re.error: invalid group reference

[Nishantbhagat57]

PS C:\Users\nisha\Downloads\ghauri-main> ghauri -r req2.txt --confirm --timeout 30 --threads 20 --level 2 --flush-session --fresh-queries --proxy="http://127.0.0.1:8080" -v 3

  ________.__                        .__  {1.3.7}
 /  _____/|  |__ _____   __ _________|__|
/   \  ___|  |  \\__  \ |  |  \_  __ \  |
\    \_\  \   Y  \/ __ \|  |  /|  | \/  |
 \______  /___|  (____  /____/ |__|  |__|
        \/     \/     \/         https://github.com/r0oth3x49
                                 An advanced SQL injection detection & exploitation tool.

[*] starting @ 23:26:36 /2024-09-24/

[23:26:36] [INFO] parsing HTTP request from 'req2.txt'
[23:26:37] [DEBUG] {'GET': [], 'POST': [<Parameter('number')>], 'COOKIE': [], 'HEADER': [<Parameter('User-Agent')>, <Parameter('Accept-Language')>, <Parameter('Referer')>]}
[23:26:37] [INFO] flushing session file
custom injection marker ('*') found in POST body. Do you want to process it? [Y/n/q] y

JSON data found in POST body. Do you want to process it? [Y/n/q] y

[23:26:40] [INFO] testing connection to the target URL
[23:26:40] [INFO] testing if the target URL content is stable
[23:26:41] [DEBUG] r1: 58, r2: 58
[23:26:41] [INFO] target URL content is stable
Traceback (most recent call last):
  File "C:\Users\nisha\AppData\Local\Programs\Python\Python311\Scripts\ghauri-script.py", line 33, in <module>
    sys.exit(load_entry_point('ghauri==1.3.7', 'console_scripts', 'ghauri')())
             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "C:\Users\nisha\AppData\Local\Programs\Python\Python311\Lib\site-packages\ghauri-1.3.7-py3.11.egg\ghauri\scripts\ghauri.py", line 464, in main
    resp = ghauri.perform_injection(
           ^^^^^^^^^^^^^^^^^^^^^^^^^
  File "C:\Users\nisha\AppData\Local\Programs\Python\Python311\Lib\site-packages\ghauri-1.3.7-py3.11.egg\ghauri\ghauri.py", line 357, in perform_injection
    retval_check = basic_check(
                   ^^^^^^^^^^^^
  File "C:\Users\nisha\AppData\Local\Programs\Python\Python311\Lib\site-packages\ghauri-1.3.7-py3.11.egg\ghauri\core\tests.py", line 174, in basic_check
    attack = inject_expression(
             ^^^^^^^^^^^^^^^^^^
  File "C:\Users\nisha\AppData\Local\Programs\Python\Python311\Lib\site-packages\ghauri-1.3.7-py3.11.egg\ghauri\core\inject.py", line 91, in inject_expression
    attack_data = prepare_attack_request(
                  ^^^^^^^^^^^^^^^^^^^^^^^
  File "C:\Users\nisha\AppData\Local\Programs\Python\Python311\Lib\site-packages\ghauri-1.3.7-py3.11.egg\ghauri\common\utils.py", line 1376, in prepare_attack_request
    prepared_payload = re.sub(
                       ^^^^^^^
  File "C:\Users\nisha\AppData\Local\Programs\Python\Python311\Lib\re\__init__.py", line 185, in sub
    return _compile(pattern, flags).sub(repl, string, count)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "C:\Users\nisha\AppData\Local\Programs\Python\Python311\Lib\re\__init__.py", line 317, in _subx
    template = _compile_repl(template, pattern)
               ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "C:\Users\nisha\AppData\Local\Programs\Python\Python311\Lib\re\__init__.py", line 308, in _compile_repl
    return _parser.parse_template(repl, pattern)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "C:\Users\nisha\AppData\Local\Programs\Python\Python311\Lib\re\_parser.py", line 1081, in parse_template
    addgroup(int(this[1:]), len(this) - 1)
  File "C:\Users\nisha\AppData\Local\Programs\Python\Python311\Lib\re\_parser.py", line 1017, in addgroup
    raise s.error("invalid group reference %d" % index, pos)
re.error: invalid group reference 37 at position 5
PS C:\Users\nisha\Downloads\ghauri-main>

[r0oth3x49]

Would you mind sharing a sample request so that I can check?

[Nishantbhagat57]

@r0oth3x49 Sorry I don't have the exact request rn. I don't remember fully but it was a simple POST /api/xyz request with Host: api.example.com with JSON body having custom intection pointer like this:

{
  "username": "xyz*",
  "password": "xyz*"
}