adding support for PgSQL DNS data exfiltration

2026-06-09 17:51:33 +00:00 · 2012-04-07 14:06:11 +00:00 · 2012-04-07 14:06:11 +00:00 · 8c6eb4faa9
commit 8c6eb4faa9
parent b2afa87e48
5 changed files with 27 additions and 7 deletions
--- a/lib/core/common.py
+++ b/lib/core/common.py
@ -1609,11 +1609,17 @@ def getSPQLSnippet(dbms, name, **variables):
    retVal = readCachedFileContent(filename)

    retVal = re.sub(r"#.+", "", retVal)
-    retVal = re.sub(r"(?s);\W+", "; ", retVal).strip()
+    retVal = re.sub(r"(?s);\s+", "; ", retVal).strip()

    for _ in variables.keys():
        retVal = re.sub(r"%%%s%%" % _, variables[_], retVal)

+    for _ in re.findall(r"%RANDSTR\d+%", retVal, re.I):
+        retVal = retVal.replace(_, randomStr())
+
+    for _ in re.findall(r"%RANDINT\d+%", retVal, re.I):
+        retVal = retVal.replace(_, randomInt())
+
    _ = re.search(r"%(\w+)%", retVal, re.I)
    if _:
        errMsg = "unresolved variable '%s' in SPL snippet '%s'" % (_.group(1), name)