sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-03-03 19:55:47 +03:00
Code Issues Packages Projects Releases Wiki Activity

Adding support for WebSocket over SSL (wss://)

Browse Source
This commit is contained in:
Miroslav Stampar 2019-06-06 23:45:30 +02:00
parent 8a97e7edcc
commit 02c8f47892
3 changed files with 9 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
lib/core/common.py
View File

@ -1541,7 +1541,7 @@ def parseTargetUrl():
errMsg += "on this platform" errMsg += "on this platform"
raise SqlmapGenericException(errMsg) raise SqlmapGenericException(errMsg)
if not re.search(r"^https?://", conf.url, re.I) and not re.search(r"^wss?://", conf.url, re.I): if not re.search(r"^(http|ws)s?://", conf.url, re.I):
if re.search(r":443\b", conf.url): if re.search(r":443\b", conf.url):
conf.url = "https://%s" % conf.url conf.url = "https://%s" % conf.url
else: else:
@ -1560,10 +1560,13 @@ def parseTargetUrl():
hostnamePort = urlSplit.netloc.split(":") if not re.search(r"\[.+\]", urlSplit.netloc) else filterNone((re.search(r"\[.+\]", urlSplit.netloc).group(0), re.search(r"\](:(?P<port>\d+))?", urlSplit.netloc).group("port"))) hostnamePort = urlSplit.netloc.split(":") if not re.search(r"\[.+\]", urlSplit.netloc) else filterNone((re.search(r"\[.+\]", urlSplit.netloc).group(0), re.search(r"\](:(?P<port>\d+))?", urlSplit.netloc).group("port")))
conf.scheme = (urlSplit.scheme.strip().lower() or "http") if not conf.forceSSL else "https" conf.scheme = (urlSplit.scheme.strip().lower() or "http")
conf.path = urlSplit.path.strip() conf.path = urlSplit.path.strip()
conf.hostname = hostnamePort[0].strip() conf.hostname = hostnamePort[0].strip()
if conf.forceSSL:
conf.scheme = re.sub(r"(?i)\A(http|ws)\Z", r"\g<1>s", conf.scheme)
conf.ipv6 = conf.hostname != conf.hostname.strip("[]") conf.ipv6 = conf.hostname != conf.hostname.strip("[]")
conf.hostname = conf.hostname.strip("[]").replace(kb.customInjectionMark, "") conf.hostname = conf.hostname.strip("[]").replace(kb.customInjectionMark, "")
@ -1585,7 +1588,7 @@ def parseTargetUrl():
except: except:
errMsg = "invalid target URL" errMsg = "invalid target URL"
raise SqlmapSyntaxException(errMsg) raise SqlmapSyntaxException(errMsg)
elif conf.scheme == "https": elif conf.scheme in ("https", "wss"):
conf.port = 443 conf.port = 443
else: else:
conf.port = 80 conf.port = 80

2
lib/core/settings.py
View File

@ -18,7 +18,7 @@ from lib.core.enums import OS
from thirdparty.six import unichr as _unichr from thirdparty.six import unichr as _unichr
# sqlmap version (<major>.<minor>.<month>.<monthly commit>) # sqlmap version (<major>.<minor>.<month>.<monthly commit>)
VERSION = "1.3.6.28" VERSION = "1.3.6.29"
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable" TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34} TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE) VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)

4
lib/request/connect.py
View File

@ -346,8 +346,8 @@ class Connect(object):
pass pass
elif target: elif target:
if conf.forceSSL and _urllib.parse.urlparse(url).scheme != "https": if conf.forceSSL:
url = re.sub(r"(?i)\Ahttp:", "https:", url) url = re.sub(r"(?i)\A(http|ws):", r"\g<1>s:", url)
url = re.sub(r"(?i):80/", ":443/", url) url = re.sub(r"(?i):80/", ":443/", url)
if PLACE.GET in conf.parameters and not get: if PLACE.GET in conf.parameters and not get: