sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-02-02 20:54:13 +03:00
Code Issues Packages Projects Releases Wiki Activity

Update for an Issue #2

Browse Source
This commit is contained in:
Miroslav Stampar 2014-10-23 11:42:30 +02:00
parent a52c8811e6
commit 780dbd1c64
1 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
lib/core/target.py
View File

@ -349,6 +349,16 @@ def _setRequestParams():
errMsg = "CSRF protection token parameter '%s' not " % conf.csrfToken errMsg = "CSRF protection token parameter '%s' not " % conf.csrfToken
errMsg += "found in provided GET and/or POST values" errMsg += "found in provided GET and/or POST values"
raise SqlmapGenericException(errMsg) raise SqlmapGenericException(errMsg)
else:
for place in (PLACE.GET, PLACE.POST):
for parameter in conf.paramDict.get(place, {}):
if parameter.lower().startswith("csrf"):
message = "%s parameter '%s' appears to hold CSRF protection token. " % (place, parameter)
message += "Do you want sqlmap to automatically update it in further requests? [y/N] "
test = readInput(message, default="N")
if test and test[0] in ("y", "Y"):
conf.csrfToken = parameter
break
def _setHashDB(): def _setHashDB():
""" """