Fixes #59 - proper customizable redirect (302 and 301)

This commit is contained in:
Bernardo Damele 2010-03-15 14:24:43 +00:00
parent 417f7fae00
commit 6d0ea86414
4 changed files with 61 additions and 3 deletions

View File

@ -69,10 +69,12 @@ from lib.parse.configfile import configFileParser
from lib.parse.queriesfile import queriesParser
from lib.request.proxy import ProxyHTTPSHandler
from lib.request.certhandler import HTTPSCertAuthHandler
from lib.request.redirecthandler import SmartRedirectHandler
from lib.utils.google import Google
authHandler = urllib2.BaseHandler()
proxyHandler = urllib2.BaseHandler()
redirectHandler = SmartRedirectHandler()
def __urllib2Opener():
"""
@ -81,6 +83,7 @@ def __urllib2Opener():
global authHandler
global proxyHandler
global redirectHandler
debugMsg = "creating HTTP requests opener object"
logger.debug(debugMsg)
@ -89,7 +92,7 @@ def __urllib2Opener():
opener = urllib2.build_opener(proxyHandler, authHandler)
else:
conf.cj = cookielib.LWPCookieJar()
opener = urllib2.build_opener(proxyHandler, authHandler, urllib2.HTTPCookieProcessor(conf.cj))
opener = urllib2.build_opener(proxyHandler, authHandler, urllib2.HTTPCookieProcessor(conf.cj), redirectHandler)
urllib2.install_opener(opener)

View File

@ -22,9 +22,9 @@ with sqlmap; if not, write to the Free Software Foundation, Inc., 51
Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
"""
import sys
import httplib
import urllib2
import sys
from lib.core.data import conf

View File

@ -125,6 +125,15 @@ class Connect:
req = urllib2.Request(url, post, headers)
conn = urllib2.urlopen(req)
if hasattr(conn, "redurl"):
infoMsg = "connection redirected, going to use "
infoMsg += "%s as target address" % conn.redurl
logger.info(infoMsg)
conf.url = conn.redurl
return Connect.__getPageProxy(**kwargs)
# Reset the number of connection retries
conf.retriesCount = 0
@ -163,7 +172,7 @@ class Connect:
code = conn.code
status = conn.msg
responseHeaders = conn.info()
encoding = responseHeaders.get("Content-Encoding")
page = decodePage(page, encoding)

View File

@ -0,0 +1,46 @@
#!/usr/bin/env python
"""
$Id$
This file is part of the sqlmap project, http://sqlmap.sourceforge.net.
Copyright (c) 2007-2010 Bernardo Damele A. G. <bernardo.damele@gmail.com>
Copyright (c) 2006 Daniele Bellucci <daniele.bellucci@gmail.com>
sqlmap is free software; you can redistribute it and/or modify it under
the terms of the GNU General Public License as published by the Free
Software Foundation version 2 of the License.
sqlmap is distributed in the hope that it will be useful, but WITHOUT ANY
WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
details.
You should have received a copy of the GNU General Public License along
with sqlmap; if not, write to the Free Software Foundation, Inc., 51
Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
"""
import urllib2
class SmartRedirectHandler(urllib2.HTTPRedirectHandler):
def http_error_301(self, req, fp, code, msg, headers):
result = urllib2.HTTPRedirectHandler.http_error_301(self, req, fp, code, msg, headers)
if "location" in headers:
result.redurl = headers.getheaders("location")[0].split("?")[0]
elif "uri" in headers:
result.redurl = headers.getheaders("uri")[0].split("?")[0]
return result
def http_error_302(self, req, fp, code, msg, headers):
result = urllib2.HTTPRedirectHandler.http_error_302(self, req, fp, code, msg, headers)
if "location" in headers:
result.redurl = headers.getheaders("location")[0].split("?")[0]
elif "uri" in headers:
result.redurl = headers.getheaders("uri")[0].split("?")[0]
return result