STRLCPY/ghauri

■ ■ ■ ■ ■ ■

ghauri/common/utils.py

		skipped 1123 lines
1124	1124		injection_type=injection_type,
1125	1125		is_multipart=is_multipart,
1126	1126		)
	1127	+	if encode and is_json:
	1128	+	payload = urlencode(
	1129	+	value=payload,
	1130	+	decode_first=True,
	1131	+	injection_type=injection_type,
	1132	+	is_multipart=is_multipart,
	1133	+	)
1127	1134		key_to_split_by = urldecode(key)
1128	1135		if (
1129	1136		injection_type in ["GET", "POST", "COOKIE", "HEADER"]
		skipped 690 lines

■ ■ ■ ■ ■ ■

ghauri/dbms/fingerprint.py

		skipped 127 lines
128	128		text_only=self.text_only,
129	129		)
130	130		result = bool_retval.vulnerable
	131	+	if not result:
	132	+	attackt = self.check_boolean_expression(
	133	+	expression="QUARTER(NULL) IS NULL"
	134	+	)
	135	+	bool_retval = check_boolean_responses(
	136	+	self.base,
	137	+	attackt,
	138	+	attack01,
	139	+	match_string=self.match_string,
	140	+	not_match_string=self.not_match_string,
	141	+	code=self.code,
	142	+	text_only=self.text_only,
	143	+	)
	144	+	result = bool_retval.vulnerable
131	145		if result:
132	146		is_ok = False
133	147		if self._attacks:
		skipped 31 lines
165	179		text_only=self.text_only,
166	180		)
167	181		result = bool_retval.vulnerable
	182	+	if not result:
	183	+	attackt = self.check_boolean_expression(
	184	+	expression="QUARTER(NULL) IS NULL"
	185	+	)
	186	+	bool_retval = check_boolean_responses(
	187	+	self.base,
	188	+	attackt,
	189	+	self.attack01,
	190	+	match_string=self.match_string,
	191	+	not_match_string=self.not_match_string,
	192	+	code=self.code,
	193	+	text_only=self.text_only,
	194	+	)
	195	+	result = bool_retval.vulnerable
168	196		ok = False
169	197		if result:
170	198		logger.info(f"confirming MySQL")
		skipped 406 lines