Skip to content

Commit

Permalink
Minor update regarding tamper script "uninitializedvariable.py"
Browse files Browse the repository at this point in the history
  • Loading branch information
@stasinopoulos
stasinopoulos committed Feb 20, 2025
1 parent 1ae15df commit 62450e0
Show file tree
Hide file tree
Showing 2 changed files with 8 additions and 8 deletions.
13 changes: 6 additions & 7 deletions src/core/tamper/uninitializedvariable.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,26 +26,25 @@

__tamper__ = "uninitializedvariable"

global obf_char

if not settings.TAMPER_SCRIPTS[__tamper__]:
num = 2
obf_char = "${" + ''.join(random.choice(string.ascii_uppercase) for x in range(num)) + "}"
settings.TAMPER_SCRIPTS[__tamper__] = True

def tamper(payload):
def add_uninitialized_variable(payload):
settings.TAMPER_SCRIPTS[__tamper__] = True
num = 2
obf_char = "${" + ''.join(random.choice(string.ascii_letters) for x in range(num)) + "}"
payload = re.sub(r'([b-zD-Z])', lambda x: obf_char + x[0], payload)
payload = re.sub(r'([e-zD-Z])', lambda x: obf_char + x[0], payload)
for word in settings.IGNORE_TAMPER_TRANSFORMATION:
_ = obf_char.join(word[i:i+1] for i in range(-1, len(word), 1))
if _ in payload:
payload = payload.replace(_,_.replace(obf_char, ""))
return payload

if settings.TARGET_OS != settings.OS.WINDOWS:
if settings.EVAL_BASED_STATE != False:
return payload
else:
return add_uninitialized_variable(payload)
return add_uninitialized_variable(payload)
else:
return payload

Expand Down
3 changes: 2 additions & 1 deletion src/utils/settings.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -262,7 +262,7 @@ def sys_argv_errors():
DESCRIPTION = "The command injection exploiter"
AUTHOR = "Anastasios Stasinopoulos"
VERSION_NUM = "4.1"
REVISION = "10"
REVISION = "11"
STABLE_RELEASE = False
VERSION = "v"
if STABLE_RELEASE:
Expand Down Expand Up @@ -1156,6 +1156,7 @@ class AUTH_TYPE(object):
"then",
"else",
"fi",
"%0d",
RANDOM_VAR_GENERATOR,
RANDOM_VAR_GENERATOR + "1",
RANDOM_VAR_GENERATOR + "2"
Expand Down

0 comments on commit 62450e0

Please sign in to comment.