mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2025-01-24 08:14:24 +03:00
removing that boring message "reflective value found and filtered out" for headers case (we always include Uri header)
This commit is contained in:
parent
9f707febf5
commit
12f3024c8a
|
@ -2411,7 +2411,7 @@ def cpuThrottle(value):
|
|||
delay = 0.00001 * (value ** 2)
|
||||
time.sleep(delay)
|
||||
|
||||
def removeReflectiveValues(content, payload):
|
||||
def removeReflectiveValues(content, payload, suppressWarning=False):
|
||||
"""
|
||||
Neutralizes (static/marked) reflective values in a given content based on a payload
|
||||
(e.g. ?search=sql injection ---> ...value="sql%20injection")
|
||||
|
@ -2429,7 +2429,7 @@ def removeReflectiveValues(content, payload):
|
|||
|
||||
retVal = re.sub(regex, REFLECTED_VALUE_MARKER, content, re.I)
|
||||
|
||||
if retVal != content:
|
||||
if retVal != content and not suppressWarning:
|
||||
debugMsg = "reflective value found and filtered out"
|
||||
logger.debug(debugMsg)
|
||||
|
||||
|
|
|
@ -124,10 +124,9 @@ def __unionPosition(comment, place, parameter, value, prefix, suffix, count, whe
|
|||
|
||||
# Perform the request
|
||||
page, headers = Request.queryPage(payload, place=place, content=True, raise404=False)
|
||||
content = "%s%s".lower() % (page or "", listToStrValue(headers.headers if headers else None) or "")
|
||||
|
||||
# Remove possible reflective values from content (especially headers part)
|
||||
content = removeReflectiveValues(content, payload)
|
||||
content = "%s%s".lower() % (removeReflectiveValues(page, payload) or "", \
|
||||
removeReflectiveValues(listToStrValue(headers.headers if headers else None), \
|
||||
payload, True) or "")
|
||||
|
||||
if content and phrase in content:
|
||||
validPayload = payload
|
||||
|
|
|
@ -65,7 +65,7 @@ def __oneShotUnionUse(expression, unpack=True):
|
|||
# sql injection output
|
||||
output = extractRegexResult(check, removeReflectiveValues(page, payload), re.DOTALL | re.IGNORECASE) \
|
||||
or extractRegexResult(check, removeReflectiveValues(listToStrValue(headers.headers \
|
||||
if headers else None), payload), re.DOTALL | re.IGNORECASE)
|
||||
if headers else None), payload, True), re.DOTALL | re.IGNORECASE)
|
||||
|
||||
if output:
|
||||
output = getUnicode(output, kb.pageEncoding)
|
||||
|
|
Loading…
Reference in New Issue
Block a user