3535from lib .core .settings import PGSQL_ALIASES
3636from lib .core .settings import ORACLE_ALIASES
3737
38+ def safeFormatString (value ):
39+ retVal = value
40+ if retVal :
41+ retVal = retVal .replace ("[" , "__LEFT_SQUARE_BRACKET__" ).replace ("]" , "__RIGHT_SQUARE_BRACKET__" )
42+ return retVal
43+
44+ def unSafeFormatString (value ):
45+ retVal = value
46+ if retVal :
47+ retVal = retVal .replace ("__LEFT_SQUARE_BRACKET__" , "[" ).replace ("__RIGHT_SQUARE_BRACKET__" , "]" )
48+ return retVal
49+
3850def setString ():
3951 """
4052 Save string to match in session file.
@@ -46,7 +58,7 @@ def setString():
4658 )
4759
4860 if condition :
49- dataToSessionFile ("[%s][None][None][String][%s]\n " % (conf .url , conf .string ))
61+ dataToSessionFile ("[%s][None][None][String][%s]\n " % (conf .url , safeFormatString ( conf .string ) ))
5062
5163def setRegexp ():
5264 """
@@ -59,7 +71,7 @@ def setRegexp():
5971 )
6072
6173 if condition :
62- dataToSessionFile ("[%s][None][None][Regular expression][%s]\n " % (conf .url , conf .regexp ))
74+ dataToSessionFile ("[%s][None][None][Regular expression][%s]\n " % (conf .url , safeFormatString ( conf .regexp ) ))
6375
6476def setMatchRatio ():
6577 condition = (
@@ -90,9 +102,9 @@ def setInjection():
90102 )
91103
92104 if condition :
93- dataToSessionFile ("[%s][%s][%s][Injection point][%s]\n " % (conf .url , kb .injPlace , conf .parameters [kb .injPlace ], kb .injPlace ))
94- dataToSessionFile ("[%s][%s][%s][Injection parameter][%s]\n " % (conf .url , kb .injPlace , conf .parameters [kb .injPlace ], kb .injParameter ))
95- dataToSessionFile ("[%s][%s][%s][Injection type][%s]\n " % (conf .url , kb .injPlace , conf .parameters [kb .injPlace ], kb .injType ))
105+ dataToSessionFile ("[%s][%s][%s][Injection point][%s]\n " % (conf .url , kb .injPlace , safeFormatString ( conf .parameters [kb .injPlace ]) , kb .injPlace ))
106+ dataToSessionFile ("[%s][%s][%s][Injection parameter][%s]\n " % (conf .url , kb .injPlace , safeFormatString ( conf .parameters [kb .injPlace ]) , kb .injParameter ))
107+ dataToSessionFile ("[%s][%s][%s][Injection type][%s]\n " % (conf .url , kb .injPlace , safeFormatString ( conf .parameters [kb .injPlace ]) , kb .injType ))
96108
97109def setParenthesis (parenthesisCount ):
98110 """
@@ -107,7 +119,7 @@ def setParenthesis(parenthesisCount):
107119 )
108120
109121 if condition :
110- dataToSessionFile ("[%s][%s][%s][Parenthesis][%s]\n " % (conf .url , kb .injPlace , conf .parameters [kb .injPlace ], parenthesisCount ))
122+ dataToSessionFile ("[%s][%s][%s][Parenthesis][%s]\n " % (conf .url , kb .injPlace , safeFormatString ( conf .parameters [kb .injPlace ]) , parenthesisCount ))
111123
112124 kb .parenthesis = parenthesisCount
113125
@@ -125,7 +137,7 @@ def setDbms(dbms):
125137 )
126138
127139 if condition :
128- dataToSessionFile ("[%s][%s][%s][DBMS][%s]\n " % (conf .url , kb .injPlace , conf .parameters [kb .injPlace ], dbms ))
140+ dataToSessionFile ("[%s][%s][%s][DBMS][%s]\n " % (conf .url , kb .injPlace , safeFormatString ( conf .parameters [kb .injPlace ]), safeFormatString ( dbms ) ))
129141
130142 firstRegExp = "(%s|%s|%s|%s)" % ("|" .join ([alias for alias in MSSQL_ALIASES ]),
131143 "|" .join ([alias for alias in MYSQL_ALIASES ]),
@@ -185,7 +197,7 @@ def setOs():
185197 logger .info (infoMsg )
186198
187199 if condition :
188- dataToSessionFile ("[%s][%s][%s][OS][%s]\n " % (conf .url , kb .injPlace , conf .parameters [kb .injPlace ], kb .os ))
200+ dataToSessionFile ("[%s][%s][%s][OS][%s]\n " % (conf .url , kb .injPlace , safeFormatString ( conf .parameters [kb .injPlace ]), safeFormatString ( kb .os ) ))
189201
190202def setStacked ():
191203 condition = (
@@ -197,7 +209,7 @@ def setStacked():
197209 return
198210
199211 if condition :
200- dataToSessionFile ("[%s][%s][%s][Stacked queries][%s]\n " % (conf .url , kb .injPlace , conf .parameters [kb .injPlace ], kb .stackedTest ))
212+ dataToSessionFile ("[%s][%s][%s][Stacked queries][%s]\n " % (conf .url , kb .injPlace , safeFormatString ( conf .parameters [kb .injPlace ]) , kb .stackedTest ))
201213
202214def setUnion (comment = None , count = None , position = None , negative = False , falseCond = False ):
203215 """
@@ -220,8 +232,8 @@ def setUnion(comment=None, count=None, position=None, negative=False, falseCond=
220232 )
221233
222234 if condition :
223- dataToSessionFile ("[%s][%s][%s][Union comment][%s]\n " % (conf .url , kb .injPlace , conf .parameters [kb .injPlace ], comment ))
224- dataToSessionFile ("[%s][%s][%s][Union count][%s]\n " % (conf .url , kb .injPlace , conf .parameters [kb .injPlace ], count ))
235+ dataToSessionFile ("[%s][%s][%s][Union comment][%s]\n " % (conf .url , kb .injPlace , safeFormatString ( conf .parameters [kb .injPlace ]), safeFormatString ( comment ) ))
236+ dataToSessionFile ("[%s][%s][%s][Union count][%s]\n " % (conf .url , kb .injPlace , safeFormatString ( conf .parameters [kb .injPlace ]) , count ))
225237
226238 kb .unionComment = comment
227239 kb .unionCount = count
@@ -234,7 +246,7 @@ def setUnion(comment=None, count=None, position=None, negative=False, falseCond=
234246 )
235247
236248 if condition :
237- dataToSessionFile ("[%s][%s][%s][Union position][%s]\n " % (conf .url , kb .injPlace , conf .parameters [kb .injPlace ], position ))
249+ dataToSessionFile ("[%s][%s][%s][Union position][%s]\n " % (conf .url , kb .injPlace , safeFormatString ( conf .parameters [kb .injPlace ]) , position ))
238250
239251 kb .unionPosition = position
240252
@@ -246,7 +258,7 @@ def setUnion(comment=None, count=None, position=None, negative=False, falseCond=
246258 )
247259
248260 if condition :
249- dataToSessionFile ("[%s][%s][%s][Union negative][Yes]\n " % (conf .url , kb .injPlace , conf .parameters [kb .injPlace ]))
261+ dataToSessionFile ("[%s][%s][%s][Union negative][Yes]\n " % (conf .url , kb .injPlace , safeFormatString ( conf .parameters [kb .injPlace ]) ))
250262
251263 kb .unionNegative = True
252264
@@ -258,7 +270,7 @@ def setUnion(comment=None, count=None, position=None, negative=False, falseCond=
258270 )
259271
260272 if condition :
261- dataToSessionFile ("[%s][%s][%s][Union false condition][Yes]\n " % (conf .url , kb .injPlace , conf .parameters [kb .injPlace ]))
273+ dataToSessionFile ("[%s][%s][%s][Union false condition][Yes]\n " % (conf .url , kb .injPlace , safeFormatString ( conf .parameters [kb .injPlace ]) ))
262274
263275 kb .unionFalseCond = True
264276
@@ -269,11 +281,11 @@ def setRemoteTempPath():
269281 )
270282
271283 if condition :
272- dataToSessionFile ("[%s][%s][%s][Remote temp path][%s]\n " % (conf .url , kb .injPlace , conf .parameters [kb .injPlace ], conf .tmpPath ))
284+ dataToSessionFile ("[%s][%s][%s][Remote temp path][%s]\n " % (conf .url , kb .injPlace , safeFormatString ( conf .parameters [kb .injPlace ]), safeFormatString ( conf .tmpPath ) ))
273285
274286def resumeConfKb (expression , url , value ):
275287 if expression == "String" and url == conf .url :
276- string = value [:- 1 ]
288+ string = unSafeFormatString ( value [:- 1 ])
277289
278290 logMsg = "resuming string match '%s' from session file" % string
279291 logger .info (logMsg )
@@ -294,7 +306,7 @@ def resumeConfKb(expression, url, value):
294306 conf .string = string
295307
296308 elif expression == "Regular expression" and url == conf .url :
297- regexp = value [:- 1 ]
309+ regexp = unSafeFormatString ( value [:- 1 ])
298310
299311 logMsg = "resuming regular expression match '%s' from session file" % regexp
300312 logger .info (logMsg )
@@ -339,7 +351,7 @@ def resumeConfKb(expression, url, value):
339351 kb .injPlace = injPlace
340352
341353 elif expression == "Injection parameter" and url == conf .url :
342- injParameter = value [:- 1 ]
354+ injParameter = unSafeFormatString ( value [:- 1 ])
343355
344356 logMsg = "resuming injection parameter '%s' from session file" % injParameter
345357 logger .info (logMsg )
@@ -359,7 +371,7 @@ def resumeConfKb(expression, url, value):
359371 kb .injParameter = injParameter
360372
361373 elif expression == "Injection type" and url == conf .url :
362- kb .injType = value [:- 1 ]
374+ kb .injType = unSafeFormatString ( value [:- 1 ])
363375
364376 logMsg = "resuming injection type '%s' from session file" % kb .injType
365377 logger .info (logMsg )
@@ -372,7 +384,7 @@ def resumeConfKb(expression, url, value):
372384 logger .info (logMsg )
373385
374386 elif expression == "DBMS" and url == conf .url :
375- dbms = value [:- 1 ]
387+ dbms = unSafeFormatString ( value [:- 1 ])
376388 dbms = dbms .lower ()
377389 dbmsVersion = None
378390
@@ -406,7 +418,7 @@ def resumeConfKb(expression, url, value):
406418 kb .dbmsVersion = dbmsVersion
407419
408420 elif expression == "OS" and url == conf .url :
409- os = value [:- 1 ]
421+ os = unSafeFormatString ( value [:- 1 ])
410422
411423 logMsg = "resuming back-end DBMS operating system '%s' " % os
412424 logMsg += "from session file"
@@ -427,14 +439,14 @@ def resumeConfKb(expression, url, value):
427439 conf .os = os
428440
429441 elif expression == "Stacked queries" and url == conf .url :
430- kb .stackedTest = value [:- 1 ]
442+ kb .stackedTest = unSafeFormatString ( value [:- 1 ])
431443
432444 logMsg = "resuming stacked queries syntax "
433445 logMsg += "'%s' from session file" % kb .stackedTest
434446 logger .info (logMsg )
435447
436448 elif expression == "Union comment" and url == conf .url :
437- kb .unionComment = value [:- 1 ]
449+ kb .unionComment = unSafeFormatString ( value [:- 1 ])
438450
439451 logMsg = "resuming union comment "
440452 logMsg += "'%s' from session file" % kb .unionComment
@@ -469,7 +481,7 @@ def resumeConfKb(expression, url, value):
469481 logger .info (logMsg )
470482
471483 elif expression == "Remote temp path" and url == conf .url :
472- conf .tmpPath = value [:- 1 ]
484+ conf .tmpPath = unSafeFormatString ( value [:- 1 ])
473485
474486 logMsg = "resuming remote absolute path of temporary "
475487 logMsg += "files directory '%s' from session file" % conf .tmpPath
0 commit comments