PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-12-06 04:31:30 +00:00
Code Issues Projects Releases Wiki Activity

Dirty patch for #5488

Browse Source
This commit is contained in:
Miroslav Stampar
2023-08-19 10:02:29 +02:00
parent 3e98fabd23
commit ccc38abff6
2 changed files with 6 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
lib/core/agent.py
View File

@@ -185,6 +185,11 @@ class Agent(object):
newValue = newValue.replace(BOUNDARY_BACKSLASH_MARKER, '\\')
newValue = self.adjustLateValues(newValue)
# NOTE: https://github.com/sqlmapproject/sqlmap/issues/5488
if kb.customInjectionMark in origValue:
payload = newValue.replace(origValue, "")
newValue = origValue.replace(kb.customInjectionMark, payload)
# TODO: support for POST_HINT
newValue = "%s%s%s" % (BOUNDED_BASE64_MARKER, newValue, BOUNDED_BASE64_MARKER)