@@ -39,6 +39,7 @@ def __unionPosition(comment, place, parameter, value, prefix, suffix, count, whe
3939 for position in range (0 , count ):
4040 # Prepare expression with delimiters
4141 randQuery = randomStr ()
42+ phrase = "%s%s%s" % (kb .misc .start , randQuery , kb .misc .stop )
4243 randQueryProcessed = agent .concatQuery ("\' %s\' " % randQuery )
4344 randQueryUnescaped = unescaper .unescape (randQueryProcessed )
4445
@@ -49,16 +50,14 @@ def __unionPosition(comment, place, parameter, value, prefix, suffix, count, whe
4950 # Perform the request
5051 resultPage , _ = Request .queryPage (payload , place = place , content = True , raise404 = False )
5152
52- if extractRegexResult ('(?P<result>UNION ALL SELECT)' , resultPage , re .I ):
53- continue
54-
55- if resultPage and randQuery in resultPage :
53+ if resultPage and phrase in resultPage :
5654 validPayload = payload
5755 vector = (position , count , comment , prefix , suffix , conf .uChar , where )
5856
5957 if where == 1 :
6058 # Prepare expression with delimiters
6159 randQuery2 = randomStr ()
60+ phrase2 = "%s%s%s" % (kb .misc .start , randQuery2 , kb .misc .stop )
6261 randQueryProcessed2 = agent .concatQuery ("\' %s\' " % randQuery2 )
6362 randQueryUnescaped2 = unescaper .unescape (randQueryProcessed2 )
6463
@@ -69,10 +68,7 @@ def __unionPosition(comment, place, parameter, value, prefix, suffix, count, whe
6968 # Perform the request
7069 resultPage , _ = Request .queryPage (payload , place = place , content = True , raise404 = False )
7170
72- if extractRegexResult ('(?P<result>UNION ALL SELECT)' , resultPage , re .I ):
73- continue
74-
75- if resultPage and ((randQuery in resultPage and randQuery2 not in resultPage ) or (randQuery not in resultPage and randQuery2 in resultPage )):
71+ if resultPage and ((phrase in resultPage and phrase2 not in resultPage ) or (phrase not in resultPage and phrase2 in resultPage )):
7672 vector = (position , count , comment , prefix , suffix , conf .uChar , 2 )
7773
7874 break
0 commit comments