if value is None:
if where == PAYLOAD.WHERE.ORIGINAL:
@@ -115,7 +119,7 @@ class Agent(object):
newValue = self.cleanupPayload(newValue, origValue)
if place in (PLACE.URI, PLACE.CUSTOM_POST):
if place in (PLACE.URI, PLACE.CUSTOM_POST, PLACE.CUSTOM_HEADER):
_ = "%s%s" % (origValue, CUSTOM_INJECTION_MARK_CHAR)
if kb.postHint == POST_HINT.JSON and not isNumber(newValue) and not '"%s"' % _ in paramString:
newValue = '"%s"' % newValue