Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bug Report: Unhandled exception "UnboundLocalError: cannot access local variable 'long_string' where it is not associated with a value" (#e5216334) #967

Closed
commixreporter opened this issue Oct 8, 2024 · 1 comment
Closed

Bug Report: Unhandled exception "UnboundLocalError: cannot access local variable 'long_string' where it is not associated with a value" (#e5216334) #967

commixreporter opened this issue Oct 8, 2024 · 1 comment
Assignees
@stasinopoulos
Labels
bug verified
Milestone
4.0-stable

Comments

@commixreporter
Copy link 

Commix version: 4.0-dev#98
Python version: 3.12.7
Operating system: nt
Command line: commix.py -u ************************** --level=3 --random-agent --drop-set-cookie --tamper=backslashes,backticks,base64encode,caret,dollaratsigns,doublequotes,hexencode,multiplespaces,nested,printf2echo,rev,singlequotes,slash2env,sleep2timeout,sleep2usleep,space2htab,space2ifs,space2plus,space2vtab,uninitializedvariable,xforwardedfor --shellshock --all -v 3


Traceback (most recent call last):
  File \"commix.py", line 36, in <module>
    main()
  File \"commix.py", line 31, in main
    import src.core.main
  File \"main.py", line 899, in <module>
    main(filename, url, http_request_method)
  File \"main.py", line 560, in main
    controller.do_check(url, http_request_method, filename)
  File \"controller.py", line 743, in do_check
    perform_checks(url, http_request_method, filename)
  File \"controller.py", line 715, in perform_checks
    headers_checks(url, http_request_method, filename, timesec)
  File \"controller.py", line 650, in headers_checks
    http_headers_injection(url, http_request_method, filename, timesec)
  File \"controller.py", line 475, in http_headers_injection
    user_agent_injection(url, http_request_method, filename, timesec)
  File \"controller.py", line 450, in user_agent_injection
    if check_parameter != header_name or not injection_proccess(url, check_parameter, http_request_method, filename, timesec):
                                             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File \"controller.py", line 364, in injection_proccess
    url = command_injection_heuristic_basic(url, http_request_method, check_parameter, the_type, header_name, inject_http_headers)
          ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File \"controller.py", line 143, in command_injection_heuristic_basic
    checks.perform_payload_modification(payload="")
  File \"checks.py", line 1889, in perform_payload_modification
    payload = caret.tamper(payload)
              ^^^^^^^^^^^^^^^^^^^^^
  File \"caret.py", line 54, in tamper
    return add_caret_symbol(payload)
           ^^^^^^^^^^^^^^^^^^^^^^^^^
  File \"caret.py", line 42, in add_caret_symbol
    re.sub(r'([b-zD-Z])', r'^\1', long_string) : long_string.replace("^", "")
                                  ^^^^^^^^^^^
UnboundLocalError: cannot access local variable 'long_string' where it is not associated with a value
@stasinopoulos stasinopoulos self-assigned this Oct 10, 2024
@stasinopoulos stasinopoulos added this to the 4.0-stable milestone Oct 10, 2024
@github-actions GitHub Actions
Copy link

This issue has been automatically locked due to inactivity.
Please file a new issue if you are encountering a similar or related problem.

This action has been performed automatically by a bot.

@github-actions github-actions bot locked and limited conversation to collaborators Nov 19, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@stasinopoulos stasinopoulos

Labels
bug verified
Projects
None yet
Milestone
4.0-stable
Development

No branches or pull requests
2 participants
@stasinopoulos @commixreporter