minor update

2025-10-30 15:37:43 +03:00 · 2011-11-06 11:18:16 +00:00 · 2011-11-06 11:18:16 +00:00 · 030c57a0c8
commit 030c57a0c8
parent 2ad43411ba
2 changed files with 8 additions and 1 deletions
--- a/lib/core/option.py
+++ b/lib/core/option.py
@ -1473,6 +1473,7 @@ def __setKnowledgeBaseAttributes(flushAll=True):

    if flushAll:
        kb.keywords = set(getFileItems(paths.SQL_KEYWORDS))
+        kb.scanOnlyGoogleGETs = None
        kb.tamperFunctions = []
        kb.targetUrls = oset()
        kb.testedParams = set()
--- a/lib/utils/google.py
+++ b/lib/utils/google.py
@ -14,6 +14,7 @@ import socket
 import urllib2

 from lib.core.common import getUnicode
+from lib.core.common import readInput
 from lib.core.convert import htmlunescape
 from lib.core.convert import urlencode
 from lib.core.data import conf
@ -63,7 +64,12 @@ class Google:
            if re.search(r"(.*?)\?(.+)", match):
                kb.targetUrls.add(( htmlunescape(htmlunescape(match)), None, None, None ))
            elif re.search(URI_INJECTABLE_REGEX, match, re.I):
-                kb.targetUrls.add(( htmlunescape(htmlunescape("%s" % match)), None, None, None ))
+                if kb.scanOnlyGoogleGETs is None:
+                    message = "do you want to scan only results containing GET parameters? [Y/n] "
+                    test = readInput(message, default="Y")
+                    kb.scanOnlyGoogleGETs = test.lower() != 'n'
+                if not kb.scanOnlyGoogleGETs:
+                    kb.targetUrls.add(( htmlunescape(htmlunescape("%s" % match)), None, None, None ))

    def getCookie(self):
        """