MCPcopy
hub / github.com/epinna/tplmap / execute_blind

Method execute_blind

core/plugin.py:736–769  ·  view source on GitHub ↗
(self, code, **kwargs)

Source from the content-addressed store, hash-verified

734 )
735
736 def execute_blind(self, code, **kwargs):
737
738 prefix = kwargs.get('prefix', self.get('prefix', ''))
739 suffix = kwargs.get('suffix', self.get('suffix', ''))
740 blind = kwargs.get('blind', False)
741
742 action = self.actions.get('execute_blind', {})
743 payload_action = action.get('execute_blind')
744 call_name = action.get('call', 'inject')
745
746 # Skip if something is missing or call function is not set
747 if not action or not payload_action or not call_name or not hasattr(self, call_name):
748 return
749
750 expected_delay = self._get_expected_delay()
751
752 if '%(code_b64)s' in payload_action:
753 log.debug('[b64 encoding] %s' % code)
754 execution_code = payload_action % ({
755 'code_b64' : base64.urlsafe_b64encode(code),
756 'delay' : expected_delay
757 })
758 else:
759 execution_code = payload_action % ({
760 'code' : code,
761 'delay' : expected_delay
762 })
763
764 return getattr(self, call_name)(
765 code = execution_code,
766 prefix = prefix,
767 suffix = suffix,
768 blind=True
769 )
770
771 def _get_expected_delay(self):
772

Callers 5

blind_detectedMethod · 0.95
check_template_injectionFunction · 0.80
test_quotesMethod · 0.80
blind_detectedMethod · 0.80

Calls 2

getMethod · 0.95
_get_expected_delayMethod · 0.95

Tested by 2

test_quotesMethod · 0.64