Proper english (--postfix is now --suffix) and --string/--regexp does not necessarily need to match into the original response body, it might well be in the injected True condition only!

2025-12-06 20:51:31 +00:00 · 2010-11-17 22:00:09 +00:00
parent ca5125bbe0
commit 17486e472a
20 changed files with 77 additions and 78 deletions
--- a/lib/utils/parenthesis.py
+++ b/lib/utils/parenthesis.py
@@ -37,7 +37,7 @@ def checkForParenthesis():
    if kb.parenthesis is not None:
        return

-    if conf.prefix or conf.postfix:
+    if conf.prefix or conf.suffix:
        kb.parenthesis = 0
        return

@@ -46,7 +46,7 @@ def checkForParenthesis():
        randStr = randomStr()

        query = case.usage.prefix.format % eval(case.usage.prefix.params)
-        query = query[:-1] + case.usage.postfix.format % eval(case.usage.postfix.params)
+        query = query[:-1] + case.usage.suffix.format % eval(case.usage.suffix.params)

        payload = agent.payload(newValue=query)
        result = Request.queryPage(payload)