sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-02-18 04:20:35 +03:00
Code Issues Packages Projects Releases Wiki Activity

minor fix for parameters containing '=' inside values itself (remark: no parameter name will have '=' nor '%3d' inside; tested and it does a good job)

Browse Source
This commit is contained in:
Miroslav Stampar 2011-07-21 10:06:52 +00:00
parent 7881ded60d
commit 963f54e6d2
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
lib/core/common.py
View File

@ -554,7 +554,7 @@ def paramToDict(place, parameters=None):
for element in splitParams: for element in splitParams:
elem = element.split("=") elem = element.split("=")
if len(elem) == 2: if len(elem) >= 2:
parameter = elem[0].replace(" ", "") parameter = elem[0].replace(" ", "")
condition = not conf.testParameter condition = not conf.testParameter
@ -569,7 +569,7 @@ def paramToDict(place, parameters=None):
errMsg += "please, always use only valid parameter values " errMsg += "please, always use only valid parameter values "
errMsg += "so sqlmap could be able to do a valid run." errMsg += "so sqlmap could be able to do a valid run."
raise sqlmapSyntaxException, errMsg raise sqlmapSyntaxException, errMsg
testableParameters[parameter] = elem[1] testableParameters[parameter] = "=".join(elem[1:])
else: else:
root = ET.XML(parameters) root = ET.XML(parameters)
iterator = root.getiterator() iterator = root.getiterator()