upgrade of web directory parsing for things like C:/xampp/htdocs/sqlmap/mysql/get_int.php (XAMPP uses this)

2025-02-03 05:04:11 +03:00 · 2010-02-03 15:06:41 +00:00 · 2010-02-03 15:06:41 +00:00 · 25f1a9c7d0
commit 25f1a9c7d0
parent 87c8bdbc29
2 changed files with 4 additions and 3 deletions
--- a/lib/core/common.py
+++ b/lib/core/common.py
@ -235,7 +235,7 @@ def getDocRoot():
            absFilePath = normalizePath(absFilePath)
            absFilePathWin = None

-            if re.match("[A-Za-z]:(\\[\w.\\]*)?", absFilePath):
+            if re.match("[A-Za-z]:([\\/][\w.\\/]*)?", absFilePath):
                absFilePathWin = absFilePath
                absFilePath    = absFilePath[2:].replace("\\", "/")
            
--- a/lib/request/basic.py
+++ b/lib/request/basic.py
@ -73,17 +73,18 @@ def parseResponse(page, headers):
        # Detect injectable page absolute system path
        # NOTE: this regular expression works if the remote web application
        # is written in PHP and debug/error messages are enabled.
-        absFilePathsRegExp = ( r" in <b>(?P<result>.*?)</b> on line",  r"\b(?P<result>[A-Za-z]:(\\[\w.\\]*)?)", r"(\A|[^<])(?P<result>/[/\w.]+)" )
+        absFilePathsRegExp = ( r" in <b>(?P<result>.*?)</b> on line",  r"\b(?P<result>[A-Za-z]:([\\/][\w.\\/]*)?)", r"(\A|[^<])(?P<result>/[/\w.]+)" )

        for absFilePathRegExp in absFilePathsRegExp:
            reobj = re.compile(absFilePathRegExp)

            for match in reobj.finditer(page):
                absFilePath = match.group("result").strip()
-
+                page = page.replace(absFilePath, "")
                if absFilePath not in kb.absFilePaths:
                    dirname = directoryPath(absFilePath)
                    kb.absFilePaths.add(dirname)
+                    

 def decodePage(page, encoding):
    """