sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-03-23 19:34:13 +03:00
Code Issues Packages Projects Releases Wiki Activity

update of redirection mechanism (now 3-state - redirected, original and "ignored" (containing redirection message itself))

Browse Source
This commit is contained in:
Miroslav Stampar 2011-12-04 22:42:19 +00:00
parent ec895c3d1a
commit 9bc735963b
3 changed files with 19 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
lib/core/enums.py
View File

@ -110,6 +110,11 @@ class EXPECTED:
BOOL = "bool" BOOL = "bool"
INT = "int" INT = "int"
class REDIRECTION:
FOLLOW = "1"
ORIGINAL = "2"
IGNORE = "3"
class PAYLOAD: class PAYLOAD:
SQLINJECTION = { SQLINJECTION = {
1: "boolean-based blind", 1: "boolean-based blind",

2
lib/core/option.py
View File

@ -1383,7 +1383,6 @@ def __setKnowledgeBaseAttributes(flushAll=True):
kb.absFilePaths = set() kb.absFilePaths = set()
kb.adjustTimeDelay = False kb.adjustTimeDelay = False
kb.alwaysRedirect = None
kb.alwaysRefresh = None kb.alwaysRefresh = None
kb.arch = None kb.arch = None
kb.authHeader = None kb.authHeader = None
@ -1455,6 +1454,7 @@ def __setKnowledgeBaseAttributes(flushAll=True):
kb.processResponseCounter = 0 kb.processResponseCounter = 0
kb.proxyAuthHeader = None kb.proxyAuthHeader = None
kb.queryCounter = 0 kb.queryCounter = 0
kb.redirectChoice = None
kb.redirectSetCookie = None kb.redirectSetCookie = None
kb.reflectiveMechanism = True kb.reflectiveMechanism = True
kb.reflectiveCounters = {REFLECTIVE_COUNTER.MISS:0, REFLECTIVE_COUNTER.HIT:0} kb.reflectiveCounters = {REFLECTIVE_COUNTER.MISS:0, REFLECTIVE_COUNTER.HIT:0}

23
lib/request/connect.py
View File

@ -49,6 +49,7 @@ from lib.core.enums import HTTPMETHOD
from lib.core.enums import NULLCONNECTION from lib.core.enums import NULLCONNECTION
from lib.core.enums import PAYLOAD from lib.core.enums import PAYLOAD
from lib.core.enums import PLACE from lib.core.enums import PLACE
from lib.core.enums import REDIRECTION
from lib.core.exception import sqlmapConnectionException from lib.core.exception import sqlmapConnectionException
from lib.core.exception import sqlmapSyntaxException from lib.core.exception import sqlmapSyntaxException
from lib.core.settings import HTTP_ACCEPT_HEADER_VALUE from lib.core.settings import HTTP_ACCEPT_HEADER_VALUE
@ -312,21 +313,23 @@ class Connect:
if hasattr(conn, "redurl") and hasattr(conn, "redcode") and target\ if hasattr(conn, "redurl") and hasattr(conn, "redcode") and target\
and not redirecting and not conf.realTest: and not redirecting and not conf.realTest:
if kb.alwaysRedirect is None: if kb.redirectChoice is None:
msg = "sqlmap got a %d redirect to " % conn.redcode msg = "sqlmap got a %d redirect to " % conn.redcode
msg += "'%s'. Do you want to follow redirects " % conn.redurl msg += "'%s'. What do you want to do? " % conn.redurl
msg += "from now on (or stay on the original page otherwise)? [Y/n]" msg += "\n[1] Follow the redirection (default)"
choice = readInput(msg, default="Y") msg += "\n[2] Stay on the original page"
msg += "\n[3] Ignore"
choice = readInput(msg, default="1")
kb.alwaysRedirect = choice not in ("n", "N") kb.redirectChoice = choice
if kb.alwaysRedirect: if kb.redirectChoice == REDIRECTION.IGNORE:
kwargs['url'] = conn.redurl
kwargs['redirecting'] = conn.redcode
return Connect.__getPageProxy(**kwargs)
else:
redirecting = conn.redcode redirecting = conn.redcode
page = threadData.lastRedirectMsg[1] page = threadData.lastRedirectMsg[1]
else:
kwargs['url'] = conf.url if kb.redirectChoice == REDIRECTION.ORIGINAL else conn.redurl
kwargs['redirecting'] = conn.redcode
return Connect.__getPageProxy(**kwargs)
# Return response object # Return response object
if response: if response: