From 6397704456ab64f40b105491d58fd0b592241920 Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Thu, 3 Dec 2015 01:43:37 +0100 Subject: [PATCH] Patch for an Issue #1578 --- lib/core/option.py | 2 +- lib/request/connect.py | 9 +++++++++ 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/lib/core/option.py b/lib/core/option.py index d3a7e64dd..795924866 100644 --- a/lib/core/option.py +++ b/lib/core/option.py @@ -1376,7 +1376,7 @@ def _setHTTPExtraHeaders(): errMsg = "invalid header value: %s. Valid header format is 'name:value'" % repr(headerValue).lstrip('u') raise SqlmapSyntaxException(errMsg) - elif not conf.httpHeaders or len(conf.httpHeaders) == 1: + elif not conf.requestFile and len(conf.httpHeaders or []) < 2: conf.httpHeaders.append((HTTP_HEADER.ACCEPT_LANGUAGE, "en-us,en;q=0.5")) if not conf.charset: conf.httpHeaders.append((HTTP_HEADER.ACCEPT_CHARSET, "ISO-8859-15,utf-8;q=0.7,*;q=0.7")) diff --git a/lib/request/connect.py b/lib/request/connect.py index 40e873fe3..93414961e 100644 --- a/lib/request/connect.py +++ b/lib/request/connect.py @@ -343,6 +343,9 @@ class Connect(object): # Prepare HTTP headers headers = forgeHeaders({HTTP_HEADER.COOKIE: cookie, HTTP_HEADER.USER_AGENT: ua, HTTP_HEADER.REFERER: referer, HTTP_HEADER.HOST: host}) + if HTTP_HEADER.COOKIE in headers: + cookie = headers[HTTP_HEADER.COOKIE] + if kb.authHeader: headers[HTTP_HEADER.AUTHORIZATION] = kb.authHeader @@ -370,6 +373,12 @@ class Connect(object): if boundary: headers[HTTP_HEADER.CONTENT_TYPE] = "%s; boundary=%s" % (headers[HTTP_HEADER.CONTENT_TYPE], boundary) + # Reset header values to original in case of provided request file + if target and conf.requestFile: + headers = OrderedDict(conf.httpHeaders) + if cookie: + headers[HTTP_HEADER.COOKIE] = cookie + if auxHeaders: for key, value in auxHeaders.items(): for _ in headers.keys():