Skip to content

Commit

Permalink
additional confirmation
Browse files Browse the repository at this point in the history
  • Loading branch information
@liquidsec
liquidsec committed Feb 15, 2025
1 parent 0386dad commit 2525f8e
Showing 1 changed file with 24 additions and 10 deletions.
34 changes: 24 additions & 10 deletions bbot/modules/lightfuzz_submodules/nosqli.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -78,21 +78,35 @@ async def fuzz(self):
if not confirmation_probe_false_comparison and confirmation_probe_false_diff_reasons != [
"header"
]:
self.results.append(
{
"type": "FINDING",
"description": f"Possible NoSQL Injection. {self.metadata()} Detection Method: [Quote/Escaped Quote + Conditional Affect] Differences: [{'.'.join(confirmation_probe_false_diff_reasons)}]",
}
(
final_confirm_comparison,
final_confirm_diff_reasons,
final_confirm_reflection,
final_confirm_response,
) = await self.compare_probe(
confirm_baseline,
self.event.data["type"],
urllib.parse.quote(f"{probe_value}' && 0 && 'x", safe=""),
cookies,
additional_params_populate_empty=True,
skip_urlencoding=True,
)

if final_confirm_response and final_confirm_comparison:
self.results.append(
{
"type": "FINDING",
"description": f"Possible NoSQL Injection. {self.metadata()} Detection Method: [Quote/Escaped Quote + Conditional Affect] Differences: [{'.'.join(confirmation_probe_false_diff_reasons)}]",
}
)
else:
self.verbose(
"Aborted reporting Possible NoSQL Injection, due to unstable/inconsistent responses"
)

except HttpCompareError as e:
self.verbose(f"Encountered HttpCompareError Sending Compare Probe: {e}")

else:
# if both probes were successful (and had a response)

self.verbose("Failed to get responses for both single_quote and double_single_quote")

# Comparison operator injection
if self.event.data["type"] in ["POSTPARAM", "GETPARAM"]:
nosqli_negation_baseline = None
Expand Down

0 comments on commit 2525f8e

Please sign in to comment.