From 50fd6ce7f71ab6b14e41dce5edabef4e7b6c4f98 Mon Sep 17 00:00:00 2001 From: ricterz Date: Tue, 24 Mar 2015 10:30:38 +0800 Subject: [PATCH] add websocket support for parse url #1198 --- lib/core/common.py | 3 ++- lib/core/target.py | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/lib/core/common.py b/lib/core/common.py index 62d2bb664..c6b57846d 100755 --- a/lib/core/common.py +++ b/lib/core/common.py @@ -1248,7 +1248,8 @@ def parseTargetUrl(): errMsg += "on this platform" raise SqlmapGenericException(errMsg) - if not re.search("^http[s]*://", conf.url, re.I): + if not re.search("^http[s]*://", conf.url, re.I) and \ + not re.search("^ws[s]*://", conf.url, re.I): if ":443/" in conf.url: conf.url = "https://" + conf.url else: diff --git a/lib/core/target.py b/lib/core/target.py index bd6379e14..90d2a68bd 100644 --- a/lib/core/target.py +++ b/lib/core/target.py @@ -211,7 +211,7 @@ def _setRequestParams(): kb.processUserMarks = True if (kb.postHint and CUSTOM_INJECTION_MARK_CHAR in conf.data) else kb.processUserMarks - if re.search(URI_INJECTABLE_REGEX, conf.url, re.I) and not any(place in conf.parameters for place in (PLACE.GET, PLACE.POST)) and not kb.postHint and not CUSTOM_INJECTION_MARK_CHAR in (conf.data or ""): + if re.search(URI_INJECTABLE_REGEX, conf.url, re.I) and not any(place in conf.parameters for place in (PLACE.GET, PLACE.POST)) and not kb.postHint and not CUSTOM_INJECTION_MARK_CHAR in (conf.data or "") and conf.url.startswith("http"): warnMsg = "you've provided target URL without any GET " warnMsg += "parameters (e.g. www.site.com/article.php?id=1) " warnMsg += "and without providing any POST parameters "