sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-05-08 17:53:47 +03:00
Code Issues Packages Projects Releases Wiki Activity

Implementation for an Issue #450

Browse Source
This commit is contained in:
stamparm 2013-05-17 15:04:25 +02:00
parent 7ba9e75c97
commit 76b4e1ccb9
3 changed files with 17 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
lib/controller/checks.py
View File

@ -1131,6 +1131,14 @@ def checkNullConnection():
infoMsg = "NULL connection is supported with GET header " infoMsg = "NULL connection is supported with GET header "
infoMsg += "'%s'" % kb.nullConnection infoMsg += "'%s'" % kb.nullConnection
logger.info(infoMsg) logger.info(infoMsg)
else:
_, headers, _ = Request.getPage(skipRead = True)
if HTTP_HEADER.CONTENT_LENGTH in (headers or {}):
kb.nullConnection = NULLCONNECTION.SKIP_READ
infoMsg = "NULL connection is supported with 'skip-read' method"
logger.info(infoMsg)
except SqlmapConnectionException, errMsg: except SqlmapConnectionException, errMsg:
errMsg = getUnicode(errMsg) errMsg = getUnicode(errMsg)

1
lib/core/enums.py
View File

@ -86,6 +86,7 @@ class HTTPMETHOD:
class NULLCONNECTION: class NULLCONNECTION:
HEAD = "HEAD" HEAD = "HEAD"
RANGE = "Range" RANGE = "Range"
SKIP_READ = "skip-read"
class REFLECTIVE_COUNTER: class REFLECTIVE_COUNTER:
MISS = "MISS" MISS = "MISS"

15
lib/request/connect.py
View File

@ -211,6 +211,7 @@ class Connect(object):
refreshing = kwargs.get("refreshing", False) refreshing = kwargs.get("refreshing", False)
retrying = kwargs.get("retrying", False) retrying = kwargs.get("retrying", False)
crawling = kwargs.get("crawling", False) crawling = kwargs.get("crawling", False)
skipRead = kwargs.get("skipRead", False)
if not urlparse.urlsplit(url).netloc: if not urlparse.urlsplit(url).netloc:
url = urlparse.urljoin(conf.url, url) url = urlparse.urljoin(conf.url, url)
@ -266,7 +267,7 @@ class Connect(object):
multipartOpener = urllib2.build_opener(proxyHandler, multipartpost.MultipartPostHandler) multipartOpener = urllib2.build_opener(proxyHandler, multipartpost.MultipartPostHandler)
conn = multipartOpener.open(unicodeencode(url), multipart) conn = multipartOpener.open(unicodeencode(url), multipart)
page = Connect._connReadProxy(conn) page = Connect._connReadProxy(conn) if not skipRead else None
responseHeaders = conn.info() responseHeaders = conn.info()
responseHeaders[URI_HTTP_HEADER] = conn.geturl() responseHeaders[URI_HTTP_HEADER] = conn.geturl()
page = decodePage(page, responseHeaders.get(HTTP_HEADER.CONTENT_ENCODING), responseHeaders.get(HTTP_HEADER.CONTENT_TYPE)) page = decodePage(page, responseHeaders.get(HTTP_HEADER.CONTENT_ENCODING), responseHeaders.get(HTTP_HEADER.CONTENT_TYPE))
@ -380,12 +381,12 @@ class Connect(object):
# Get HTTP response # Get HTTP response
if hasattr(conn, 'redurl'): if hasattr(conn, 'redurl'):
page = threadData.lastRedirectMsg[1] if kb.redirectChoice == REDIRECTION.NO\ page = (threadData.lastRedirectMsg[1] if kb.redirectChoice == REDIRECTION.NO\
else Connect._connReadProxy(conn) else Connect._connReadProxy(conn)) if not skipRead else None
skipLogTraffic = kb.redirectChoice == REDIRECTION.NO skipLogTraffic = kb.redirectChoice == REDIRECTION.NO
code = conn.redcode code = conn.redcode
else: else:
page = Connect._connReadProxy(conn) page = Connect._connReadProxy(conn) if not skipRead else None
code = code or conn.code code = code or conn.code
responseHeaders = conn.info() responseHeaders = conn.info()
@ -439,7 +440,7 @@ class Connect(object):
responseHeaders = None responseHeaders = None
try: try:
page = e.read() page = e.read() if not skipRead else None
responseHeaders = e.info() responseHeaders = e.info()
responseHeaders[URI_HTTP_HEADER] = e.geturl() responseHeaders[URI_HTTP_HEADER] = e.geturl()
page = decodePage(page, responseHeaders.get(HTTP_HEADER.CONTENT_ENCODING), responseHeaders.get(HTTP_HEADER.CONTENT_TYPE)) page = decodePage(page, responseHeaders.get(HTTP_HEADER.CONTENT_ENCODING), responseHeaders.get(HTTP_HEADER.CONTENT_TYPE))
@ -820,10 +821,10 @@ class Connect(object):
auxHeaders[HTTP_HEADER.RANGE] = "bytes=-1" auxHeaders[HTTP_HEADER.RANGE] = "bytes=-1"
_, headers, code = Connect.getPage(url=uri, get=get, post=post, cookie=cookie, ua=ua, referer=referer, host=host, silent=silent, method=method, auxHeaders=auxHeaders, raise404=raise404) _, headers, code = Connect.getPage(url=uri, get=get, post=post, cookie=cookie, ua=ua, referer=referer, host=host, silent=silent, method=method, auxHeaders=auxHeaders, raise404=raise404, skipRead=(kb.nullConnection == NULLCONNECTION.SKIP_READ))
if headers: if headers:
if kb.nullConnection == NULLCONNECTION.HEAD and HTTP_HEADER.CONTENT_LENGTH in headers: if kb.nullConnection in (NULLCONNECTION.HEAD, NULLCONNECTION.SKIP_READ) and HTTP_HEADER.CONTENT_LENGTH in headers:
pageLength = int(headers[HTTP_HEADER.CONTENT_LENGTH]) pageLength = int(headers[HTTP_HEADER.CONTENT_LENGTH])
elif kb.nullConnection == NULLCONNECTION.RANGE and HTTP_HEADER.CONTENT_RANGE in headers: elif kb.nullConnection == NULLCONNECTION.RANGE and HTTP_HEADER.CONTENT_RANGE in headers:
pageLength = int(headers[HTTP_HEADER.CONTENT_RANGE][headers[HTTP_HEADER.CONTENT_RANGE].find('/') + 1:]) pageLength = int(headers[HTTP_HEADER.CONTENT_RANGE][headers[HTTP_HEADER.CONTENT_RANGE].find('/') + 1:])