autopoisoner icon indicating copy to clipboard operation
autopoisoner copied to clipboard

Published 20 hours ago verified publisher icon Th0h0

implementation error?

Open joostgrunwald opened this issue 1 year ago • 0 comments

Hey so I'm using this tool and trying to verify some vulnerabilities.

I noticed the following:

    if canary_in_response(responseCandidate):
        if canary_in_response(confirmationResponse):
            return True
        else:
            return False
    else:
        return True

why do you return True if the canary is not inside the responsecandidate @Th0h0

If this prints vulnerability confirmed, is it then 100% confirmed? Cause I sometimes fail to replicate these results with other tools

joostgrunwald avatar Mar 30 '23 13:03 joostgrunwald