diff --git a/lib/core/option.py b/lib/core/option.py index c3f4746d9..55c7cc5a7 100644 --- a/lib/core/option.py +++ b/lib/core/option.py @@ -578,7 +578,18 @@ def __setHTTPProxy(): errMsg = "proxy value must be in format 'http://url:port'" raise sqlmapSyntaxException, errMsg - __proxyString = "%s:%d" % (__hostname, __port) + if conf.pCred: + pCredRegExp = re.search("^(.*?):(.*?)$", conf.pCred) + + if not pCredRegExp: + errMsg = "Proxy authentication credentials " + errMsg += "value must be in format username:password" + raise sqlmapSyntaxException, errMsg + + # Reference: http://stackoverflow.com/questions/34079/how-to-specify-an-authenticated-proxy-for-a-python-http-connection + __proxyString = "%s@%s:%d" % (conf.pCred, __hostname, __port) + else: + __proxyString = "%s:%d" % (__hostname, __port) # Workaround for http://bugs.python.org/issue1424152 (urllib/urllib2: # HTTPS over (Squid) Proxy fails) as long as HTTP over SSL requests diff --git a/lib/core/optiondict.py b/lib/core/optiondict.py index 9f5bb569b..373d03412 100644 --- a/lib/core/optiondict.py +++ b/lib/core/optiondict.py @@ -51,6 +51,7 @@ optDict = { "aCert": "string", "keepAlive": "boolean", "proxy": "string", + "pCred": "string", "ignoreProxy": "boolean", "threads": "integer", "delay": "float", diff --git a/lib/parse/cmdline.py b/lib/parse/cmdline.py index 78ded3629..bc16420b6 100644 --- a/lib/parse/cmdline.py +++ b/lib/parse/cmdline.py @@ -119,6 +119,10 @@ def cmdLineParser(): request.add_option("--proxy", dest="proxy", help="Use a HTTP proxy to connect to the target url") + request.add_option("--proxy-cred", dest="pCred", + help="Proxy authentication credentials " + "(name:password)") + request.add_option("--ignore-proxy", dest="ignoreProxy", action="store_true", help="Ignore system default HTTP proxy")