3737from lib .request .comparison import comparison
3838from lib .request .connect import Connect as Request
3939
40- def __findUnionCharCount (comment , place , parameter , value , prefix , suffix , where = 1 ):
40+ def __findUnionCharCount (comment , place , parameter , value , prefix , suffix , where = PAYLOAD . WHERE . ORIGINAL ):
4141 """
4242 Finds number of columns affected by UNION based injection
4343 """
@@ -83,7 +83,7 @@ def __findUnionCharCount(comment, place, parameter, value, prefix, suffix, where
8383
8484 return retVal
8585
86- def __unionPosition (comment , place , parameter , value , prefix , suffix , count , where = 1 ):
86+ def __unionPosition (comment , place , parameter , value , prefix , suffix , count , where = PAYLOAD . WHERE . ORIGINAL ):
8787 validPayload = None
8888 vector = None
8989
@@ -109,7 +109,7 @@ def __unionPosition(comment, place, parameter, value, prefix, suffix, count, whe
109109 validPayload = payload
110110 vector = (position , count , comment , prefix , suffix , conf .uChar , where )
111111
112- if where == 1 :
112+ if where == PAYLOAD . WHERE . ORIGINAL :
113113 # Prepare expression with delimiters
114114 randQuery2 = randomStr ()
115115 phrase2 = "%s%s%s" % (kb .misc .start , randQuery2 , kb .misc .stop )
@@ -118,14 +118,14 @@ def __unionPosition(comment, place, parameter, value, prefix, suffix, count, whe
118118
119119 # Confirm that it is a full inband SQL injection
120120 query = agent .forgeInbandQuery (randQueryUnescaped , position , count , comment , prefix , suffix , conf .uChar , multipleUnions = randQueryUnescaped2 )
121- payload = agent .payload (place = place , parameter = parameter , newValue = query , where = 2 )
121+ payload = agent .payload (place = place , parameter = parameter , newValue = query , where = PAYLOAD . WHERE . NEGATIVE )
122122
123123 # Perform the request
124124 page , headers = Request .queryPage (payload , place = place , content = True , raise404 = False )
125125 content = "%s%s" % (page or "" , listToStrValue (headers .headers if headers else None ) or "" )
126126
127127 if content and ((phrase in content and phrase2 not in content ) or (phrase not in content and phrase2 in content )):
128- vector = (position , count , comment , prefix , suffix , conf .uChar , 2 )
128+ vector = (position , count , comment , prefix , suffix , conf .uChar , PAYLOAD . WHERE . NEGATIVE )
129129
130130 break
131131
0 commit comments