mirror of
				https://github.com/sqlmapproject/sqlmap.git
				synced 2025-10-24 20:51:23 +03:00 
			
		
		
		
	minor refactoring before a huge bug fix reported by Ahmed Shawky (we are falsely urlencoding ORIGINAL part of the injection payload)
This commit is contained in:
		
							parent
							
								
									539168dcca
								
							
						
					
					
						commit
						03413bd5e0
					
				|  | @ -13,6 +13,7 @@ import subprocess | ||||||
| import sys | import sys | ||||||
| 
 | 
 | ||||||
| from lib.core.enums import DBMS | from lib.core.enums import DBMS | ||||||
|  | from lib.core.enums import PLACE | ||||||
| from lib.core.revision import getRevisionNumber | from lib.core.revision import getRevisionNumber | ||||||
| 
 | 
 | ||||||
| # sqlmap version and site | # sqlmap version and site | ||||||
|  | @ -204,3 +205,6 @@ WEBSCARAB_SPLITTER = "### Conversation" | ||||||
| 
 | 
 | ||||||
| # Splitter used between requests in BURP log files | # Splitter used between requests in BURP log files | ||||||
| BURP_SPLITTER = "======================================================" | BURP_SPLITTER = "======================================================" | ||||||
|  | 
 | ||||||
|  | # Do the url-encoding based on parameter place | ||||||
|  | URL_ENCODE_PAYLOAD = { PLACE.GET: True, PLACE.POST: True, PLACE.COOKIE: False, PLACE.UA: True, PLACE.URI: False } | ||||||
|  |  | ||||||
|  | @ -40,6 +40,7 @@ from lib.core.enums import PLACE | ||||||
| from lib.core.exception import sqlmapConnectionException | from lib.core.exception import sqlmapConnectionException | ||||||
| from lib.core.exception import sqlmapSyntaxException | from lib.core.exception import sqlmapSyntaxException | ||||||
| from lib.core.settings import MIN_TIME_RESPONSES | from lib.core.settings import MIN_TIME_RESPONSES | ||||||
|  | from lib.core.settings import URL_ENCODE_PAYLOAD | ||||||
| from lib.core.threads import getCurrentThreadData | from lib.core.threads import getCurrentThreadData | ||||||
| from lib.request.basic import decodePage | from lib.request.basic import decodePage | ||||||
| from lib.request.basic import forgeHeaders | from lib.request.basic import forgeHeaders | ||||||
|  | @ -382,7 +383,6 @@ class Connect: | ||||||
|         pageLength  = None |         pageLength  = None | ||||||
|         uri         = None |         uri         = None | ||||||
|         raise404    = place != PLACE.URI if raise404 is None else raise404 |         raise404    = place != PLACE.URI if raise404 is None else raise404 | ||||||
|         toUrlencode = { PLACE.GET: True, PLACE.POST: True, PLACE.COOKIE: conf.cookieUrlencode, PLACE.UA: True, PLACE.URI: False } |  | ||||||
| 
 | 
 | ||||||
|         if not place: |         if not place: | ||||||
|             place = kb.injection.place |             place = kb.injection.place | ||||||
|  | @ -403,7 +403,7 @@ class Connect: | ||||||
|             value = agent.removePayloadDelimiters(value, False) |             value = agent.removePayloadDelimiters(value, False) | ||||||
|             value = urlEncodeCookieValues(value) |             value = urlEncodeCookieValues(value) | ||||||
|         elif place: |         elif place: | ||||||
|             value = agent.removePayloadDelimiters(value, toUrlencode[place]) |             value = agent.removePayloadDelimiters(value, URL_ENCODE_PAYLOAD[place]) | ||||||
| 
 | 
 | ||||||
|         if conf.checkPayload: |         if conf.checkPayload: | ||||||
|             checkPayload(value) |             checkPayload(value) | ||||||
|  |  | ||||||
		Loading…
	
		Reference in New Issue
	
	Block a user