PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-12-06 12:41:30 +00:00
Code Issues Projects Releases Wiki Activity

few updates

Browse Source
This commit is contained in:
Miroslav Stampar
2011-02-25 09:35:24 +00:00
parent aa88361ab1
commit 2bbbc9a41e
2 changed files with 11 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
lib/core/common.py
View File

@@ -2395,13 +2395,16 @@ def removeReflectiveValues(content, payload):
(e.g. ?search=sql injection ---> ...value="sql%20injection")
"""
payload = payload.replace(PAYLOAD_DELIMITER, '')
retVal = content
regex = filterStringValue(payload, r'[A-Za-z0-9]', r'[^\s]+')
retVal = re.sub(regex, REFLECTED_VALUE_MARKER, content)
if all([content, payload]):
payload = payload.replace(PAYLOAD_DELIMITER, '')
if retVal != content:
warnMsg = "reflective value found and filtered out"
logger.warn(warnMsg)
regex = filterStringValue(payload, r'[A-Za-z0-9]', r'[^\s]+')
retVal = re.sub(regex, REFLECTED_VALUE_MARKER, content)
if retVal != content:
debugMsg = "reflective value found and filtered out"
logger.debug(debugMsg)
return retVal