sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-11-22 09:36:35 +03:00
Code Issues Packages Projects Releases Wiki Activity

Reintroducing option --cookie-del

Browse Source
This commit is contained in:
Miroslav Stampar 2013-07-31 20:41:19 +02:00
parent ca44b23d20
commit 6b826ef64d
7 changed files with 17 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
lib/core/common.py
View File

@ -533,7 +533,10 @@ def paramToDict(place, parameters=None):
parameters = parameters.replace(", ", ",") parameters = parameters.replace(", ", ",")
parameters = re.sub(r"&(\w{1,4});", r"%s\g<1>%s" % (PARAMETER_AMP_MARKER, PARAMETER_SEMICOLON_MARKER), parameters) parameters = re.sub(r"&(\w{1,4});", r"%s\g<1>%s" % (PARAMETER_AMP_MARKER, PARAMETER_SEMICOLON_MARKER), parameters)
splitParams = parameters.split(conf.pDel or (DEFAULT_COOKIE_DELIMITER if place == PLACE.COOKIE else DEFAULT_GET_POST_DELIMITER)) if place == PLACE.COOKIE:
splitParams = parameters.split(conf.cDel or DEFAULT_COOKIE_DELIMITER)
else:
splitParams = parameters.split(conf.pDel or DEFAULT_GET_POST_DELIMITER)
for element in splitParams: for element in splitParams:
element = re.sub(r"%s(.+?)%s" % (PARAMETER_AMP_MARKER, PARAMETER_SEMICOLON_MARKER), r"&\g<1>;", element) element = re.sub(r"%s(.+?)%s" % (PARAMETER_AMP_MARKER, PARAMETER_SEMICOLON_MARKER), r"&\g<1>;", element)

1
lib/core/optiondict.py
View File

@ -25,6 +25,7 @@ optDict = {
"data": "string", "data": "string",
"pDel": "string", "pDel": "string",
"cookie": "string", "cookie": "string",
"cDel": "string",
"loadCookies": "string", "loadCookies": "string",
"dropSetCookie": "boolean", "dropSetCookie": "boolean",
"agent": "string", "agent": "string",

3
lib/parse/cmdline.py
View File

@ -82,6 +82,9 @@ def cmdLineParser():
request.add_option("--cookie", dest="cookie", request.add_option("--cookie", dest="cookie",
help="HTTP Cookie header") help="HTTP Cookie header")
request.add_option("--cookie-del", dest="cDel",
help="Character used for splitting cookie values")
request.add_option("--load-cookies", dest="loadCookies", request.add_option("--load-cookies", dest="loadCookies",
help="File containing cookies in Netscape/wget format") help="File containing cookies in Netscape/wget format")

4
lib/request/basic.py
View File

@ -73,7 +73,7 @@ def forgeHeaders(items=None):
kb.mergeCookies = not _ or _[0] in ("y", "Y") kb.mergeCookies = not _ or _[0] in ("y", "Y")
if kb.mergeCookies: if kb.mergeCookies:
_ = lambda x: re.sub("(?i)%s=[^%s]+" % (cookie.name, DEFAULT_COOKIE_DELIMITER), "%s=%s" % (cookie.name, cookie.value), x) _ = lambda x: re.sub("(?i)%s=[^%s]+" % (cookie.name, conf.cDel or DEFAULT_COOKIE_DELIMITER), "%s=%s" % (cookie.name, cookie.value), x)
headers[HTTP_HEADER.COOKIE] = _(headers[HTTP_HEADER.COOKIE]) headers[HTTP_HEADER.COOKIE] = _(headers[HTTP_HEADER.COOKIE])
if PLACE.COOKIE in conf.parameters: if PLACE.COOKIE in conf.parameters:
@ -82,7 +82,7 @@ def forgeHeaders(items=None):
conf.httpHeaders = [(item[0], item[1] if item[0] != HTTP_HEADER.COOKIE else _(item[1])) for item in conf.httpHeaders] conf.httpHeaders = [(item[0], item[1] if item[0] != HTTP_HEADER.COOKIE else _(item[1])) for item in conf.httpHeaders]
elif not kb.testMode: elif not kb.testMode:
headers[HTTP_HEADER.COOKIE] += "%s %s=%s" % (DEFAULT_COOKIE_DELIMITER, cookie.name, cookie.value) headers[HTTP_HEADER.COOKIE] += "%s %s=%s" % (conf.cDel or DEFAULT_COOKIE_DELIMITER, cookie.name, cookie.value)
if kb.testMode: if kb.testMode:
resetCookieJar(conf.cj) resetCookieJar(conf.cj)

4
lib/request/connect.py
View File

@ -752,7 +752,7 @@ class Connect(object):
evaluateCode("%s=%s" % (name, repr(value)), variables) evaluateCode("%s=%s" % (name, repr(value)), variables)
if cookie: if cookie:
for part in cookie.split(conf.pDel or DEFAULT_COOKIE_DELIMITER): for part in cookie.split(conf.cDel or DEFAULT_COOKIE_DELIMITER):
if '=' in part: if '=' in part:
name, value = part.split('=', 1) name, value = part.split('=', 1)
value = urldecode(value, convall=True) value = urldecode(value, convall=True)
@ -770,7 +770,7 @@ class Connect(object):
elif re.search(r"\b%s=" % name, (post or "")): elif re.search(r"\b%s=" % name, (post or "")):
post = re.sub("((\A|\W)%s=)([^%s]+)" % (name, delimiter), "\g<1>%s" % value, post) post = re.sub("((\A|\W)%s=)([^%s]+)" % (name, delimiter), "\g<1>%s" % value, post)
elif re.search(r"\b%s=" % name, (cookie or "")): elif re.search(r"\b%s=" % name, (cookie or "")):
cookie = re.sub("((\A|\W)%s=)([^%s]+)" % (name, conf.pDel or DEFAULT_COOKIE_DELIMITER), "\g<1>%s" % value, cookie) cookie = re.sub("((\A|\W)%s=)([^%s]+)" % (name, conf.cDel or DEFAULT_COOKIE_DELIMITER), "\g<1>%s" % value, cookie)
elif post is not None: elif post is not None:
post += "%s%s=%s" % (delimiter, name, value) post += "%s%s=%s" % (delimiter, name, value)
else: else:

2
lib/request/redirecthandler.py
View File

@ -112,7 +112,7 @@ class SmartRedirectHandler(urllib2.HTTPRedirectHandler):
if redurl and kb.redirectChoice == REDIRECTION.YES: if redurl and kb.redirectChoice == REDIRECTION.YES:
req.headers[HTTP_HEADER.HOST] = getHostHeader(redurl) req.headers[HTTP_HEADER.HOST] = getHostHeader(redurl)
if headers and HTTP_HEADER.SET_COOKIE in headers: if headers and HTTP_HEADER.SET_COOKIE in headers:
req.headers[HTTP_HEADER.COOKIE] = headers[HTTP_HEADER.SET_COOKIE].split(DEFAULT_COOKIE_DELIMITER)[0] req.headers[HTTP_HEADER.COOKIE] = headers[HTTP_HEADER.SET_COOKIE].split(conf.cDel or DEFAULT_COOKIE_DELIMITER)[0]
result = urllib2.HTTPRedirectHandler.http_error_302(self, req, fp, code, msg, headers) result = urllib2.HTTPRedirectHandler.http_error_302(self, req, fp, code, msg, headers)
else: else:
result = fp result = fp

5
sqlmap.conf
View File

@ -36,12 +36,15 @@ googleDork =
# Data string to be sent through POST. # Data string to be sent through POST.
data = data =
# Character used for splitting cookie values # Character used for splitting parameter values
pDel = pDel =
# HTTP Cookie header. # HTTP Cookie header.
cookie = cookie =
# Character used for splitting cookie values
cDel =
# File containing cookies in Netscape/wget format # File containing cookies in Netscape/wget format
loadCookies = loadCookies =