PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-12-06 12:41:30 +00:00
Code Issues Projects Releases Wiki Activity

Fixes #4976

Browse Source
This commit is contained in:
Miroslav Stampar
2022-02-10 23:11:15 +01:00
parent 292cc5fe59
commit 74ecc72588
2 changed files with 7 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
lib/request/connect.py
View File

@@ -1250,6 +1250,12 @@ class Connect(object):
origValue = match.group("value")
newValue = randomizeParameterValue(origValue) if randomParameter not in kb.randomPool else random.sample(kb.randomPool[randomParameter], 1)[0]
retVal = re.sub(r"(\A|\b)%s=[^&;]*" % re.escape(randomParameter), "%s=%s" % (randomParameter, newValue), paramString)
else:
match = re.search(r"(\A|\b)(%s\b[^\w]+)(?P<value>\w+)" % re.escape(randomParameter), paramString)
if match:
origValue = match.group("value")
newValue = randomizeParameterValue(origValue) if randomParameter not in kb.randomPool else random.sample(kb.randomPool[randomParameter], 1)[0]
retVal = paramString.replace(match.group(0), "%s%s" % (match.group(2), newValue))
return retVal
for randomParameter in conf.rParam: