Update for #3831

2024-11-25 02:53:46 +03:00 · 2019-07-17 13:20:24 +02:00 · 2019-07-17 13:20:24 +02:00 · 453a6fbc6f
commit 453a6fbc6f
parent 9d0f446c24
6 changed files with 14 additions and 5 deletions
--- a/lib/controller/checks.py
+++ b/lib/controller/checks.py
@ -1518,7 +1518,7 @@ def checkConnection(suppressOutput=False):
            warnMsg += "which could interfere with the results of the tests"
            logger.warn(warnMsg)
        elif wasLastResponseHTTPError():
-            if getLastRequestHTTPError() != conf.ignoreCode:
+            if getLastRequestHTTPError() not in (conf.ignoreCode or []):
                warnMsg = "the web server responded with an HTTP error code (%d) " % getLastRequestHTTPError()
                warnMsg += "which could interfere with the results of the tests"
                logger.warn(warnMsg)
--- a/lib/core/option.py
+++ b/lib/core/option.py
@ -1555,6 +1555,15 @@ def _cleanupOptions():
    else:
        conf.testParameter = []

+    if conf.ignoreCode:
+        try:
+            conf.ignoreCode = [int(_) for _ in re.split(PARAMETER_SPLITTING_REGEX, conf.ignoreCode)]
+        except ValueError:
+            errMsg = "options '--ignore-code' should contain a list of integer values"
+            raise SqlmapSyntaxException(errMsg)
+    else:
+        conf.ignoreCode = []
+
    if conf.paramFilter:
        conf.paramFilter = [_.strip() for _ in re.split(PARAMETER_SPLITTING_REGEX, conf.paramFilter.upper())]
    else:
--- a/lib/core/optiondict.py
+++ b/lib/core/optiondict.py
@ -38,7 +38,7 @@ optDict = {
        "authType": "string",
        "authCred": "string",
        "authFile": "string",
-        "ignoreCode": "integer",
+        "ignoreCode": "string",
        "ignoreProxy": "boolean",
        "ignoreRedirects": "boolean",
        "ignoreTimeouts": "boolean",
--- a/lib/core/settings.py
+++ b/lib/core/settings.py
@ -18,7 +18,7 @@ from lib.core.enums import OS
 from thirdparty.six import unichr as _unichr

 # sqlmap version (<major>.<minor>.<month>.<monthly commit>)
-VERSION = "1.3.7.29"
+VERSION = "1.3.7.30"
 TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
 TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
 VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
--- a/lib/parse/cmdline.py
+++ b/lib/parse/cmdline.py
@ -176,7 +176,7 @@ def cmdLineParser(argv=None):
        request.add_argument("--auth-file", dest="authFile",
            help="HTTP authentication PEM cert/private key file")

-        request.add_argument("--ignore-code", dest="ignoreCode", type=int,
+        request.add_argument("--ignore-code", dest="ignoreCode",
            help="Ignore (problematic) HTTP error code (e.g. 401)")

        request.add_argument("--ignore-proxy", dest="ignoreProxy", action="store_true",
--- a/lib/request/connect.py
+++ b/lib/request/connect.py
@ -646,7 +646,7 @@ class Connect(object):
            if not multipart:
                logger.log(CUSTOM_LOGGING.TRAFFIC_IN, responseMsg)

-            if ex.code != conf.ignoreCode:
+            if ex.code not in (conf.ignoreCode or []):
                if ex.code == _http_client.UNAUTHORIZED:
                    errMsg = "not authorized, try to provide right HTTP "
                    errMsg += "authentication type and valid credentials (%d)" % code