sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-02-09 08:00:36 +03:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'master' of github.com:sqlmapproject/sqlmap

Browse Source
This commit is contained in:
Bernardo Damele 2013-01-17 21:03:11 +00:00
commit 38eb4eb33e
2 changed files with 23 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
lib/request/connect.py
View File

@ -105,8 +105,8 @@ class Connect(object):
warnMsg += "from previous timed based payload. If the problem " warnMsg += "from previous timed based payload. If the problem "
warnMsg += "persists please wait for few minutes and rerun " warnMsg += "persists please wait for few minutes and rerun "
warnMsg += "without flag T in option '--technique' " warnMsg += "without flag T in option '--technique' "
warnMsg += "(e.g. --flush-session --technique=BEUS) or try to " warnMsg += "(e.g. '--flush-session --technique=BEUS') or try to "
warnMsg += "lower the value of option '--time-sec' (e.g. --time-sec=2)" warnMsg += "lower the value of option '--time-sec' (e.g. '--time-sec=2')"
singleTimeWarnMessage(warnMsg) singleTimeWarnMessage(warnMsg)
elif kb.originalPage is None: elif kb.originalPage is None:
if conf.tor: if conf.tor:
@ -115,18 +115,18 @@ class Connect(object):
warnMsg += "you could successfully use " warnMsg += "you could successfully use "
warnMsg += "switch '--tor' " warnMsg += "switch '--tor' "
if IS_WIN: if IS_WIN:
warnMsg += "(e.g. https://www.torproject.org/download/download.html.en)" warnMsg += "(e.g. 'https://www.torproject.org/download/download.html.en')"
else: else:
warnMsg += "(e.g. https://help.ubuntu.com/community/Tor)" warnMsg += "(e.g. 'https://help.ubuntu.com/community/Tor')"
else: else:
warnMsg = "if the problem persists please check that the provided " warnMsg = "if the problem persists please check that the provided "
warnMsg += "target url is valid. In case that it is, you can try to rerun " warnMsg += "target url is valid. In case that it is, you can try to rerun "
warnMsg += "with the switch '--random-agent' turned on " warnMsg += "with the switch '--random-agent' turned on "
warnMsg += "and/or proxy switches (--ignore-proxy, --proxy,...)" warnMsg += "and/or proxy switches ('--ignore-proxy', '--proxy',...)"
singleTimeWarnMessage(warnMsg) singleTimeWarnMessage(warnMsg)
elif conf.threads > 1: elif conf.threads > 1:
warnMsg = "if the problem persists please try to lower " warnMsg = "if the problem persists please try to lower "
warnMsg += "the number of used threads (--threads)" warnMsg += "the number of used threads (option '--threads')"
singleTimeWarnMessage(warnMsg) singleTimeWarnMessage(warnMsg)
time.sleep(1) time.sleep(1)

19
lib/request/redirecthandler.py
View File

@ -16,6 +16,7 @@ from lib.core.common import logHTTPTraffic
from lib.core.common import readInput from lib.core.common import readInput
from lib.core.enums import CUSTOM_LOGGING from lib.core.enums import CUSTOM_LOGGING
from lib.core.enums import HTTPHEADER from lib.core.enums import HTTPHEADER
from lib.core.enums import HTTPMETHOD
from lib.core.enums import REDIRECTION from lib.core.enums import REDIRECTION
from lib.core.exception import SqlmapConnectionException from lib.core.exception import SqlmapConnectionException
from lib.core.settings import MAX_CONNECTION_CHUNK_SIZE from lib.core.settings import MAX_CONNECTION_CHUNK_SIZE
@ -37,7 +38,7 @@ class SmartRedirectHandler(urllib2.HTTPRedirectHandler):
return retVal return retVal
def _ask_redirect_choice(self, redcode, redurl): def _ask_redirect_choice(self, redcode, redurl, method):
with kb.locks.redirect: with kb.locks.redirect:
if kb.redirectChoice is None: if kb.redirectChoice is None:
msg = "sqlmap got a %d redirect to " % redcode msg = "sqlmap got a %d redirect to " % redcode
@ -46,6 +47,20 @@ class SmartRedirectHandler(urllib2.HTTPRedirectHandler):
kb.redirectChoice = choice.upper() kb.redirectChoice = choice.upper()
if kb.redirectChoice == REDIRECTION.YES and method == HTTPMETHOD.POST:
msg = "redirect is a result of a "
msg += "POST request. Do you want to "
msg += "resend original POST data to a new "
msg += "location? [%s] " % ("Y/n" if not kb.originalPage else "y/N")
choice = readInput(msg, default=("Y" if not kb.originalPage else "N"))
if choice.upper() == 'Y':
self.redirect_request = self._redirect_request
def _redirect_request(self, req, fp, code, msg, headers, newurl):
newurl = newurl.replace(' ', '%20')
return urllib2.Request(newurl, data=req.data, headers=req.headers, origin_req_host=req.get_origin_req_host())
def http_error_302(self, req, fp, code, msg, headers): def http_error_302(self, req, fp, code, msg, headers):
content = None content = None
redurl = self._get_header_redirect(headers) redurl = self._get_header_redirect(headers)
@ -89,7 +104,7 @@ class SmartRedirectHandler(urllib2.HTTPRedirectHandler):
redurl = urlparse.urljoin(req.get_full_url(), redurl) redurl = urlparse.urljoin(req.get_full_url(), redurl)
self._infinite_loop_check(req) self._infinite_loop_check(req)
self._ask_redirect_choice(code, redurl) self._ask_redirect_choice(code, redurl, req.get_method())
if redurl and kb.redirectChoice == REDIRECTION.YES: if redurl and kb.redirectChoice == REDIRECTION.YES:
req.headers[HTTPHEADER.HOST] = getHostHeader(redurl) req.headers[HTTPHEADER.HOST] = getHostHeader(redurl)