sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-01-23 15:54:24 +03:00
Code Issues Packages Projects Releases Wiki Activity

Fixes #1357

Browse Source
This commit is contained in:
Miroslav Stampar 2015-08-25 02:03:56 +02:00
parent 76c8ce0e70
commit 1f5e6606a7
1 changed files with 10 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
lib/request/connect.py
View File

@ -893,7 +893,12 @@ class Connect(object):
originals = {}
keywords = keyword.kwlist
for item in filter(None, (get, post if not kb.postHint else None)):
if not get and PLACE.URI in conf.parameters:
query = urlparse.urlsplit(uri).query or ""
else:
query = None
for item in filter(None, (get, post if not kb.postHint else None, query)):
for part in item.split(delimiter):
if '=' in part:
name, value = part.split('=', 1)
@ -956,6 +961,10 @@ class Connect(object):
found = True
post = re.sub(regex, "\g<1>%s\g<3>" % value, post)
if re.search(regex, (query or "")):
found = True
uri = re.sub(regex.replace(r"\A", r"\?"), "\g<1>%s\g<3>" % value, uri)
regex = r"((\A|%s)%s=).+?(%s|\Z)" % (re.escape(conf.cookieDel or DEFAULT_COOKIE_DELIMITER), name, re.escape(conf.cookieDel or DEFAULT_COOKIE_DELIMITER))
if re.search(regex, (cookie or "")):
found = True