Remove new line, tab and cr after removing comments

doyensec · bandronic · May 17, 2023 · May 22, 2023 · May 24, 2023 · Jul 25, 2023
commit 674ef46933248667eed1a09a00e076717914a138
diff --git a/README.md b/README.md
@@ -131,7 +131,7 @@ After building InQL as described above, you can prepare your development environ
 Begin by setting up a virtual environment with Python 2.7 for Jython compatibility. Note that necessary headers are required to build libraries with pip. For instance, using virtualenv:
 
 ```bash
-$ sudo apt install -y python2.7 python2.7-dev python2-setuptools-whl python2-pip-whl python3-virtualenv
+$ sudo apt install -y python2.7 python2.7-dev python2-setuptools-whl python2-pip-whl python3-virtualenv libssl-dev
 $ virtualenv -p python2.7 ./venv/
 ```
 

diff --git a/python/inql/attacker/request.py b/python/inql/attacker/request.py
@@ -38,7 +38,7 @@ def generate_attack_request(self):
  info = helpers.analyzeRequest(self.editor.request)
  headers = info.getHeaders()
  raw = helpers.bytesToString(self.editor.request[info.getBodyOffset():])
- body = str(raw).replace('\\r', '').replace('\\n', ' ').replace('\\t', '')
+ body = str(raw) #.replace('\\r', '').replace('\\n', ' ').replace('\\t', '')
  parsed = json.loads(body)
  if isinstance(parsed, list):
  parsed = parsed[0]
@@ -47,6 +47,7 @@ def generate_attack_request(self):
  actionMatch = re.search('([^{]*?){(.+)}([^}]*?)', query, re.DOTALL)
  action, query, tmp = actionMatch.groups()
  query = self.stripComments(query)
+ query = re.sub(r'\n|\r|\t', '', query)
  prefix, suffix, exploit = "", "", ""
  while True:
  # FIXME: whitespace inbetween will break the regex!
@@ -79,7 +80,7 @@ def generate_attack_request(self):
  # $[INT:first:last]
  start, end = args
  for n, item in enumerate(range(int(start), int(end)+1)):
- exploit +='op%s: %s%s%s%s{%s}%s\n' % (n+1, prefix, lead, item, rest, query, suffix)
+ exploit +='op%s: %s%s%s%s{%s}%s' % (n+1, prefix, lead, item, rest, query, suffix)
  if verb == 'FILE':
  # $[FILE:path] and $[FILE:path:first:last]
  path = args[0]
@@ -91,11 +92,11 @@ def generate_attack_request(self):
  start, end = 1, len(items)
 
  for n, item in enumerate(items[start-1: end]):
- exploit +='op%s: %s%s%s%s{%s}%s\n' % (n+1, prefix, lead, item, rest, query, suffix)
+ exploit +='op%s: %s%s%s%s{%s}%s' % (n+1, prefix, lead, item, rest, query, suffix)
 
  #build the query
  # attack = prefix + exploit + suffix\
- attack = action + "{\n" + exploit + "}"
+ attack = action + "{" + exploit + "}"
 
  log.debug("attack query: %s" % attack)
  body = json.dumps({'query': attack})