From f340f28118b6bb0f2052325066af26f1e7fdc335 Mon Sep 17 00:00:00 2001 From: stasinopoulos Date: Mon, 15 Apr 2024 08:48:00 +0300 Subject: [PATCH] Minor update --- src/core/requests/parameters.py | 6 +++--- src/utils/settings.py | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/src/core/requests/parameters.py b/src/core/requests/parameters.py index bf31606341..22c811c277 100755 --- a/src/core/requests/parameters.py +++ b/src/core/requests/parameters.py @@ -287,6 +287,7 @@ def json_format(parameter): if not settings.IS_XML: data_type = "XML/SOAP" settings.IS_XML = checks.process_data(data_type, http_request_method) + settings.PARAMETER_DELIMITER = "\n" elif settings.TEST_PARAMETER and not any(ext in parameter for ext in settings.TEST_PARAMETER): settings.IGNORE_USER_DEFINED_POST_DATA = True @@ -297,11 +298,10 @@ def json_format(parameter): parameters_list = [] # Split multiple parameters if settings.IS_XML: - settings.PARAMETER_DELIMITER = "" - parameter = re.sub(r">\s*<", '>\n<', parameter).replace("\\n","\n") + parameter = re.sub(r">\s*<", ">" + settings.PARAMETER_DELIMITER + "<", parameter) _ = [] parameters = re.findall(r'(.*)', parameter) - parameters = [param + "\n" for param in parameters if param] + parameters = [param for param in parameters if param] for value in range(0,len(parameters)): _.append(parameters[value]) multi_parameters = _ diff --git a/src/utils/settings.py b/src/utils/settings.py index 8479c15ac3..ffe9880e78 100755 --- a/src/utils/settings.py +++ b/src/utils/settings.py @@ -247,7 +247,7 @@ def sys_argv_errors(): DESCRIPTION = "The command injection exploiter" AUTHOR = "Anastasios Stasinopoulos" VERSION_NUM = "4.0" -REVISION = "28" +REVISION = "29" STABLE_RELEASE = False VERSION = "v" if STABLE_RELEASE: