diff --git a/lib/core/common.py b/lib/core/common.py index dd6af64e1..e0762ac0e 100644 --- a/lib/core/common.py +++ b/lib/core/common.py @@ -1268,7 +1268,7 @@ def parseTargetUrl(): __urlSplit = urlparse.urlsplit(conf.url) __hostnamePort = __urlSplit[1].split(":") - conf.scheme = __urlSplit[0].strip() + conf.scheme = __urlSplit[0].strip() if not conf.forceSSL else "https" conf.path = __urlSplit[2].strip() conf.hostname = __hostnamePort[0].strip() diff --git a/lib/core/optiondict.py b/lib/core/optiondict.py index c02453e76..bd0e602e8 100644 --- a/lib/core/optiondict.py +++ b/lib/core/optiondict.py @@ -31,6 +31,7 @@ optDict = { "agent": "string", "randomAgent": "boolean", "rParam": "string", + "forceSSL": "boolean", "host": "string", "referer": "string", "headers": "string", diff --git a/lib/parse/cmdline.py b/lib/parse/cmdline.py index 4b7ed040b..a735e6bad 100644 --- a/lib/parse/cmdline.py +++ b/lib/parse/cmdline.py @@ -92,6 +92,10 @@ def cmdLineParser(): request.add_option("--randomize", dest="rParam", help="Randomly change value for given parameter(s)") + request.add_option("--force-ssl", dest="forceSSL", + action="store_true", + help="Force usage of SSL/HTTPS requests") + request.add_option("--host", dest="host", help="HTTP Host header") diff --git a/sqlmap.conf b/sqlmap.conf index 28bd5386f..2cf113445 100644 --- a/sqlmap.conf +++ b/sqlmap.conf @@ -69,6 +69,10 @@ referer = # Randomly change value for the given parameter rParam = +# Force usage of SSL/HTTPS requests +# Valid: True or False +forceSSL = False + # Extra HTTP headers headers = Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 Accept-Language: en-us,en;q=0.5