Closed Shazgul closed 7 years ago
Info: It's not the normal Quotation Mark, it's the "Left Quotation Mark", sorry, i just copied an new list of Dorks...
The quotation marks are not normal, they're encoded. This is a good enhancement though.
“.php?page=”
This “
is an encoded quotation, if you change it to: "
it will work
This will actually be an easy fix. I'll make a --dork
flag and encode the dork to UTF-8
before it is run
Yup i saw it's an "Left Quotation Mark", i've changed all the Marks already in my Dorklist ^^'.
Added a dork flag, will be available in the next push
Before you create an issue please make sure that there are no issues that relate to your issue you are trying to create,
if there is an issue that relates to this, please add a comment to that one and describe your specific problem. There is also a self help guide under the docs folder. Look through the troubleshooting and self help for help.
Issue (be specific)
If you use an Dork with "-Signs like...
middle.php?file= “.php?page=”
it turns out an error...Exact error message
[17:37:47 INFO] I'm searching for possible SQL vulnerable sites, using search query middle.php?file= “.php?page=” /var/lib/gems/2.3.0/gems/mechanize-2.7.5/lib/mechanize/util.rb:77:in'
encode': U+201C from UTF-8 to ISO-8859-1 (Encoding::UndefinedConversionError) from /var/lib/gems/2.3.0/gems/mechanize-2.7.5/lib/mechanize/util.rb:77:in
from_native_charset' from /var/lib/gems/2.3.0/gems/mechanize-2.7.5/lib/mechanize/form.rb:243:infrom_native_charset' from /var/lib/gems/2.3.0/gems/mechanize-2.7.5/lib/mechanize/form.rb:237:in
block in proc_query' from /var/lib/gems/2.3.0/gems/mechanize-2.7.5/lib/mechanize/form.rb:236:inmap' from /var/lib/gems/2.3.0/gems/mechanize-2.7.5/lib/mechanize/form.rb:236:in
proc_query' from /var/lib/gems/2.3.0/gems/mechanize-2.7.5/lib/mechanize/form.rb:299:inblock in build_query' from /var/lib/gems/2.3.0/gems/mechanize-2.7.5/lib/mechanize/form.rb:298:in
each' from /var/lib/gems/2.3.0/gems/mechanize-2.7.5/lib/mechanize/form.rb:298:inbuild_query' from /var/lib/gems/2.3.0/gems/mechanize-2.7.5/lib/mechanize.rb:587:in
submit' from whitewidow.rb:96:inget_urls' from whitewidow.rb:162:in
Steps to reproduce
Dork:
middle.php?file= “.php?page=”
Search query if applicable
Whitewidow version number
newest
Ruby version number
ruby 2.3.1p112 (2016-04-26) [i386-linux-gnu]
Labels