implementation of Feature #176 (Safe URL: avoid being kicked out after N unsuccessful requests)

2024-11-25 02:53:46 +03:00 · 2010-04-16 12:44:47 +00:00 · 2010-04-16 12:44:47 +00:00 · 1aeaa5db47
commit 1aeaa5db47
parent e11d511cad
5 changed files with 43 additions and 2 deletions
--- a/lib/core/option.py
+++ b/lib/core/option.py
@ -549,6 +549,23 @@ def __setHTTPProxy():
    else:
        proxyHandler = urllib2.ProxyHandler({"http": __proxyString})

+def __setSafeUrl():
+    """
+    Check and set the safe URL options.
+    """
+    if not conf.safUrl:
+        return
+
+    if not re.search("^http[s]*://", conf.safUrl):
+        if ":443/" in conf.safUrl:
+            conf.safUrl = "https://" + conf.safUrl
+        else:
+            conf.safUrl = "http://" + conf.safUrl
+
+    if conf.saFreq <= 0:
+        errMsg = "please provide a valid value (>0) for safe frequency (--safe-freq) while using safe url feature"
+        raise sqlmapSyntaxException, errMsg
+
 def __setHTTPAuthentication():
    """
    Check and set the HTTP(s) authentication method (Basic, Digest, NTLM or Certificate),
@ -929,6 +946,7 @@ def __setKnowledgeBaseAttributes():
    kb.osSP           = None

    kb.parenthesis    = None
+    kb.queryCounter   = 0
    kb.resumedQueries = {}
    kb.stackedTest    = None
    kb.targetUrls     = set()
@ -1061,6 +1079,7 @@ def init(inputOptions=advancedDict()):
        __setHTTPMethod()
        __setHTTPAuthentication()
        __setHTTPProxy()
+        __setSafeUrl()
        __setUnionTech()
        __setGoogleDorking()
        __setMultipleTargets()
--- a/lib/core/optiondict.py
+++ b/lib/core/optiondict.py
@ -52,7 +52,9 @@ optDict = {
                               "delay":             "float",
                               "timeout":           "float",
                               "retries":           "integer",
-                               "scope":             "string"
+                               "scope":             "string",
+                               "safUrl":            "string",
+                               "saFreq":            "integer"
                             },

            "Injection":     {
--- a/lib/parse/cmdline.py
+++ b/lib/parse/cmdline.py
@ -136,6 +136,12 @@ def cmdLineParser():
        request.add_option("--scope", dest="scope", 
                           help="Regexp to filter targets from provided proxy log")

+        request.add_option("--safe-url", dest="safUrl", 
+                           help="Url address to visit frequently during testing")
+
+        request.add_option("--safe-freq", dest="saFreq", type="int", default=0,
+                           help="Test requests between two visits to a given safe url")
+
        # Injection options
        injection = OptionGroup(parser, "Injection", "These options can be "
                                "used to specify which parameters to test "
--- a/lib/request/connect.py
+++ b/lib/request/connect.py
@ -299,7 +299,12 @@ class Connect:
                ua = value
            else:
                ua = conf.parameters["User-Agent"]
-
+        
+        if conf.safUrl and conf.saFreq > 0:
+            kb.queryCounter += 1
+            if kb.queryCounter % conf.saFreq == 0:
+                Connect.getPage(url=conf.safUrl, cookie=cookie, direct=True, silent=True, ua=ua)
+        
        page, headers = Connect.getPage(get=get, post=post, cookie=cookie, ua=ua, silent=silent)

        if content:
--- a/sqlmap.conf
+++ b/sqlmap.conf
@ -119,6 +119,15 @@ retries = 3
 # Example: (google|yahoo)
 scope = 

+# Url address to visit frequently during testing
+# Example: http://192.168.1.121/index.html
+safUrl = 
+
+# Test requests between two visits to a given safe url (default 0)
+# Valid: integer
+# Default: 0
+saFreq = 0
+

 # These options can be used to specify which parameters to test for,
 # provide custom injection payloads and how to parse and compare HTTP