@@ -119,7 +119,10 @@ def payload(self, place=None, parameter=None, value=None, newValue=None, where=N
119119 if place == PLACE.URI:
120120 origValue = origValue.split(kb.customInjectionMark)[0]
121121 else:
122- origValue = filterNone(re.search(_, origValue.split(BOUNDED_INJECTION_MARKER)[0]) for _ in (r"\w+\Z", r"[^\"'><]+\Z", r"[^ ]+\Z"))[0].group(0)
122+ try:
123+ origValue = filterNone(re.search(_, origValue.split(BOUNDED_INJECTION_MARKER)[0]) for _ in (r"\w+\Z", r"[^\"'><]+\Z", r"[^ ]+\Z"))[0].group(0)
124+ except IndexError:
125+ pass
123126 origValue = origValue[origValue.rfind('/') + 1:]
124127 for char in ('?', '=', ':', ',', '&'):
125128 if char in origValue:
@@ -883,14 +886,16 @@ def forgeUnionQuery(self, query, position, count, comment, prefix, suffix, char,
883886 query = query[len("TOP %s " % topNum):]
884887 unionQuery += "TOP %s " % topNum
885888
886- intoRegExp = re.search(r"(\s+INTO (DUMP|OUT)FILE\s+'(.+?)')", query, re.I)
889+ intoFileRegExp = re.search(r"(\s+INTO (DUMP|OUT)FILE\s+'(.+?)')", query, re.I)
887890
888- if intoRegExp :
889- intoRegExp = intoRegExp .group(1)
890- query = query[:query.index(intoRegExp )]
891+ if intoFileRegExp :
892+ infoFile = intoFileRegExp .group(1)
893+ query = query[:query.index(infoFile )]
891894
892895 position = 0
893896 char = NULL
897+ else:
898+ infoFile = None
894899
895900 for element in xrange(0, count):
896901 if element > 0:
@@ -909,8 +914,8 @@ def forgeUnionQuery(self, query, position, count, comment, prefix, suffix, char,
909914 if fromTable and not unionQuery.endswith(fromTable):
910915 unionQuery += fromTable
911916
912- if intoRegExp :
913- unionQuery += intoRegExp
917+ if infoFile :
918+ unionQuery += infoFile
914919
915920 if multipleUnions:
916921 unionQuery += " UNION ALL SELECT "
0 commit comments