sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-01-23 15:54:24 +03:00
Code Issues Packages Projects Releases Wiki Activity

Minor refactoring

Browse Source
This commit is contained in:
Miroslav Stampar 2017-12-04 13:41:02 +01:00
parent 7244e8e4e2
commit 9fab2c9764
3 changed files with 11 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
lib/core/settings.py
View File

@ -300,6 +300,9 @@ BLANK = "<blank>"
# String representation for current database
CURRENT_DB = "CD"
# Name of SQLite file used for storing session data
SESSION_SQLITE_FILE = "session.sqlite"
# Regular expressions used for finding file paths in error messages
FILE_PATH_REGEXES = (r"<b>(?P<result>[^<>]+?)</b> on line \d+", r"(?P<result>[^<>'\"]+?)['\"]? on line \d+", r"(?:[>(\[\s])(?P<result>[A-Za-z]:[\\/][\w. \\/-]*)", r"(?:[>(\[\s])(?P<result>/\w[/\w.~-]+)", r"href=['\"]file://(?P<result>/[^'\"]+)")

8
lib/core/target.py
View File

@ -62,6 +62,7 @@ from lib.core.settings import PROBLEMATIC_CUSTOM_INJECTION_PATTERNS
from lib.core.settings import REFERER_ALIASES
from lib.core.settings import RESTORE_MERGED_OPTIONS
from lib.core.settings import RESULTS_FILE_FORMAT
from lib.core.settings import SESSION_SQLITE_FILE
from lib.core.settings import SUPPORTED_DBMS
from lib.core.settings import UNENCODED_ORIGINAL_VALUE
from lib.core.settings import UNICODE_ENCODING
@ -396,6 +397,9 @@ def _setRequestParams():
raise SqlmapGenericException(errMsg)
else:
for place in (PLACE.GET, PLACE.POST, PLACE.COOKIE):
if conf.csrfToken:
break
for parameter in conf.paramDict.get(place, {}):
if any(parameter.lower().count(_) for _ in CSRF_TOKEN_PARAMETER_INFIXES):
message = "%s parameter '%s' appears to hold anti-CSRF token. " % (place, parameter)
@ -403,7 +407,7 @@ def _setRequestParams():
if readInput(message, default='N', boolean=True):
conf.csrfToken = getUnicode(parameter)
break
break
def _setHashDB():
"""
@ -411,7 +415,7 @@ def _setHashDB():
"""
if not conf.hashDBFile:
conf.hashDBFile = conf.sessionFile or os.path.join(conf.outputPath, "session.sqlite")
conf.hashDBFile = conf.sessionFile or os.path.join(conf.outputPath, SESSION_SQLITE_FILE)
if os.path.exists(conf.hashDBFile):
if conf.flushSession:

4
txt/checksum.md5
View File

@ -46,10 +46,10 @@ e1c000db9be27f973569b1a430629037 lib/core/option.py
760d9df2a27ded29109b390ab202e72d lib/core/replication.py
a2466b62e67f8b31736bac4dac590e51 lib/core/revision.py
02d4762140a72fd44668d3dab5eabda9 lib/core/session.py
0b215c469175a858a36a8858b22c475e lib/core/settings.py
4a2c73dcb44a0982c61e35afee07aada lib/core/settings.py
35bffbad762eb9e03db9e93b1c991103 lib/core/shell.py
a59ec28371ae067a6fdd8f810edbee3d lib/core/subprocessng.py
d5a04d672a18f78deb2839c3745ff83c lib/core/target.py
d93501771b41315f9fb949305b6ed257 lib/core/target.py
df8f6475a53d83400c1a3967c0a21bd7 lib/core/testing.py
632538fe50f6b3179e1a5a85e8b79741 lib/core/threads.py
a119989ca03f8c8fbdf7d3035084eb31 lib/core/unescaper.py