PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-12-06 12:41:30 +00:00
Code Issues Projects Releases Wiki Activity

Minor patch for #3226

Browse Source
This commit is contained in:
Miroslav Stampar
2018-09-10 11:51:00 +02:00
parent 470b68a83c
commit c9a73aeed1
3 changed files with 6 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
lib/request/connect.py
View File

@@ -1243,11 +1243,11 @@ class Connect(object):
page, headers, code = Connect.getPage(url=conf.secondUrl, cookie=cookie, ua=ua, silent=silent, auxHeaders=auxHeaders, response=response, raise404=False, ignoreTimeout=timeBasedCompare, refreshing=True)
elif kb.secondReq and IDS_WAF_CHECK_PAYLOAD not in urllib.unquote(value or ""):
def _(value):
if CUSTOM_INJECTION_MARK_CHAR in (value or "") and kb.customInjectionMark:
if kb.customInjectionMark in (value or ""):
if payload is None:
value = value.replace(CUSTOM_INJECTION_MARK_CHAR, "")
value = value.replace(kb.customInjectionMark, "")
else:
value = re.sub(r"\w*%s" % re.escape(CUSTOM_INJECTION_MARK_CHAR), payload, value)
value = re.sub(r"\w*%s" % re.escape(kb.customInjectionMark), payload, value)
return value
page, headers, code = Connect.getPage(url=_(kb.secondReq[0]), post=_(kb.secondReq[2]), method=kb.secondReq[1], cookie=kb.secondReq[3], silent=silent, auxHeaders=dict(auxHeaders, **dict(kb.secondReq[4])), response=response, raise404=False, ignoreTimeout=timeBasedCompare, refreshing=True)