From 453a6fbc6f4e8597556a5fb6b3da7c429345c158 Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Wed, 17 Jul 2019 13:20:24 +0200 Subject: [PATCH] Update for #3831 --- lib/controller/checks.py | 2 +- lib/core/option.py | 9 +++++++++ lib/core/optiondict.py | 2 +- lib/core/settings.py | 2 +- lib/parse/cmdline.py | 2 +- lib/request/connect.py | 2 +- 6 files changed, 14 insertions(+), 5 deletions(-) diff --git a/lib/controller/checks.py b/lib/controller/checks.py index 6ed0e24a4..be0fc9f01 100644 --- a/lib/controller/checks.py +++ b/lib/controller/checks.py @@ -1518,7 +1518,7 @@ def checkConnection(suppressOutput=False): warnMsg += "which could interfere with the results of the tests" logger.warn(warnMsg) elif wasLastResponseHTTPError(): - if getLastRequestHTTPError() != conf.ignoreCode: + if getLastRequestHTTPError() not in (conf.ignoreCode or []): warnMsg = "the web server responded with an HTTP error code (%d) " % getLastRequestHTTPError() warnMsg += "which could interfere with the results of the tests" logger.warn(warnMsg) diff --git a/lib/core/option.py b/lib/core/option.py index 335850ab8..815664837 100644 --- a/lib/core/option.py +++ b/lib/core/option.py @@ -1555,6 +1555,15 @@ def _cleanupOptions(): else: conf.testParameter = [] + if conf.ignoreCode: + try: + conf.ignoreCode = [int(_) for _ in re.split(PARAMETER_SPLITTING_REGEX, conf.ignoreCode)] + except ValueError: + errMsg = "options '--ignore-code' should contain a list of integer values" + raise SqlmapSyntaxException(errMsg) + else: + conf.ignoreCode = [] + if conf.paramFilter: conf.paramFilter = [_.strip() for _ in re.split(PARAMETER_SPLITTING_REGEX, conf.paramFilter.upper())] else: diff --git a/lib/core/optiondict.py b/lib/core/optiondict.py index ad2dc6f5f..9ded226f8 100644 --- a/lib/core/optiondict.py +++ b/lib/core/optiondict.py @@ -38,7 +38,7 @@ optDict = { "authType": "string", "authCred": "string", "authFile": "string", - "ignoreCode": "integer", + "ignoreCode": "string", "ignoreProxy": "boolean", "ignoreRedirects": "boolean", "ignoreTimeouts": "boolean", diff --git a/lib/core/settings.py b/lib/core/settings.py index 9c1b101c2..b84ce06b9 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -18,7 +18,7 @@ from lib.core.enums import OS from thirdparty.six import unichr as _unichr # sqlmap version (...) -VERSION = "1.3.7.29" +VERSION = "1.3.7.30" TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable" TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34} VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE) diff --git a/lib/parse/cmdline.py b/lib/parse/cmdline.py index 8e1bb9af5..0d51f5d0d 100644 --- a/lib/parse/cmdline.py +++ b/lib/parse/cmdline.py @@ -176,7 +176,7 @@ def cmdLineParser(argv=None): request.add_argument("--auth-file", dest="authFile", help="HTTP authentication PEM cert/private key file") - request.add_argument("--ignore-code", dest="ignoreCode", type=int, + request.add_argument("--ignore-code", dest="ignoreCode", help="Ignore (problematic) HTTP error code (e.g. 401)") request.add_argument("--ignore-proxy", dest="ignoreProxy", action="store_true", diff --git a/lib/request/connect.py b/lib/request/connect.py index fec444c5f..70a2a4e97 100644 --- a/lib/request/connect.py +++ b/lib/request/connect.py @@ -646,7 +646,7 @@ class Connect(object): if not multipart: logger.log(CUSTOM_LOGGING.TRAFFIC_IN, responseMsg) - if ex.code != conf.ignoreCode: + if ex.code not in (conf.ignoreCode or []): if ex.code == _http_client.UNAUTHORIZED: errMsg = "not authorized, try to provide right HTTP " errMsg += "authentication type and valid credentials (%d)" % code