sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-08-03 20:00:10 +03:00
Code Issues Packages Projects Releases Wiki Activity

Update use.py

Browse Source 
Filters out returned encoded value from the header "URI" which confuses sqlmap
This commit is contained in:
henshin 2014-07-22 13:15:39 +01:00
parent 9fff88d6e4
commit 6acfef475a
1 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
lib/techniques/error/use.py
View File

@ -27,6 +27,7 @@ from lib.core.common import isNumPosStrValue
from lib.core.common import listToStrValue from lib.core.common import listToStrValue
from lib.core.common import readInput from lib.core.common import readInput
from lib.core.common import unArrayizeValue from lib.core.common import unArrayizeValue
from lib.core.common import urlencode
from lib.core.convert import hexdecode from lib.core.convert import hexdecode
from lib.core.convert import htmlunescape from lib.core.convert import htmlunescape
from lib.core.data import conf from lib.core.data import conf
@ -99,8 +100,10 @@ def _oneShotErrorUse(expression, field=None):
incrementCounter(kb.technique) incrementCounter(kb.technique)
if page and conf.noCast: if page and conf.noEscape:
page = re.sub(r"('|\%%27)%s('|\%%27).*?('|\%%27)%s('|\%%27)" % (kb.chars.start, kb.chars.stop), "", page) payload = re.sub(r".*?__PAYLOAD_DELIMITER__(.*)__PAYLOAD_DELIMITER__",r'\g<1>',payload)
payload = urlencode(payload,"")
headers["URI"] = headers["URI"].replace(payload,"")
# Parse the returned page to get the exact error-based # Parse the returned page to get the exact error-based
# SQL injection output # SQL injection output