modifying redirection code for only two choices

2024-11-25 19:13:48 +03:00 · 2012-03-18 17:27:08 +00:00 · 2012-03-18 17:27:08 +00:00 · 0fc4288a7c
commit 0fc4288a7c
parent c03d0e24fb
5 changed files with 14 additions and 18 deletions
--- a/lib/controller/checks.py
+++ b/lib/controller/checks.py
@ -720,7 +720,7 @@ def checkDynamicContent(firstPage, secondPage):

            if count > conf.retries:
                warnMsg = "target url is too dynamic. "
-                warnMsg += "switching to '--text-only' "
+                warnMsg += "Switching to '--text-only' "
                logger.warn(warnMsg)

                conf.textOnly = True
@ -744,9 +744,6 @@ def checkStability():
    like for instance string matching (--string).
    """

-    if kb.redirectChoice:
-        return None
-
    infoMsg = "testing if the url is stable, wait a few seconds"
    logger.info(infoMsg)

@ -754,6 +751,9 @@ def checkStability():
    time.sleep(1)
    secondPage, _ = Request.queryPage(content=True, raise404=False)

+    if kb.redirectChoice:
+        return None
+
    kb.pageStable = (firstPage == secondPage)

    if kb.pageStable:
--- a/lib/core/enums.py
+++ b/lib/core/enums.py
@ -152,9 +152,8 @@ class HASHDB_KEYS:
    KB_DYNAMIC_MARKINGS = "KB_DYNAMIC_MARKINGS"

 class REDIRECTION:
-    FOLLOW = "1"
-    ORIGINAL = "2"
-    IGNORE = "3"
+    YES = "Y"
+    NO = "N"

 class PAYLOAD:
    SQLINJECTION = {
--- a/lib/request/comparison.py
+++ b/lib/request/comparison.py
@ -29,6 +29,7 @@ from lib.core.settings import UPPER_RATIO_BOUND
 from lib.core.threads import getCurrentThreadData

 def comparison(page, headers, code=None, getRatioValue=False, pageLength=None):
+    print "AA: ", page[:100]
    if page is None and pageLength is None:
        return None

--- a/lib/request/connect.py
+++ b/lib/request/connect.py
@ -305,11 +305,10 @@ class Connect:

            # Get HTTP response
            if hasattr(conn, 'redurl'):
-                page = threadData.lastRedirectMsg[1] if kb.redirectChoice == REDIRECTION.IGNORE\
-                  else kb.pageTemplate if kb.redirectChoice == REDIRECTION.ORIGINAL\
+                page = threadData.lastRedirectMsg[1] if kb.redirectChoice == REDIRECTION.NO\
                  else conn.read()
-                skipLogTraffic = kb.redirectChoice != REDIRECTION.FOLLOW
-                code = conn.redcode if kb.redirectChoice != REDIRECTION.ORIGINAL else kb.originalCode
+                skipLogTraffic = kb.redirectChoice == REDIRECTION.NO
+                code = conn.redcode
            else:
                page = conn.read()

--- a/lib/request/redirecthandler.py
+++ b/lib/request/redirecthandler.py
@ -40,13 +40,10 @@ class SmartRedirectHandler(urllib2.HTTPRedirectHandler):
    def _ask_redirect_choice(self, redcode, redurl):
        if kb.redirectChoice is None and kb.originalPage:
            msg = "sqlmap got a %d redirect to " % redcode
-            msg += "'%s'. What do you want to do? " % redurl
-            msg += "\n[1] Follow the redirection (default)"
-            msg += "\n[2] Stay on the original page"
-            msg += "\n[3] Ignore"
-            choice = readInput(msg, default="1")
+            msg += "'%s'. Do you want to follow? [Y/n] " % redurl
+            choice = readInput(msg, default="Y")

-            kb.redirectChoice = choice
+            kb.redirectChoice = choice.upper()

    def _process_http_redirect(self, result, headers, code, content, msg, redurl):
        content = decodePage(content, headers.get(HTTPHEADER.CONTENT_ENCODING), headers.get(HTTPHEADER.CONTENT_TYPE))
@ -93,7 +90,7 @@ class SmartRedirectHandler(urllib2.HTTPRedirectHandler):
            dbgMsg += "redirect response content (%s)" % msg
            logger.debug(dbgMsg)

-        if kb.redirectChoice == REDIRECTION.FOLLOW or kb.originalPage is None:
+        if kb.redirectChoice == REDIRECTION.YES or kb.originalPage is None:
            req.headers[HTTPHEADER.HOST] = getHostHeader(redurl)
            result = urllib2.HTTPRedirectHandler.http_error_302(self, req, fp, code, msg, headers)
        else: