diff --git a/lib/controller/checks.py b/lib/controller/checks.py index cfdacdd2d..d6b3a723f 100644 --- a/lib/controller/checks.py +++ b/lib/controller/checks.py @@ -720,7 +720,7 @@ def checkDynamicContent(firstPage, secondPage): if count > conf.retries: warnMsg = "target url is too dynamic. " - warnMsg += "switching to '--text-only' " + warnMsg += "Switching to '--text-only' " logger.warn(warnMsg) conf.textOnly = True @@ -744,9 +744,6 @@ def checkStability(): like for instance string matching (--string). """ - if kb.redirectChoice: - return None - infoMsg = "testing if the url is stable, wait a few seconds" logger.info(infoMsg) @@ -754,6 +751,9 @@ def checkStability(): time.sleep(1) secondPage, _ = Request.queryPage(content=True, raise404=False) + if kb.redirectChoice: + return None + kb.pageStable = (firstPage == secondPage) if kb.pageStable: diff --git a/lib/core/enums.py b/lib/core/enums.py index 6ebabe198..219e59584 100644 --- a/lib/core/enums.py +++ b/lib/core/enums.py @@ -152,9 +152,8 @@ class HASHDB_KEYS: KB_DYNAMIC_MARKINGS = "KB_DYNAMIC_MARKINGS" class REDIRECTION: - FOLLOW = "1" - ORIGINAL = "2" - IGNORE = "3" + YES = "Y" + NO = "N" class PAYLOAD: SQLINJECTION = { diff --git a/lib/request/comparison.py b/lib/request/comparison.py index ccc727496..a2b814ef9 100644 --- a/lib/request/comparison.py +++ b/lib/request/comparison.py @@ -29,6 +29,7 @@ from lib.core.settings import UPPER_RATIO_BOUND from lib.core.threads import getCurrentThreadData def comparison(page, headers, code=None, getRatioValue=False, pageLength=None): + print "AA: ", page[:100] if page is None and pageLength is None: return None diff --git a/lib/request/connect.py b/lib/request/connect.py index 326071cba..d0c21fe4f 100644 --- a/lib/request/connect.py +++ b/lib/request/connect.py @@ -305,11 +305,10 @@ class Connect: # Get HTTP response if hasattr(conn, 'redurl'): - page = threadData.lastRedirectMsg[1] if kb.redirectChoice == REDIRECTION.IGNORE\ - else kb.pageTemplate if kb.redirectChoice == REDIRECTION.ORIGINAL\ + page = threadData.lastRedirectMsg[1] if kb.redirectChoice == REDIRECTION.NO\ else conn.read() - skipLogTraffic = kb.redirectChoice != REDIRECTION.FOLLOW - code = conn.redcode if kb.redirectChoice != REDIRECTION.ORIGINAL else kb.originalCode + skipLogTraffic = kb.redirectChoice == REDIRECTION.NO + code = conn.redcode else: page = conn.read() diff --git a/lib/request/redirecthandler.py b/lib/request/redirecthandler.py index 64f8ff6c0..68eceaabc 100644 --- a/lib/request/redirecthandler.py +++ b/lib/request/redirecthandler.py @@ -40,13 +40,10 @@ class SmartRedirectHandler(urllib2.HTTPRedirectHandler): def _ask_redirect_choice(self, redcode, redurl): if kb.redirectChoice is None and kb.originalPage: msg = "sqlmap got a %d redirect to " % redcode - msg += "'%s'. What do you want to do? " % redurl - msg += "\n[1] Follow the redirection (default)" - msg += "\n[2] Stay on the original page" - msg += "\n[3] Ignore" - choice = readInput(msg, default="1") + msg += "'%s'. Do you want to follow? [Y/n] " % redurl + choice = readInput(msg, default="Y") - kb.redirectChoice = choice + kb.redirectChoice = choice.upper() def _process_http_redirect(self, result, headers, code, content, msg, redurl): content = decodePage(content, headers.get(HTTPHEADER.CONTENT_ENCODING), headers.get(HTTPHEADER.CONTENT_TYPE)) @@ -93,7 +90,7 @@ class SmartRedirectHandler(urllib2.HTTPRedirectHandler): dbgMsg += "redirect response content (%s)" % msg logger.debug(dbgMsg) - if kb.redirectChoice == REDIRECTION.FOLLOW or kb.originalPage is None: + if kb.redirectChoice == REDIRECTION.YES or kb.originalPage is None: req.headers[HTTPHEADER.HOST] = getHostHeader(redurl) result = urllib2.HTTPRedirectHandler.http_error_302(self, req, fp, code, msg, headers) else: