STRLCPY/ghauri

fixed issue when --confirm switch is used, Ghauri throws an error on confirming injectable payload. (switch is used for patch verification..)
r0oth3x49 committed 1 year ago

49f956d9

1 parent f6d3e74e

Total 1 files

■ ■ ■ ■ ■ ■

ghauri/core/tests.py

		skipped 1717 lines
1718	1718		title = res.title
1719	1719		vector = res.vector
1720	1720		backend = res.backend
1721		-	param_json = vars(res.parameter)
	1721	+	param_json = res.parameter
1722	1722		param_name = res.parameter.key
1723	1723		param_value = res.parameter.value.replace("*", "")
1724	1724		if payload_type == "boolean-based blind":
		skipped 21 lines
1746	1746		expression01 = expression01.replace(
1747	1747		"[ORIGVALUE]", param_value.replace("*", "")
1748	1748		)
	1749	+	logger.payload(expression)
1749	1750		try:
1750	1751		attack = inject_expression(
1751	1752		url=url,
		skipped 89 lines
1841	1842		string, backend=backend, to_str=to_str, to_char=to_char
1842	1843		),
1843	1844		)
	1845	+	logger.payload(expression)
1844	1846		try:
1845	1847		attack = inject_expression(
1846	1848		url=url,
		skipped 40 lines
1887	1889		expression = vector.replace(
1888	1890		"[INFERENCE]", "03567=3567"
1889	1891		).replace("[SLEEPTIME]", f"{sleep_time}")
	1892	+	logger.payload(expression)
1890	1893		try:
1891	1894		attack = inject_expression(
1892	1895		url=url,
		skipped 61 lines
1954	1957		expression = vector.replace(
1955	1958		"[INFERENCE]", "03567=3567"
1956	1959		).replace("[SLEEPTIME]", f"{sleep_time}")
	1960	+	logger.payload(expression)
1957	1961		try:
1958	1962		attack = inject_expression(
1959	1963		url=url,
		skipped 572 lines