PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-12-07 13:11:29 +00:00
Code Issues Projects Releases Wiki Activity

Implements #3834

Browse Source
This commit is contained in:
Miroslav Stampar
2019-07-19 12:17:07 +02:00
parent bd1ea4fd73
commit 0bc5069042
4 changed files with 25 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
lib/request/connect.py
View File

@@ -7,6 +7,7 @@ See the file 'LICENSE' for copying permission
import binascii
import logging
import random
import re
import socket
import string
@@ -1102,7 +1103,8 @@ class Connect(object):
match = re.search(r"(\A|\b)%s=(?P<value>[^&;]*)" % re.escape(randomParameter), paramString)
if match:
origValue = match.group("value")
retVal = re.sub(r"(\A|\b)%s=[^&;]*" % re.escape(randomParameter), "%s=%s" % (randomParameter, randomizeParameterValue(origValue)), paramString)
newValue = randomizeParameterValue(origValue) if randomParameter not in kb.randomPool else random.sample(kb.randomPool[randomParameter], 1)[0]
retVal = re.sub(r"(\A|\b)%s=[^&;]*" % re.escape(randomParameter), "%s=%s" % (randomParameter, newValue), paramString)
return retVal
for randomParameter in conf.rParam: