88import binascii
99import compiler
1010import httplib
11- import keyword
1211import logging
1312import re
1413import socket
@@ -92,7 +91,7 @@ class WebSocketException(Exception):
9291from lib .core .settings import DEFAULT_COOKIE_DELIMITER
9392from lib .core .settings import DEFAULT_GET_POST_DELIMITER
9493from lib .core .settings import DEFAULT_USER_AGENT
95- from lib .core .settings import EVALCODE_KEYWORD_SUFFIX
94+ from lib .core .settings import EVALCODE_ENCODED_PREFIX
9695from lib .core .settings import HTTP_ACCEPT_HEADER_VALUE
9796from lib .core .settings import HTTP_ACCEPT_ENCODING_HEADER_VALUE
9897from lib .core .settings import MAX_CONNECTION_CHUNK_SIZE
@@ -1070,7 +1069,6 @@ def _randomizeParameter(paramString, randomParameter):
10701069 delimiter = conf .paramDel or DEFAULT_GET_POST_DELIMITER
10711070 variables = {"uri" : uri , "lastPage" : threadData .lastPage , "_locals" : locals ()}
10721071 originals = {}
1073- keywords = keyword .kwlist
10741072
10751073 if not get and PLACE .URI in conf .parameters :
10761074 query = urlparse .urlsplit (uri ).query or ""
@@ -1085,8 +1083,6 @@ def _randomizeParameter(paramString, randomParameter):
10851083 if safeVariableNaming (name ) != name :
10861084 conf .evalCode = re .sub (r"\b%s\b" % re .escape (name ), safeVariableNaming (name ), conf .evalCode )
10871085 name = safeVariableNaming (name )
1088- elif name in keywords :
1089- name = "%s%s" % (name , EVALCODE_KEYWORD_SUFFIX )
10901086 value = urldecode (value , convall = True , spaceplus = (item == post and kb .postSpaceToPlus ))
10911087 variables [name ] = value
10921088
@@ -1098,8 +1094,6 @@ def _randomizeParameter(paramString, randomParameter):
10981094 if safeVariableNaming (name ) != name :
10991095 conf .evalCode = re .sub (r"\b%s\b" % re .escape (name ), safeVariableNaming (name ), conf .evalCode )
11001096 name = safeVariableNaming (name )
1101- elif name in keywords :
1102- name = "%s%s" % (name , EVALCODE_KEYWORD_SUFFIX )
11031097 value = urldecode (value , convall = True )
11041098 variables [name ] = value
11051099
@@ -1109,20 +1103,20 @@ def _randomizeParameter(paramString, randomParameter):
11091103 except SyntaxError as ex :
11101104 if ex .text :
11111105 original = replacement = ex .text .strip ()
1106+
11121107 if '=' in original :
11131108 name , value = original .split ('=' , 1 )
11141109 name = name .strip ()
11151110 if safeVariableNaming (name ) != name :
11161111 replacement = re .sub (r"\b%s\b" % re .escape (name ), safeVariableNaming (name ), replacement )
1117- elif name in keywords :
1118- replacement = re .sub (r"\b%s\b" % re .escape (name ), "%s%s" % (name , EVALCODE_KEYWORD_SUFFIX ), replacement )
11191112 else :
11201113 for _ in re .findall (r"[A-Za-z_]+" , original )[::- 1 ]:
1121- if _ in keywords :
1122- replacement = replacement .replace (_ , "%s%s" % ( _ , EVALCODE_KEYWORD_SUFFIX ))
1114+ if safeVariableNaming ( _ ) != _ :
1115+ replacement = replacement .replace (_ , safeVariableNaming ( _ ))
11231116 break
1117+
11241118 if original == replacement :
1125- conf .evalCode = conf .evalCode .replace (EVALCODE_KEYWORD_SUFFIX , "" )
1119+ conf .evalCode = conf .evalCode .replace (EVALCODE_ENCODED_PREFIX , "" )
11261120 break
11271121 else :
11281122 conf .evalCode = conf .evalCode .replace (getUnicode (ex .text .strip (), UNICODE_ENCODING ), replacement )
@@ -1135,11 +1129,6 @@ def _randomizeParameter(paramString, randomParameter):
11351129 evaluateCode (conf .evalCode , variables )
11361130
11371131 for variable in list (variables .keys ()):
1138- if variable .endswith (EVALCODE_KEYWORD_SUFFIX ):
1139- value = variables [variable ]
1140- del variables [variable ]
1141- variables [variable .replace (EVALCODE_KEYWORD_SUFFIX , "" )] = value
1142-
11431132 if unsafeVariableNaming (variable ) != variable :
11441133 value = variables [variable ]
11451134 del variables [variable ]
0 commit comments