mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2025-01-24 08:14:24 +03:00
minor update for --scope
This commit is contained in:
Miroslav Stampar
parent
527ce070a3
commit
9eee6c252d
|
|
@ -182,13 +182,11 @@ def __feedTargetsDict(reqFile, addedTargetUrls):
|
||||||
"""
|
"""
|
||||||
|
|
||||||
reqResList = content.split(WEBSCARAB_SPLITTER)
|
reqResList = content.split(WEBSCARAB_SPLITTER)
|
||||||
getPostReq = False
|
|
||||||
|
|
||||||
for request in reqResList:
|
for request in reqResList:
|
||||||
url = extractRegexResult(r"URL: (?P<result>.+?)\n", request, re.I)
|
url = extractRegexResult(r"URL: (?P<result>.+?)\n", request, re.I)
|
||||||
method = extractRegexResult(r"METHOD: (?P<result>.+?)\n", request, re.I)
|
method = extractRegexResult(r"METHOD: (?P<result>.+?)\n", request, re.I)
|
||||||
cookie = extractRegexResult(r"COOKIE: (?P<result>.+?)\n", request, re.I)
|
cookie = extractRegexResult(r"COOKIE: (?P<result>.+?)\n", request, re.I)
|
||||||
getPostReq = True
|
|
||||||
|
|
||||||
if not method or not url:
|
if not method or not url:
|
||||||
logger.debug("not a valid WebScarab log data")
|
logger.debug("not a valid WebScarab log data")
|
||||||
|
|
@ -201,10 +199,7 @@ def __feedTargetsDict(reqFile, addedTargetUrls):
|
||||||
logger.warning(warnMsg)
|
logger.warning(warnMsg)
|
||||||
continue
|
continue
|
||||||
|
|
||||||
if conf.scope:
|
if not(conf.scope and not re.search(conf.scope, url, re.I)):
|
||||||
getPostReq &= re.search(conf.scope, url, re.I) is not None
|
|
||||||
|
|
||||||
if getPostReq:
|
|
||||||
if not kb.targetUrls or url not in addedTargetUrls:
|
if not kb.targetUrls or url not in addedTargetUrls:
|
||||||
kb.targetUrls.add((url, method, None, cookie))
|
kb.targetUrls.add((url, method, None, cookie))
|
||||||
addedTargetUrls.add(url)
|
addedTargetUrls.add(url)
|
||||||
|
|
@ -298,9 +293,6 @@ def __feedTargetsDict(reqFile, addedTargetUrls):
|
||||||
elif key not in ( HTTPHEADER.PROXY_CONNECTION, HTTPHEADER.CONNECTION ):
|
elif key not in ( HTTPHEADER.PROXY_CONNECTION, HTTPHEADER.CONNECTION ):
|
||||||
conf.httpHeaders.append((str(key), str(value)))
|
conf.httpHeaders.append((str(key), str(value)))
|
||||||
|
|
||||||
if conf.scope:
|
|
||||||
getPostReq &= re.search(conf.scope, host) is not None
|
|
||||||
|
|
||||||
if getPostReq and (params or cookie):
|
if getPostReq and (params or cookie):
|
||||||
if not port and isinstance(scheme, basestring) and scheme.lower() == "https":
|
if not port and isinstance(scheme, basestring) and scheme.lower() == "https":
|
||||||
port = "443"
|
port = "443"
|
||||||
|
|
@ -312,9 +304,10 @@ def __feedTargetsDict(reqFile, addedTargetUrls):
|
||||||
scheme = None
|
scheme = None
|
||||||
port = None
|
port = None
|
||||||
|
|
||||||
if not kb.targetUrls or url not in addedTargetUrls:
|
if not(conf.scope and not re.search(conf.scope, url, re.I)):
|
||||||
kb.targetUrls.add((url, method, urldecode(data) if data and urlencode(DEFAULT_GET_POST_DELIMITER, None) not in data else data, cookie))
|
if not kb.targetUrls or url not in addedTargetUrls:
|
||||||
addedTargetUrls.add(url)
|
kb.targetUrls.add((url, method, urldecode(data) if data and urlencode(DEFAULT_GET_POST_DELIMITER, None) not in data else data, cookie))
|
||||||
|
addedTargetUrls.add(url)
|
||||||
|
|
||||||
fp = openFile(reqFile, "rb")
|
fp = openFile(reqFile, "rb")
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue
Block a user