mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2024-11-26 03:23:48 +03:00
Proper fix for #1146 (/ has been escaped with \/ in output)
This commit is contained in:
parent
22484c8599
commit
17350fb4ec
|
@ -318,13 +318,11 @@ def _setRequestParams():
|
||||||
|
|
||||||
# Perform checks on header values
|
# Perform checks on header values
|
||||||
if conf.httpHeaders:
|
if conf.httpHeaders:
|
||||||
for httpHeader, headerValue in conf.httpHeaders:
|
for httpHeader, headerValue in list(conf.httpHeaders):
|
||||||
# Url encoding of the header values should be avoided
|
# Url encoding of the header values should be avoided
|
||||||
# Reference: http://stackoverflow.com/questions/5085904/is-ok-to-urlencode-the-value-in-headerlocation-value
|
# Reference: http://stackoverflow.com/questions/5085904/is-ok-to-urlencode-the-value-in-headerlocation-value
|
||||||
|
|
||||||
httpHeader = httpHeader.title()
|
if httpHeader.title() == HTTP_HEADER.USER_AGENT:
|
||||||
|
|
||||||
if httpHeader == HTTP_HEADER.USER_AGENT:
|
|
||||||
conf.parameters[PLACE.USER_AGENT] = urldecode(headerValue)
|
conf.parameters[PLACE.USER_AGENT] = urldecode(headerValue)
|
||||||
|
|
||||||
condition = any((not conf.testParameter, intersect(conf.testParameter, USER_AGENT_ALIASES, True)))
|
condition = any((not conf.testParameter, intersect(conf.testParameter, USER_AGENT_ALIASES, True)))
|
||||||
|
@ -333,7 +331,7 @@ def _setRequestParams():
|
||||||
conf.paramDict[PLACE.USER_AGENT] = {PLACE.USER_AGENT: headerValue}
|
conf.paramDict[PLACE.USER_AGENT] = {PLACE.USER_AGENT: headerValue}
|
||||||
testableParameters = True
|
testableParameters = True
|
||||||
|
|
||||||
elif httpHeader == HTTP_HEADER.REFERER:
|
elif httpHeader.title() == HTTP_HEADER.REFERER:
|
||||||
conf.parameters[PLACE.REFERER] = urldecode(headerValue)
|
conf.parameters[PLACE.REFERER] = urldecode(headerValue)
|
||||||
|
|
||||||
condition = any((not conf.testParameter, intersect(conf.testParameter, REFERER_ALIASES, True)))
|
condition = any((not conf.testParameter, intersect(conf.testParameter, REFERER_ALIASES, True)))
|
||||||
|
@ -342,7 +340,7 @@ def _setRequestParams():
|
||||||
conf.paramDict[PLACE.REFERER] = {PLACE.REFERER: headerValue}
|
conf.paramDict[PLACE.REFERER] = {PLACE.REFERER: headerValue}
|
||||||
testableParameters = True
|
testableParameters = True
|
||||||
|
|
||||||
elif httpHeader == HTTP_HEADER.HOST:
|
elif httpHeader.title() == HTTP_HEADER.HOST:
|
||||||
conf.parameters[PLACE.HOST] = urldecode(headerValue)
|
conf.parameters[PLACE.HOST] = urldecode(headerValue)
|
||||||
|
|
||||||
condition = any((not conf.testParameter, intersect(conf.testParameter, HOST_ALIASES, True)))
|
condition = any((not conf.testParameter, intersect(conf.testParameter, HOST_ALIASES, True)))
|
||||||
|
@ -351,6 +349,15 @@ def _setRequestParams():
|
||||||
conf.paramDict[PLACE.HOST] = {PLACE.HOST: headerValue}
|
conf.paramDict[PLACE.HOST] = {PLACE.HOST: headerValue}
|
||||||
testableParameters = True
|
testableParameters = True
|
||||||
|
|
||||||
|
else:
|
||||||
|
condition = intersect(conf.testParameter, [httpHeader], True)
|
||||||
|
|
||||||
|
if condition:
|
||||||
|
conf.parameters[PLACE.CUSTOM_HEADER] = str(conf.httpHeaders)
|
||||||
|
conf.paramDict[PLACE.CUSTOM_HEADER] = {httpHeader: "%s,%s%s" % (httpHeader, headerValue, CUSTOM_INJECTION_MARK_CHAR)}
|
||||||
|
conf.httpHeaders = [(header, value.replace(CUSTOM_INJECTION_MARK_CHAR, "")) for header, value in conf.httpHeaders]
|
||||||
|
testableParameters = True
|
||||||
|
|
||||||
if not conf.parameters:
|
if not conf.parameters:
|
||||||
errMsg = "you did not provide any GET, POST and Cookie "
|
errMsg = "you did not provide any GET, POST and Cookie "
|
||||||
errMsg += "parameter, neither an User-Agent, Referer or Host header value"
|
errMsg += "parameter, neither an User-Agent, Referer or Host header value"
|
||||||
|
|
|
@ -659,7 +659,7 @@ class Connect(object):
|
||||||
if conn and getattr(conn, "redurl", None):
|
if conn and getattr(conn, "redurl", None):
|
||||||
_ = urlparse.urlsplit(conn.redurl)
|
_ = urlparse.urlsplit(conn.redurl)
|
||||||
_ = ("%s%s" % (_.path or "/", ("?%s" % _.query) if _.query else ""))
|
_ = ("%s%s" % (_.path or "/", ("?%s" % _.query) if _.query else ""))
|
||||||
requestMsg = re.sub("(\n[A-Z]+ ).+?( HTTP/\d)", "\g<1>%s\g<2>" % re.escape(getUnicode(_)), requestMsg, 1)
|
requestMsg = re.sub("(\n[A-Z]+ ).+?( HTTP/\d)", "\g<1>%s\g<2>" % getUnicode(_).replace("\\", "\\\\"), requestMsg, 1)
|
||||||
|
|
||||||
if kb.resendPostOnRedirect is False:
|
if kb.resendPostOnRedirect is False:
|
||||||
requestMsg = re.sub("(\[#\d+\]:\n)POST ", "\g<1>GET ", requestMsg)
|
requestMsg = re.sub("(\[#\d+\]:\n)POST ", "\g<1>GET ", requestMsg)
|
||||||
|
|
Loading…
Reference in New Issue
Block a user