compatibility with partial union and error technique resumed data

jisqyv · Dec 22, 2011 · f622995 · f622995
1 parent 58a4a02
commit f622995
Show file tree

Hide file tree

Showing 5 changed files with 11 additions and 4 deletions.
diff --git a/lib/controller/checks.py b/lib/controller/checks.py
@@ -472,7 +472,6 @@ def genCmpPayload():
                         injection.data[stype].comment = comment
                         injection.data[stype].templatePayload = templatePayload
                         injection.data[stype].matchRatio = kb.matchRatio
-                        injection.data[stype].chars = kb.chars
 
                         injection.conf.textOnly = conf.textOnly
                         injection.conf.titles = conf.titles

diff --git a/lib/controller/controller.py b/lib/controller/controller.py
@@ -176,12 +176,16 @@ def __saveToSessionFile():
 
         setInjection(inj)
 
-def __saveAbsFilePaths():
+def __saveToHashDB():
     key = "kb.absFilePaths"
     value = unserializeObject(conf.hashDB.retrieve(key)) or set()
     value.update(kb.absFilePaths)
     conf.hashDB.write(key, serializeObject(value))
 
+    key = "kb.chars"
+    if not conf.hashDB.retrieve(key):
+        conf.hashDB.write(key, serializeObject(kb.chars))
+
 def __saveToResultsFile():
     if not conf.resultsFP:
         return
@@ -568,7 +572,7 @@ def start():
 
                 __saveToSessionFile()
                 __saveToResultsFile()
-                __saveAbsFilePaths()
+                __saveToHashDB()
                 __showInjections()
                 __selectInjection()
 

diff --git a/lib/core/common.py b/lib/core/common.py
@@ -2505,7 +2505,6 @@ def initTechnique(technique=None):
         if data:
             kb.pageTemplate, kb.errorIsNone = getPageTemplate(data.templatePayload, kb.injection.place)
             kb.matchRatio = data.matchRatio
-            kb.chars = data.chars
 
             # Restoring stored conf options
             for key, value in kb.injection.conf.items():

diff --git a/lib/core/target.py b/lib/core/target.py
@@ -210,6 +210,7 @@ def __resumeHashDBValues():
     """
 
     kb.absFilePaths = unserializeObject(conf.hashDB.retrieve("kb.absFilePaths")) or kb.absFilePaths
+    kb.chars = unserializeObject(conf.hashDB.retrieve("kb.chars")) or kb.chars
 
 def __setOutputResume():
     """

diff --git a/lib/techniques/error/use.py b/lib/techniques/error/use.py
@@ -130,6 +130,10 @@ def __oneShotErrorUse(expression, field):
 
         conf.hashDB.write(expression, retVal)
 
+    else:
+        check = "%s(?P<result>.*?)%s" % (kb.chars.start, kb.chars.stop)
+        retVal = extractRegexResult(check, retVal, re.DOTALL | re.IGNORECASE) or retVal
+
     return safecharencode(retVal) if kb.safeCharEncode else retVal
 
 def __errorFields(expression, expressionFields, expressionFieldsList, expected=None, num=None, resumeValue=True):
-Original file line number
+Diff line change
@@ Expand Up / @@ -210,6 +210,7 @@ def __resumeHashDBValues(): @@
         """
         kb.absFilePaths = unserializeObject(conf.hashDB.retrieve("kb.absFilePaths")) or kb.absFilePaths
+        kb.chars = unserializeObject(conf.hashDB.retrieve("kb.chars")) or kb.chars
     def __setOutputResume():
         """
@@ Expand Down @@