sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-11-23 01:56:36 +03:00
Code Issues Packages Projects Releases Wiki Activity

further update regarding last commit

Browse Source
This commit is contained in:
Miroslav Stampar 2011-03-03 10:39:04 +00:00
parent bc50387a17
commit 8edc3b3302
3 changed files with 14 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
lib/controller/controller.py
View File

@ -27,6 +27,8 @@ from lib.core.common import paramToDict
from lib.core.common import parseTargetUrl from lib.core.common import parseTargetUrl
from lib.core.common import readInput from lib.core.common import readInput
from lib.core.common import showHttpErrorCodes from lib.core.common import showHttpErrorCodes
from lib.core.convert import urlencode
from lib.core.convert import urldecode
from lib.core.data import conf from lib.core.data import conf
from lib.core.data import kb from lib.core.data import kb
from lib.core.data import logger from lib.core.data import logger
@ -205,7 +207,7 @@ def start():
message += "\nCookie: %s" % conf.cookie message += "\nCookie: %s" % conf.cookie
if conf.data: if conf.data:
message += "\nPOST data: %s" % repr(conf.data) if conf.data else "" message += "\nPOST data: %s" % urlencode(conf.data) if conf.data else ""
if conf.forms: if conf.forms:
if conf.method == HTTPMETHOD.GET and targetUrl.find("?") == -1: if conf.method == HTTPMETHOD.GET and targetUrl.find("?") == -1:
@ -216,8 +218,8 @@ def start():
if not test or test[0] in ("y", "Y"): if not test or test[0] in ("y", "Y"):
if conf.method == HTTPMETHOD.POST: if conf.method == HTTPMETHOD.POST:
message = "Edit POST data [default: %s]: " % (conf.data if conf.data else "") message = "Edit POST data [default: %s]%s: " % (urlencode(conf.data) if conf.data else "", " (Warning: blank fields detected)" if conf.data and '=&' in conf.data else "")
conf.data = readInput(message, default=conf.data) conf.data = urldecode(readInput(message, default=conf.data))
elif conf.method == HTTPMETHOD.GET: elif conf.method == HTTPMETHOD.GET:
if conf.url.find("?") > -1: if conf.url.find("?") > -1:

9
lib/core/convert.py
View File

@ -19,6 +19,7 @@ import struct
import urllib import urllib
from lib.core.data import conf from lib.core.data import conf
from lib.core.settings import UNICODE_ENCODING
def base64decode(value): def base64decode(value):
return value.decode("base64") return value.decode("base64")
@ -62,17 +63,21 @@ def sha1hash(value):
else: else:
return sha.new(value).hexdigest() return sha.new(value).hexdigest()
def urldecode(value): def urldecode(value, encoding=None):
result = None result = None
if value: if value:
try: try:
# for cases like T%C3%BCrk%C3%A7e # for cases like T%C3%BCrk%C3%A7e
value = str(value) value = str(value)
result = utf8decode(urllib.unquote_plus(value))
except ValueError: except ValueError:
pass
finally:
result = urllib.unquote_plus(value) result = urllib.unquote_plus(value)
if isinstance(result, str):
result = unicode(result, encoding or UNICODE_ENCODING, errors="replace")
return result return result
def urlencode(value, safe=":/?%&=", convall=False): def urlencode(value, safe=":/?%&=", convall=False):

4
lib/core/option.py
View File

@ -446,9 +446,9 @@ def __findPageForms():
if forms: if forms:
for form in forms: for form in forms:
request = form.click() request = form.click()
url = urldecode(request.get_full_url()) url = urldecode(request.get_full_url(), kb.pageEncoding)
method = request.get_method() method = request.get_method()
data = urldecode(getUnicode(request.get_data(), kb.pageEncoding)) if request.has_data() else None data = urldecode(request.get_data(), kb.pageEncoding) if request.has_data() else None
target = (url, method, data, conf.cookie) target = (url, method, data, conf.cookie)
kb.targetUrls.add(target) kb.targetUrls.add(target)
kb.formNames.append(target) kb.formNames.append(target)