Skip to content

Commit

Permalink
feature/stop-addon-vulnerability getting flag from configuration and …
Browse files Browse the repository at this point in the history
…only stopping if it is disabled
  • Loading branch information
TomerPacific committed Oct 13, 2023
1 parent be23292 commit e63e489
Showing 1 changed file with 8 additions and 2 deletions.
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/**
* Copyright 2021 SasanLabs
* Copyright 2023 SasanLabs
*
* <p>Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy of the License at
Expand Down Expand Up @@ -29,6 +29,7 @@
import org.sasanlabs.fileupload.attacks.rce.php.SimplePHPFileUpload;
import org.sasanlabs.fileupload.attacks.xss.HtmlFileUpload;
import org.sasanlabs.fileupload.attacks.xss.SVGFileUpload;
import org.sasanlabs.fileupload.configuration.FileUploadConfiguration;
import org.sasanlabs.fileupload.exception.FileUploadException;

/**
Expand Down Expand Up @@ -70,8 +71,13 @@ public FileUploadAttackExecutor(
}

public boolean executeAttack() throws FileUploadException {
Boolean shouldSendRequestsAfterFindingVulnerability = FileUploadConfiguration
.getInstance()
.getSendRequestsAfterFindingVulnerability();

for (AttackVector attackVector : attackVectors) {
if (this.fileUploadScanRule.isStop()) {
if (!shouldSendRequestsAfterFindingVulnerability &&
this.fileUploadScanRule.isStop()) {
return false;
} else {
if (attackVector.execute(this)) {
Expand Down

0 comments on commit e63e489

Please sign in to comment.