Patch for an Issue #1285

This commit is contained in:
Miroslav Stampar 2015-07-06 11:50:59 +02:00
parent 96327b6701
commit 6a1b3895f9

View File

@ -80,6 +80,7 @@ def _setRequestParams():
return return
testableParameters = False testableParameters = False
skipHeaders = False
# Perform checks on GET parameters # Perform checks on GET parameters
if conf.parameters.get(PLACE.GET): if conf.parameters.get(PLACE.GET):
@ -123,7 +124,13 @@ def _setRequestParams():
else: else:
kb.processUserMarks = not test or test[0] not in ("n", "N") kb.processUserMarks = not test or test[0] not in ("n", "N")
if kb.processUserMarks and "=%s" % CUSTOM_INJECTION_MARK_CHAR in conf.data: if kb.processUserMarks:
skipHeaders = True
conf.parameters.clear()
conf.paramDict.clear()
if "=%s" % CUSTOM_INJECTION_MARK_CHAR in conf.data:
warnMsg = "it seems that you've provided empty parameter value(s) " warnMsg = "it seems that you've provided empty parameter value(s) "
warnMsg += "for testing. Please, always use only valid parameter values " warnMsg += "for testing. Please, always use only valid parameter values "
warnMsg += "so sqlmap could be able to run properly" warnMsg += "so sqlmap could be able to run properly"
@ -241,7 +248,13 @@ def _setRequestParams():
else: else:
kb.processUserMarks = not test or test[0] not in ("n", "N") kb.processUserMarks = not test or test[0] not in ("n", "N")
if kb.processUserMarks and "=%s" % CUSTOM_INJECTION_MARK_CHAR in _: if kb.processUserMarks:
skipHeaders = True
conf.parameters.clear()
conf.paramDict.clear()
if "=%s" % CUSTOM_INJECTION_MARK_CHAR in _:
warnMsg = "it seems that you've provided empty parameter value(s) " warnMsg = "it seems that you've provided empty parameter value(s) "
warnMsg += "for testing. Please, always use only valid parameter values " warnMsg += "for testing. Please, always use only valid parameter values "
warnMsg += "so sqlmap could be able to run properly" warnMsg += "so sqlmap could be able to run properly"
@ -304,6 +317,7 @@ def _setRequestParams():
if conf.get(item): if conf.get(item):
conf[item] = conf[item].replace(CUSTOM_INJECTION_MARK_CHAR, "") conf[item] = conf[item].replace(CUSTOM_INJECTION_MARK_CHAR, "")
if not skipHeaders:
# Perform checks on Cookie parameters # Perform checks on Cookie parameters
if conf.cookie: if conf.cookie:
conf.parameters[PLACE.COOKIE] = conf.cookie conf.parameters[PLACE.COOKIE] = conf.cookie