components/checks/active/code_injection.rb in arachni-1.3.2 vs components/checks/active/code_injection.rb in arachni-1.4

@@ -1,7 +1,7 @@
 =begin
-    Copyright 2010-2015 Tasos Laskos <tasos.laskos@arachni-scanner.com>
+    Copyright 2010-2016 Tasos Laskos <tasos.laskos@arachni-scanner.com>
 
     This file is part of the Arachni Framework project and is subject to
     redistribution and commercial restrictions. Please see the Arachni Framework
     web site for more information on licensing and terms of use.
 =end
@@ -10,12 +10,10 @@
 # but still needs some more testing.
 #
 #
 # @author Tasos "Zapotek" Laskos <tasos.laskos@arachni-scanner.com>
 #
-# @version 0.2.3
-#
 # @see http://cwe.mitre.org/data/definitions/94.html
 # @see http://php.net/manual/en/function.eval.php
 # @see http://perldoc.perl.org/functions/eval.html
 # @see http://docs.python.org/py3k/library/functions.html#eval
 # @see http://www.aspdev.org/asp/asp-eval-execute/
@@ -30,22 +28,22 @@
         @rand2 ||= '4196403'
     end
 
     def self.options
         @options ||= {
-            substring: (rand1.to_i + rand2.to_i).to_s,
-            format:    [Format::STRAIGHT]
+            signatures: (rand1.to_i * rand2.to_i).to_s,
+            format:     [Format::STRAIGHT]
         }
     end
 
     def self.code_strings
         # code strings to be injected to the webapp
         @code_strings ||= {
-            php:    "print #{rand1}+#{rand2};",
-            perl:   "print #{rand1}+#{rand2};",
-            python: "print #{rand1}+#{rand2}",
-            asp:    "Response.Write\x28#{rand1}+#{rand2}\x29"
+            php:    "print #{rand1}*#{rand2};",
+            perl:   "print #{rand1}*#{rand2};",
+            python: "print #{rand1}*#{rand2}",
+            asp:    "Response.Write\x28#{rand1}*#{rand2}\x29"
         }
     end
 
     def self.payloads
         return @payloads if @payloads
@@ -68,10 +66,10 @@
             description: %q{
 Injects code snippets and assess whether or not execution was successful.
 },
             elements:    ELEMENTS_WITH_INPUTS,
             author:      'Tasos "Zapotek" Laskos <tasos.laskos@arachni-scanner.com>',
-            version:     '0.2.3',
+            version:     '0.2.5',
             platforms:   payloads.keys,
 
             issue:       {
                 name:            %q{Code injection},
                 description:     %q{