fixed issue with post data properly encoding in ASP based targets, bu…

…mped version 1.3.4
r0oth3x49 · Jun 5, 2024 · 45eaf93 · 45eaf93
1 parent cd84460
commit 45eaf93
Show file tree

Hide file tree

Showing 4 changed files with 6 additions and 3 deletions.
diff --git a/README.md b/README.md
@@ -1,4 +1,4 @@
-[![GitHub release](https://img.shields.io/badge/release-v1.3.3-brightgreen?style=flat-square)](https://github.com/r0oth3x49/ghauri/releases/tag/1.3.3)
+[![GitHub release](https://img.shields.io/badge/release-v1.3.4-brightgreen?style=flat-square)](https://github.com/r0oth3x49/ghauri/releases/tag/1.3.4)
 [![GitHub stars](https://img.shields.io/github/stars/r0oth3x49/ghauri?style=flat-square)](https://github.com/r0oth3x49/ghauri/stargazers)
 [![GitHub forks](https://img.shields.io/github/forks/r0oth3x49/ghauri?style=flat-square)](https://github.com/r0oth3x49/ghauri/network)
 [![GitHub issues](https://img.shields.io/github/issues/r0oth3x49/ghauri?style=flat-square)](https://github.com/r0oth3x49/ghauri/issues)

diff --git a/ghauri/__init__.py b/ghauri/__init__.py
@@ -24,7 +24,7 @@
 
 """
 
-__version__ = "1.3.3"
+__version__ = "1.3.4"
 __author__ = "Nasir Khan (r0ot h3x49)"
 __license__ = "MIT"
 __copyright__ = "Copyright (c) 2016-2025 Nasir Khan (r0ot h3x49)"

diff --git a/ghauri/common/utils.py b/ghauri/common/utils.py
@@ -944,6 +944,9 @@ def urlencode(
         value = urldecode(value)
     if conf.safe_chars:
         safe = f"{safe}{conf.safe_chars}"
+    is_aspdotnet = bool("%2b" in value.lower())
+    if is_aspdotnet:
+        safe += "%"
     if injection_type and injection_type not in ["HEADER"] and not is_multipart:
         if injection_type == "COOKIE":
             if value_type == "payload":

diff --git a/setup.py b/setup.py
@@ -5,7 +5,7 @@
 
 setup(
     name="ghauri",
-    version="1.3.3",
+    version="1.3.4",
     description="An advanced SQL injection detection & exploitation tool.",
     classifiers=["Programming Language :: Python3"],
     author="Nasir Khan",