2013-02-14 15:32:17 +04:00
|
|
|
#!/usr/bin/env python
|
2010-03-15 17:24:43 +03:00
|
|
|
|
|
|
|
"""
|
2013-01-18 18:07:51 +04:00
|
|
|
Copyright (c) 2006-2013 sqlmap developers (http://sqlmap.org/)
|
2010-10-15 03:18:29 +04:00
|
|
|
See the file 'doc/COPYING' for copying permission
|
2010-03-15 17:24:43 +03:00
|
|
|
"""
|
|
|
|
|
|
|
|
import urllib2
|
2011-05-24 03:20:03 +04:00
|
|
|
import urlparse
|
2010-03-15 17:24:43 +03:00
|
|
|
|
2012-03-15 15:10:58 +04:00
|
|
|
from lib.core.data import kb
|
2011-03-17 14:25:37 +03:00
|
|
|
from lib.core.data import logger
|
2011-11-11 15:28:27 +04:00
|
|
|
from lib.core.common import getHostHeader
|
2011-03-17 15:21:27 +03:00
|
|
|
from lib.core.common import getUnicode
|
2011-09-28 12:13:46 +04:00
|
|
|
from lib.core.common import logHTTPTraffic
|
2012-03-15 15:10:58 +04:00
|
|
|
from lib.core.common import readInput
|
2012-12-07 14:52:21 +04:00
|
|
|
from lib.core.enums import CUSTOM_LOGGING
|
2013-03-20 14:10:24 +04:00
|
|
|
from lib.core.enums import HTTP_HEADER
|
2013-01-18 00:49:58 +04:00
|
|
|
from lib.core.enums import HTTPMETHOD
|
2012-03-15 15:10:58 +04:00
|
|
|
from lib.core.enums import REDIRECTION
|
2012-12-06 17:14:19 +04:00
|
|
|
from lib.core.exception import SqlmapConnectionException
|
2013-02-28 16:51:08 +04:00
|
|
|
from lib.core.settings import DEFAULT_COOKIE_DELIMITER
|
2012-12-07 15:14:33 +04:00
|
|
|
from lib.core.settings import MAX_CONNECTION_CHUNK_SIZE
|
2012-12-07 18:29:54 +04:00
|
|
|
from lib.core.settings import MAX_CONNECTION_TOTAL_SIZE
|
2012-03-15 15:10:58 +04:00
|
|
|
from lib.core.settings import MAX_SINGLE_URL_REDIRECTIONS
|
|
|
|
from lib.core.settings import MAX_TOTAL_REDIRECTIONS
|
2011-03-17 09:39:05 +03:00
|
|
|
from lib.core.threads import getCurrentThreadData
|
2011-03-18 03:24:02 +03:00
|
|
|
from lib.request.basic import decodePage
|
2010-07-19 16:38:30 +04:00
|
|
|
|
2010-03-15 17:24:43 +03:00
|
|
|
class SmartRedirectHandler(urllib2.HTTPRedirectHandler):
|
2011-11-11 15:28:27 +04:00
|
|
|
def _get_header_redirect(self, headers):
|
|
|
|
retVal = None
|
|
|
|
|
2012-03-15 15:10:58 +04:00
|
|
|
if headers:
|
|
|
|
if "location" in headers:
|
|
|
|
retVal = headers.getheaders("location")[0].split("?")[0]
|
|
|
|
elif "uri" in headers:
|
|
|
|
retVal = headers.getheaders("uri")[0].split("?")[0]
|
2011-11-11 15:28:27 +04:00
|
|
|
|
|
|
|
return retVal
|
|
|
|
|
2013-01-18 00:49:58 +04:00
|
|
|
def _ask_redirect_choice(self, redcode, redurl, method):
|
2013-01-17 14:50:12 +04:00
|
|
|
with kb.locks.redirect:
|
|
|
|
if kb.redirectChoice is None:
|
|
|
|
msg = "sqlmap got a %d redirect to " % redcode
|
|
|
|
msg += "'%s'. Do you want to follow? [Y/n] " % redurl
|
|
|
|
choice = readInput(msg, default="Y")
|
2012-03-15 15:10:58 +04:00
|
|
|
|
2013-01-17 14:50:12 +04:00
|
|
|
kb.redirectChoice = choice.upper()
|
2012-03-15 15:10:58 +04:00
|
|
|
|
2013-01-18 01:44:55 +04:00
|
|
|
if kb.redirectChoice == REDIRECTION.YES and method == HTTPMETHOD.POST and kb.resendPostOnRedirect is None:
|
|
|
|
msg = "redirect is a result of a "
|
|
|
|
msg += "POST request. Do you want to "
|
|
|
|
msg += "resend original POST data to a new "
|
|
|
|
msg += "location? [%s] " % ("Y/n" if not kb.originalPage else "y/N")
|
|
|
|
choice = readInput(msg, default=("Y" if not kb.originalPage else "N"))
|
|
|
|
|
|
|
|
kb.resendPostOnRedirect = choice.upper() == 'Y'
|
|
|
|
|
|
|
|
if kb.resendPostOnRedirect:
|
|
|
|
self.redirect_request = self._redirect_request
|
2013-01-18 00:49:58 +04:00
|
|
|
|
|
|
|
def _redirect_request(self, req, fp, code, msg, headers, newurl):
|
|
|
|
newurl = newurl.replace(' ', '%20')
|
|
|
|
return urllib2.Request(newurl, data=req.data, headers=req.headers, origin_req_host=req.get_origin_req_host())
|
|
|
|
|
2010-03-15 17:24:43 +03:00
|
|
|
def http_error_302(self, req, fp, code, msg, headers):
|
2012-03-15 16:14:50 +04:00
|
|
|
content = None
|
2012-03-15 15:10:58 +04:00
|
|
|
redurl = self._get_header_redirect(headers)
|
|
|
|
|
2012-12-07 15:14:33 +04:00
|
|
|
try:
|
2012-12-07 18:29:54 +04:00
|
|
|
content = fp.read(MAX_CONNECTION_TOTAL_SIZE)
|
2012-12-07 15:14:33 +04:00
|
|
|
except Exception, msg:
|
|
|
|
dbgMsg = "there was a problem while retrieving "
|
|
|
|
dbgMsg += "redirect response content (%s)" % msg
|
|
|
|
logger.debug(dbgMsg)
|
2012-12-07 18:29:54 +04:00
|
|
|
finally:
|
|
|
|
if content:
|
|
|
|
try: # try to write it back to the read buffer so we could reuse it in further steps
|
|
|
|
fp.fp._rbuf.truncate(0)
|
|
|
|
fp.fp._rbuf.write(content)
|
|
|
|
except:
|
|
|
|
pass
|
2012-12-07 15:14:33 +04:00
|
|
|
|
2013-03-20 14:10:24 +04:00
|
|
|
content = decodePage(content, headers.get(HTTP_HEADER.CONTENT_ENCODING), headers.get(HTTP_HEADER.CONTENT_TYPE))
|
2012-12-07 15:40:19 +04:00
|
|
|
|
2012-12-07 14:52:21 +04:00
|
|
|
threadData = getCurrentThreadData()
|
2012-12-07 15:40:19 +04:00
|
|
|
threadData.lastRedirectMsg = (threadData.lastRequestUID, content)
|
|
|
|
|
2012-12-07 14:52:21 +04:00
|
|
|
redirectMsg = "HTTP redirect "
|
|
|
|
redirectMsg += "[#%d] (%d %s):\n" % (threadData.lastRequestUID, code, getUnicode(msg))
|
|
|
|
|
|
|
|
if headers:
|
2013-02-15 13:04:13 +04:00
|
|
|
logHeaders = "\n".join("%s: %s" % (getUnicode(key.capitalize() if isinstance(key, basestring) else key), getUnicode(value)) for (key, value) in headers.items())
|
2012-12-07 14:52:21 +04:00
|
|
|
else:
|
|
|
|
logHeaders = ""
|
|
|
|
|
2012-12-07 15:40:19 +04:00
|
|
|
redirectMsg += logHeaders
|
2012-12-07 15:14:33 +04:00
|
|
|
if content:
|
2013-02-15 13:04:13 +04:00
|
|
|
redirectMsg += "\n\n%s" % getUnicode(content[:MAX_CONNECTION_CHUNK_SIZE])
|
2012-12-07 14:52:21 +04:00
|
|
|
|
2012-12-07 15:40:19 +04:00
|
|
|
logHTTPTraffic(threadData.lastRequestMsg, redirectMsg)
|
2012-12-07 14:52:21 +04:00
|
|
|
logger.log(CUSTOM_LOGGING.TRAFFIC_IN, redirectMsg)
|
2012-12-07 14:23:18 +04:00
|
|
|
|
2012-07-17 02:19:33 +04:00
|
|
|
if redurl:
|
|
|
|
if not urlparse.urlsplit(redurl).netloc:
|
|
|
|
redurl = urlparse.urljoin(req.get_full_url(), redurl)
|
2012-03-15 16:14:50 +04:00
|
|
|
|
2012-07-17 02:19:33 +04:00
|
|
|
self._infinite_loop_check(req)
|
2013-01-18 00:49:58 +04:00
|
|
|
self._ask_redirect_choice(code, redurl, req.get_method())
|
2011-03-17 14:25:37 +03:00
|
|
|
|
2012-07-17 02:19:33 +04:00
|
|
|
if redurl and kb.redirectChoice == REDIRECTION.YES:
|
2013-03-20 14:10:24 +04:00
|
|
|
req.headers[HTTP_HEADER.HOST] = getHostHeader(redurl)
|
|
|
|
if headers and HTTP_HEADER.SET_COOKIE in headers:
|
|
|
|
req.headers[HTTP_HEADER.COOKIE] = headers[HTTP_HEADER.SET_COOKIE].split(DEFAULT_COOKIE_DELIMITER)[0]
|
2012-03-15 15:10:58 +04:00
|
|
|
result = urllib2.HTTPRedirectHandler.http_error_302(self, req, fp, code, msg, headers)
|
|
|
|
else:
|
|
|
|
result = fp
|
2011-11-11 15:28:27 +04:00
|
|
|
|
2012-12-07 15:40:19 +04:00
|
|
|
result.redcode = code
|
|
|
|
result.redurl = redurl
|
|
|
|
|
|
|
|
return result
|
2012-03-15 16:14:50 +04:00
|
|
|
|
|
|
|
http_error_301 = http_error_303 = http_error_307 = http_error_302
|
2010-07-19 16:38:30 +04:00
|
|
|
|
2012-03-15 15:10:58 +04:00
|
|
|
def _infinite_loop_check(self, req):
|
|
|
|
if hasattr(req, 'redirect_dict') and (req.redirect_dict.get(req.get_full_url(), 0) >= MAX_SINGLE_URL_REDIRECTIONS or len(req.redirect_dict) >= MAX_TOTAL_REDIRECTIONS):
|
2011-04-30 17:20:05 +04:00
|
|
|
errMsg = "infinite redirect loop detected (%s). " % ", ".join(item for item in req.redirect_dict.keys())
|
2010-07-19 16:38:30 +04:00
|
|
|
errMsg += "please check all provided parameters and/or provide missing ones."
|
2013-01-04 02:20:55 +04:00
|
|
|
raise SqlmapConnectionException(errMsg)
|