mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2024-11-22 09:36:35 +03:00
Fixes #3425
This commit is contained in:
Miroslav Stampar
parent
45c699e9cf
commit
37449262df
|
|
@ -4598,9 +4598,8 @@ def parseRequestFile(reqFile, checkParams=True):
|
||||||
reqResList = re.finditer(BURP_REQUEST_REGEX, content, re.I | re.S)
|
reqResList = re.finditer(BURP_REQUEST_REGEX, content, re.I | re.S)
|
||||||
|
|
||||||
for match in reqResList:
|
for match in reqResList:
|
||||||
request = match if isinstance(match, basestring) else match.group(0)
|
request = match if isinstance(match, basestring) else match.group(1)
|
||||||
request = re.sub(r"\A[^\w]+", "", request)
|
request = re.sub(r"\A[^\w]+", "", request)
|
||||||
|
|
||||||
schemePort = re.search(r"(http[\w]*)\:\/\/.*?\:([\d]+).+?={10,}", request, re.I | re.S)
|
schemePort = re.search(r"(http[\w]*)\:\/\/.*?\:([\d]+).+?={10,}", request, re.I | re.S)
|
||||||
|
|
||||||
if schemePort:
|
if schemePort:
|
||||||
|
|
|
||||||
|
|
@ -100,6 +100,7 @@ from lib.core.optiondict import optDict
|
||||||
from lib.core.settings import CODECS_LIST_PAGE
|
from lib.core.settings import CODECS_LIST_PAGE
|
||||||
from lib.core.settings import CUSTOM_INJECTION_MARK_CHAR
|
from lib.core.settings import CUSTOM_INJECTION_MARK_CHAR
|
||||||
from lib.core.settings import DBMS_ALIASES
|
from lib.core.settings import DBMS_ALIASES
|
||||||
|
from lib.core.settings import DEFAULT_GET_POST_DELIMITER
|
||||||
from lib.core.settings import DEFAULT_PAGE_ENCODING
|
from lib.core.settings import DEFAULT_PAGE_ENCODING
|
||||||
from lib.core.settings import DEFAULT_TOR_HTTP_PORTS
|
from lib.core.settings import DEFAULT_TOR_HTTP_PORTS
|
||||||
from lib.core.settings import DEFAULT_TOR_SOCKS_PORTS
|
from lib.core.settings import DEFAULT_TOR_SOCKS_PORTS
|
||||||
|
|
@ -223,10 +224,11 @@ def _setMultipleTargets():
|
||||||
|
|
||||||
if os.path.isfile(conf.logFile):
|
if os.path.isfile(conf.logFile):
|
||||||
for target in parseRequestFile(conf.logFile):
|
for target in parseRequestFile(conf.logFile):
|
||||||
url = target[0]
|
url, _, data, _, _ = target
|
||||||
if url not in seen:
|
key = re.sub(r"(\w+=)[^%s ]*" % (conf.paramDel or DEFAULT_GET_POST_DELIMITER), r"\g<1>", "%s %s" % (url, data))
|
||||||
|
if key not in seen:
|
||||||
kb.targets.add(target)
|
kb.targets.add(target)
|
||||||
seen.add(url)
|
seen.add(key)
|
||||||
|
|
||||||
elif os.path.isdir(conf.logFile):
|
elif os.path.isdir(conf.logFile):
|
||||||
files = os.listdir(conf.logFile)
|
files = os.listdir(conf.logFile)
|
||||||
|
|
@ -237,10 +239,11 @@ def _setMultipleTargets():
|
||||||
continue
|
continue
|
||||||
|
|
||||||
for target in parseRequestFile(os.path.join(conf.logFile, reqFile)):
|
for target in parseRequestFile(os.path.join(conf.logFile, reqFile)):
|
||||||
url = target[0]
|
url, _, data, _, _ = target
|
||||||
if url not in seen:
|
key = re.sub(r"(\w+=)[^%s ]*" % (conf.paramDel or DEFAULT_GET_POST_DELIMITER), r"\g<1>", "%s %s" % (url, data))
|
||||||
|
if key not in seen:
|
||||||
kb.targets.add(target)
|
kb.targets.add(target)
|
||||||
seen.add(url)
|
seen.add(key)
|
||||||
|
|
||||||
else:
|
else:
|
||||||
errMsg = "the specified list of targets is not a file "
|
errMsg = "the specified list of targets is not a file "
|
||||||
|
|
|
||||||
|
|
@ -19,7 +19,7 @@ from lib.core.enums import DBMS_DIRECTORY_NAME
|
||||||
from lib.core.enums import OS
|
from lib.core.enums import OS
|
||||||
|
|
||||||
# sqlmap version (<major>.<minor>.<month>.<monthly commit>)
|
# sqlmap version (<major>.<minor>.<month>.<monthly commit>)
|
||||||
VERSION = "1.3.1.1"
|
VERSION = "1.3.1.2"
|
||||||
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
|
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
|
||||||
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
|
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
|
||||||
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
|
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
|
||||||
|
|
@ -360,7 +360,7 @@ COMMON_PASSWORD_SUFFIXES += ("!", ".", "*", "!!", "?", ";", "..", "!!!", ", ", "
|
||||||
WEBSCARAB_SPLITTER = "### Conversation"
|
WEBSCARAB_SPLITTER = "### Conversation"
|
||||||
|
|
||||||
# Splitter used between requests in BURP log files
|
# Splitter used between requests in BURP log files
|
||||||
BURP_REQUEST_REGEX = r"={10,}\s+[^=]+={10,}\s(.+?)\s={10,}"
|
BURP_REQUEST_REGEX = r"={10,}\s+([A-Z]{3,} .+?)\s+={10,}"
|
||||||
|
|
||||||
# Regex used for parsing XML Burp saved history items
|
# Regex used for parsing XML Burp saved history items
|
||||||
BURP_XML_HISTORY_REGEX = r'<port>(\d+)</port>.+?<request base64="true"><!\[CDATA\[([^]]+)'
|
BURP_XML_HISTORY_REGEX = r'<port>(\d+)</port>.+?<request base64="true"><!\[CDATA\[([^]]+)'
|
||||||
|
|
|
||||||
|
|
@ -29,7 +29,7 @@ e97a9d34fef5761a8eab6432ce3c7c53 lib/controller/handler.py
|
||||||
fb6be55d21a70765e35549af2484f762 lib/controller/__init__.py
|
fb6be55d21a70765e35549af2484f762 lib/controller/__init__.py
|
||||||
6da66134fec9d81492e5b7c7241fdbd9 lib/core/agent.py
|
6da66134fec9d81492e5b7c7241fdbd9 lib/core/agent.py
|
||||||
fdabbf8dda7277e5f4e3d0a6252cffb6 lib/core/bigarray.py
|
fdabbf8dda7277e5f4e3d0a6252cffb6 lib/core/bigarray.py
|
||||||
61e6d5e091588bf8e33fb1d92f23868a lib/core/common.py
|
4706fb856c1662ef5afd747544d0d8cb lib/core/common.py
|
||||||
de8d27ae6241163ff9e97aa9e7c51a18 lib/core/convert.py
|
de8d27ae6241163ff9e97aa9e7c51a18 lib/core/convert.py
|
||||||
abcb1121eb56d3401839d14e8ed06b6e lib/core/data.py
|
abcb1121eb56d3401839d14e8ed06b6e lib/core/data.py
|
||||||
db60c6ebb63b72ed119e304b359fc1a6 lib/core/datatype.py
|
db60c6ebb63b72ed119e304b359fc1a6 lib/core/datatype.py
|
||||||
|
|
@ -42,14 +42,14 @@ b7c912e2af7a3354f6d7c04f556a80b2 lib/core/decorators.py
|
||||||
fb6be55d21a70765e35549af2484f762 lib/core/__init__.py
|
fb6be55d21a70765e35549af2484f762 lib/core/__init__.py
|
||||||
18c896b157b03af716542e5fe9233ef9 lib/core/log.py
|
18c896b157b03af716542e5fe9233ef9 lib/core/log.py
|
||||||
fa9f24e88c81a6cef52da3dd5e637010 lib/core/optiondict.py
|
fa9f24e88c81a6cef52da3dd5e637010 lib/core/optiondict.py
|
||||||
83d9f55dad3915ff66ce7f2f21452bc2 lib/core/option.py
|
95b2bc1fd01393771fc0cd239b2fe05a lib/core/option.py
|
||||||
fe370021c6bc99daf44b2bfc0d1effb3 lib/core/patch.py
|
fe370021c6bc99daf44b2bfc0d1effb3 lib/core/patch.py
|
||||||
0f1d79ada721cf6def611b21b03d68af lib/core/profiling.py
|
0f1d79ada721cf6def611b21b03d68af lib/core/profiling.py
|
||||||
5e2c16a8e2daee22dd545df13386e7a3 lib/core/readlineng.py
|
5e2c16a8e2daee22dd545df13386e7a3 lib/core/readlineng.py
|
||||||
9a7d68d5fa01561500423791f15cc676 lib/core/replication.py
|
9a7d68d5fa01561500423791f15cc676 lib/core/replication.py
|
||||||
3179d34f371e0295dd4604568fb30bcd lib/core/revision.py
|
3179d34f371e0295dd4604568fb30bcd lib/core/revision.py
|
||||||
d6269c55789f78cf707e09a0f5b45443 lib/core/session.py
|
d6269c55789f78cf707e09a0f5b45443 lib/core/session.py
|
||||||
0128758c83a31ba80424336cc45f1e6e lib/core/settings.py
|
b1e0f0672f00611ad7f9d3a467d53649 lib/core/settings.py
|
||||||
a8a7501d1e6b21669b858a62e921d191 lib/core/shell.py
|
a8a7501d1e6b21669b858a62e921d191 lib/core/shell.py
|
||||||
5dc606fdf0afefd4b305169c21ab2612 lib/core/subprocessng.py
|
5dc606fdf0afefd4b305169c21ab2612 lib/core/subprocessng.py
|
||||||
eec3080ba5baca44c6de4595f1c92a0d lib/core/target.py
|
eec3080ba5baca44c6de4595f1c92a0d lib/core/target.py
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue
Block a user