mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2024-11-25 02:53:46 +03:00
Fixes #59 - proper customizable redirect (302 and 301)
This commit is contained in:
parent
417f7fae00
commit
6d0ea86414
|
@ -69,10 +69,12 @@ from lib.parse.configfile import configFileParser
|
|||
from lib.parse.queriesfile import queriesParser
|
||||
from lib.request.proxy import ProxyHTTPSHandler
|
||||
from lib.request.certhandler import HTTPSCertAuthHandler
|
||||
from lib.request.redirecthandler import SmartRedirectHandler
|
||||
from lib.utils.google import Google
|
||||
|
||||
authHandler = urllib2.BaseHandler()
|
||||
proxyHandler = urllib2.BaseHandler()
|
||||
redirectHandler = SmartRedirectHandler()
|
||||
|
||||
def __urllib2Opener():
|
||||
"""
|
||||
|
@ -81,6 +83,7 @@ def __urllib2Opener():
|
|||
|
||||
global authHandler
|
||||
global proxyHandler
|
||||
global redirectHandler
|
||||
|
||||
debugMsg = "creating HTTP requests opener object"
|
||||
logger.debug(debugMsg)
|
||||
|
@ -89,7 +92,7 @@ def __urllib2Opener():
|
|||
opener = urllib2.build_opener(proxyHandler, authHandler)
|
||||
else:
|
||||
conf.cj = cookielib.LWPCookieJar()
|
||||
opener = urllib2.build_opener(proxyHandler, authHandler, urllib2.HTTPCookieProcessor(conf.cj))
|
||||
opener = urllib2.build_opener(proxyHandler, authHandler, urllib2.HTTPCookieProcessor(conf.cj), redirectHandler)
|
||||
|
||||
urllib2.install_opener(opener)
|
||||
|
||||
|
|
|
@ -22,9 +22,9 @@ with sqlmap; if not, write to the Free Software Foundation, Inc., 51
|
|||
Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
|
||||
"""
|
||||
|
||||
import sys
|
||||
import httplib
|
||||
import urllib2
|
||||
import sys
|
||||
|
||||
from lib.core.data import conf
|
||||
|
||||
|
|
|
@ -125,6 +125,15 @@ class Connect:
|
|||
req = urllib2.Request(url, post, headers)
|
||||
conn = urllib2.urlopen(req)
|
||||
|
||||
if hasattr(conn, "redurl"):
|
||||
infoMsg = "connection redirected, going to use "
|
||||
infoMsg += "%s as target address" % conn.redurl
|
||||
logger.info(infoMsg)
|
||||
|
||||
conf.url = conn.redurl
|
||||
|
||||
return Connect.__getPageProxy(**kwargs)
|
||||
|
||||
# Reset the number of connection retries
|
||||
conf.retriesCount = 0
|
||||
|
||||
|
@ -163,7 +172,7 @@ class Connect:
|
|||
code = conn.code
|
||||
status = conn.msg
|
||||
responseHeaders = conn.info()
|
||||
|
||||
|
||||
encoding = responseHeaders.get("Content-Encoding")
|
||||
page = decodePage(page, encoding)
|
||||
|
||||
|
|
46
lib/request/redirecthandler.py
Normal file
46
lib/request/redirecthandler.py
Normal file
|
@ -0,0 +1,46 @@
|
|||
#!/usr/bin/env python
|
||||
|
||||
"""
|
||||
$Id$
|
||||
|
||||
This file is part of the sqlmap project, http://sqlmap.sourceforge.net.
|
||||
|
||||
Copyright (c) 2007-2010 Bernardo Damele A. G. <bernardo.damele@gmail.com>
|
||||
Copyright (c) 2006 Daniele Bellucci <daniele.bellucci@gmail.com>
|
||||
|
||||
sqlmap is free software; you can redistribute it and/or modify it under
|
||||
the terms of the GNU General Public License as published by the Free
|
||||
Software Foundation version 2 of the License.
|
||||
|
||||
sqlmap is distributed in the hope that it will be useful, but WITHOUT ANY
|
||||
WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
|
||||
FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
|
||||
details.
|
||||
|
||||
You should have received a copy of the GNU General Public License along
|
||||
with sqlmap; if not, write to the Free Software Foundation, Inc., 51
|
||||
Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
|
||||
"""
|
||||
|
||||
import urllib2
|
||||
|
||||
class SmartRedirectHandler(urllib2.HTTPRedirectHandler):
|
||||
def http_error_301(self, req, fp, code, msg, headers):
|
||||
result = urllib2.HTTPRedirectHandler.http_error_301(self, req, fp, code, msg, headers)
|
||||
|
||||
if "location" in headers:
|
||||
result.redurl = headers.getheaders("location")[0].split("?")[0]
|
||||
elif "uri" in headers:
|
||||
result.redurl = headers.getheaders("uri")[0].split("?")[0]
|
||||
|
||||
return result
|
||||
|
||||
def http_error_302(self, req, fp, code, msg, headers):
|
||||
result = urllib2.HTTPRedirectHandler.http_error_302(self, req, fp, code, msg, headers)
|
||||
|
||||
if "location" in headers:
|
||||
result.redurl = headers.getheaders("location")[0].split("?")[0]
|
||||
elif "uri" in headers:
|
||||
result.redurl = headers.getheaders("uri")[0].split("?")[0]
|
||||
|
||||
return result
|
Loading…
Reference in New Issue
Block a user