(1.1.0) [Fixed #15] makeQueryPattern 내 페이로드 생성 코드 수정

hahwul · hahwul · commit 562c720b3fdf · 2019-07-26T23:50:55.000+09:00
diff --git a/lib/XSpear.rb b/lib/XSpear.rb
@@ -489,22 +489,26 @@ def makeQueryPattern(type, payload, pattern, category, desc, callback)
         params = URI.decode_www_form(uri.query)
         params.each do |p|
           if @params.nil? || (@params.include? p[0] if !@params.nil?)
+            attack = ""
             dparams = params
             dparams.each do |d|
-              d[1] = p[1] + payload if p[0] == d[0]
+              attack = uri.query.sub "#{d[0]}=#{d[1]}","#{d[0]}=#{d[1]}#{URI::encode(payload)}" if p[0] == d[0]
+              #d[1] = p[1] + payload if p[0] == d[0]
             end
-            result.push("inject": 'url',"param":p[0] ,"type": type, "query": URI.encode_www_form(dparams), "pattern": pattern, "desc": desc, "category": category, "callback": callback)
+            result.push("inject": 'url',"param":p[0] ,"type": type, "query": attack, "pattern": pattern, "desc": desc, "category": category, "callback": callback)
           end
         end
         unless @data.nil?
           params = URI.decode_www_form(@data)
           params.each do |p|
             if @params.nil? || (@params.include? p[0] if !@params.nil?)
+              attack = ""
               dparams = params
               dparams.each do |d|
-                d[1] = p[1] + payload if p[0] == d[0]
+                attack = uri.query.sub "#{d[0]}=#{d[1]}","#{d[0]}=#{d[1]}#{URI::encode(payload)}" if p[0] == d[0]
+                #d[1] = p[1] + payload if p[0] == d[0]
               end
-              result.push("inject": 'body', "param":p[0], "type": type, "query": URI.encode_www_form(dparams), "pattern": pattern, "desc": desc, "category": category, "callback": callback)
+              result.push("inject": 'body', "param":p[0], "type": type, "query": attack, "pattern": pattern, "desc": desc, "category": category, "callback": callback)
             end
           end
         end
