mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2024-11-25 02:53:46 +03:00
Fixes #4895
This commit is contained in:
parent
b185b5e989
commit
90b145ee87
|
@ -1340,44 +1340,6 @@ def checkStability():
|
|||
|
||||
return kb.pageStable
|
||||
|
||||
def checkString():
|
||||
if not conf.string:
|
||||
return True
|
||||
|
||||
infoMsg = "testing if the provided string is within the "
|
||||
infoMsg += "target URL page content"
|
||||
logger.info(infoMsg)
|
||||
|
||||
page, headers, _ = Request.queryPage(content=True)
|
||||
rawResponse = "%s%s" % (listToStrValue(headers.headers if headers else ""), page)
|
||||
|
||||
if conf.string not in rawResponse:
|
||||
warnMsg = "you provided '%s' as the string to " % conf.string
|
||||
warnMsg += "match, but such a string is not within the target "
|
||||
warnMsg += "URL raw response, sqlmap will carry on anyway"
|
||||
logger.warn(warnMsg)
|
||||
|
||||
return True
|
||||
|
||||
def checkRegexp():
|
||||
if not conf.regexp:
|
||||
return True
|
||||
|
||||
infoMsg = "testing if the provided regular expression matches within "
|
||||
infoMsg += "the target URL page content"
|
||||
logger.info(infoMsg)
|
||||
|
||||
page, headers, _ = Request.queryPage(content=True)
|
||||
rawResponse = "%s%s" % (listToStrValue(headers.headers if headers else ""), page)
|
||||
|
||||
if not re.search(conf.regexp, rawResponse, re.I | re.M):
|
||||
warnMsg = "you provided '%s' as the regular expression " % conf.regexp
|
||||
warnMsg += "which does not have any match within the target URL raw response. sqlmap "
|
||||
warnMsg += "will carry on anyway"
|
||||
logger.warn(warnMsg)
|
||||
|
||||
return True
|
||||
|
||||
@stackedmethod
|
||||
def checkWaf():
|
||||
"""
|
||||
|
@ -1542,7 +1504,31 @@ def checkConnection(suppressOutput=False):
|
|||
|
||||
try:
|
||||
kb.originalPageTime = time.time()
|
||||
Request.queryPage(content=True, noteResponseTime=False)
|
||||
page, headers, _ = Request.queryPage(content=True, noteResponseTime=False)
|
||||
|
||||
rawResponse = "%s%s" % (listToStrValue(headers.headers if headers else ""), page)
|
||||
|
||||
if conf.string:
|
||||
infoMsg = "testing if the provided string is within the "
|
||||
infoMsg += "target URL page content"
|
||||
logger.info(infoMsg)
|
||||
|
||||
if conf.string not in rawResponse:
|
||||
warnMsg = "you provided '%s' as the string to " % conf.string
|
||||
warnMsg += "match, but such a string is not within the target "
|
||||
warnMsg += "URL raw response, sqlmap will carry on anyway"
|
||||
logger.warn(warnMsg)
|
||||
|
||||
if conf.regexp:
|
||||
infoMsg = "testing if the provided regular expression matches within "
|
||||
infoMsg += "the target URL page content"
|
||||
logger.info(infoMsg)
|
||||
|
||||
if not re.search(conf.regexp, rawResponse, re.I | re.M):
|
||||
warnMsg = "you provided '%s' as the regular expression " % conf.regexp
|
||||
warnMsg += "which does not have any match within the target URL raw response. sqlmap "
|
||||
warnMsg += "will carry on anyway"
|
||||
logger.warn(warnMsg)
|
||||
|
||||
kb.errorIsNone = False
|
||||
|
||||
|
|
|
@ -16,10 +16,8 @@ from lib.controller.checks import checkConnection
|
|||
from lib.controller.checks import checkDynParam
|
||||
from lib.controller.checks import checkInternet
|
||||
from lib.controller.checks import checkNullConnection
|
||||
from lib.controller.checks import checkRegexp
|
||||
from lib.controller.checks import checkSqlInjection
|
||||
from lib.controller.checks import checkStability
|
||||
from lib.controller.checks import checkString
|
||||
from lib.controller.checks import checkWaf
|
||||
from lib.controller.checks import heuristicCheckSqlInjection
|
||||
from lib.core.agent import agent
|
||||
|
@ -434,7 +432,7 @@ def start():
|
|||
|
||||
setupTargetEnv()
|
||||
|
||||
if not checkConnection(suppressOutput=conf.forms) or not checkString() or not checkRegexp():
|
||||
if not checkConnection(suppressOutput=conf.forms):
|
||||
continue
|
||||
|
||||
if conf.rParam and kb.originalPage:
|
||||
|
|
|
@ -20,7 +20,7 @@ from thirdparty import six
|
|||
from thirdparty.six import unichr as _unichr
|
||||
|
||||
# sqlmap version (<major>.<minor>.<month>.<monthly commit>)
|
||||
VERSION = "1.5.11.10"
|
||||
VERSION = "1.5.12.0"
|
||||
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
|
||||
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
|
||||
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
|
||||
|
|
Loading…
Reference in New Issue
Block a user