Patch for an Issue #611 (original page used in case of tamper functions was wrong - e.g. if --tamper=base64encode was used)

2025-12-06 20:51:31 +00:00 · 2014-02-25 13:48:34 +01:00
parent 2a423d61ef
commit edc8ef9d5b
1 changed files with 3 additions and 0 deletions
--- a/lib/controller/checks.py
+++ b/lib/controller/checks.py
@@ -324,6 +324,9 @@ def checkSqlInjection(place, parameter, value):
                    # test's <where> tag
                    if where == PAYLOAD.WHERE.ORIGINAL or conf.prefix:
                        origValue = value
+
+                        if kb.tamperFunctions:
+                            templatePayload = agent.payload(place, parameter, value="", newValue=origValue, where=where)
                    elif where == PAYLOAD.WHERE.NEGATIVE:
                        # Use different page template than the original
                        # one as we are changing parameters value, which