Improved Multipart Form handling (#5598)

rohitkumarankam · web-flow · commit 93a8828dab15 · 2024-01-09T09:29:20.000+01:00
* improved multipart marker

* Improved file field handling in Multipart forms

* improved dumb LF to CRLF converter
diff --git a/lib/core/target.py b/lib/core/target.py
@@ -226,7 +226,7 @@ def process(match, repl):
                 if not (kb.processUserMarks and kb.customInjectionMark in conf.data):
                     conf.data = getattr(conf.data, UNENCODED_ORIGINAL_VALUE, conf.data)
                     conf.data = conf.data.replace(kb.customInjectionMark, ASTERISK_MARKER)
-                    conf.data = re.sub(r"(?si)((Content-Disposition[^\n]+?name\s*=\s*[\"']?(?P<name>[^\"'\r\n]+)[\"']?).+?)((%s)+--)" % ("\r\n" if "\r\n" in conf.data else '\n'), functools.partial(process, repl=r"\g<1>%s\g<4>" % kb.customInjectionMark), conf.data)
+                    conf.data = re.sub(r"(?si)((Content-Disposition[^\n]+?name\s*=\s*[\"']?(?P<name>[^\"'\r\n]+)[\"']?).+?)((%s)--)" % ("\r\n" if "\r\n" in conf.data else '\n'), lambda match: match.group(1) + (kb.customInjectionMark if 'filename' not in match.group(0) else '') + match.group(4), conf.data)
 
         if not kb.postHint:
             if kb.customInjectionMark in conf.data:  # later processed
diff --git a/thirdparty/multipart/multipartpost.py b/thirdparty/multipart/multipartpost.py
@@ -74,6 +74,10 @@ def http_request(self, request):
                 part = match.group(0)
                 if b'\r' not in part:
                     request.data = request.data.replace(part, part.replace(b'\n', b"\r\n"))
+            for match in re.finditer(b"(Content-Type[^\\n]+[\\n|\\r|\\r\\n]+)",request.data):
+                part = match.group(0)
+                if b'\r' not in part:
+                    request.data = request.data.replace(part, part.replace(b'\n', b"\r\n"))
 
         return request
 
