PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-12-06 12:41:30 +00:00
Code Issues Projects Releases Wiki Activity

URI injection patch (on request by @bojanisc)

Browse Source
This commit is contained in:
Miroslav Stampar
2019-01-13 12:07:46 +01:00
parent d086b2aca0
commit c0d4db3aba
3 changed files with 4 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
lib/core/agent.py
View File

@@ -107,7 +107,7 @@ class Agent(object):
else:
origValue = filter(None, (re.search(_, origValue.split(BOUNDED_INJECTION_MARKER)[0]) for _ in (r"\w+\Z", r"[^\"'><]+\Z", r"[^ ]+\Z")))[0].group(0)
origValue = origValue[origValue.rfind('/') + 1:]
for char in ('?', '=', ':', ','):
for char in ('?', '=', ':', ',', '&'):
if char in origValue:
origValue = origValue[origValue.rfind(char) + 1:]
elif place == PLACE.CUSTOM_POST: