mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2024-11-29 13:03:50 +03:00
improved redirection mechanism
This commit is contained in:
parent
128a012121
commit
a536bf210f
|
@ -1301,7 +1301,6 @@ def __setConfAttributes():
|
||||||
conf.parameters = {}
|
conf.parameters = {}
|
||||||
conf.path = None
|
conf.path = None
|
||||||
conf.port = None
|
conf.port = None
|
||||||
conf.redirectHandled = False
|
|
||||||
conf.resultsFilename = None
|
conf.resultsFilename = None
|
||||||
conf.resultsFP = None
|
conf.resultsFP = None
|
||||||
conf.scheme = None
|
conf.scheme = None
|
||||||
|
@ -1322,6 +1321,7 @@ def __setKnowledgeBaseAttributes(flushAll=True):
|
||||||
|
|
||||||
kb.absFilePaths = set()
|
kb.absFilePaths = set()
|
||||||
kb.adjustTimeDelay = False
|
kb.adjustTimeDelay = False
|
||||||
|
kb.alwaysRedirect = None
|
||||||
kb.arch = None
|
kb.arch = None
|
||||||
kb.authHeader = None
|
kb.authHeader = None
|
||||||
kb.bannerFp = advancedDict()
|
kb.bannerFp = advancedDict()
|
||||||
|
|
|
@ -92,7 +92,6 @@ class Connect:
|
||||||
method = kwargs.get('method', None)
|
method = kwargs.get('method', None)
|
||||||
cookie = kwargs.get('cookie', None)
|
cookie = kwargs.get('cookie', None)
|
||||||
ua = kwargs.get('ua', None)
|
ua = kwargs.get('ua', None)
|
||||||
host = kwargs.get('host', None)
|
|
||||||
referer = kwargs.get('referer', None)
|
referer = kwargs.get('referer', None)
|
||||||
direct = kwargs.get('direct', False)
|
direct = kwargs.get('direct', False)
|
||||||
multipart = kwargs.get('multipart', False)
|
multipart = kwargs.get('multipart', False)
|
||||||
|
@ -103,6 +102,7 @@ class Connect:
|
||||||
ignoreTimeout = kwargs.get('ignoreTimeout', kb.ignoreTimeout)
|
ignoreTimeout = kwargs.get('ignoreTimeout', kb.ignoreTimeout)
|
||||||
refreshing = kwargs.get('refreshing', False)
|
refreshing = kwargs.get('refreshing', False)
|
||||||
retrying = kwargs.get('retrying', False)
|
retrying = kwargs.get('retrying', False)
|
||||||
|
redirecting = kwargs.get('redirecting', False)
|
||||||
|
|
||||||
# flag to know if we are dealing with the same target host
|
# flag to know if we are dealing with the same target host
|
||||||
target = reduce(lambda x, y: x == y, map(lambda x: urlparse.urlparse(x).netloc.split(':')[0], [url, conf.url]))
|
target = reduce(lambda x, y: x == y, map(lambda x: urlparse.urlparse(x).netloc.split(':')[0], [url, conf.url]))
|
||||||
|
@ -192,7 +192,7 @@ class Connect:
|
||||||
if kb.proxyAuthHeader:
|
if kb.proxyAuthHeader:
|
||||||
headers[HTTPHEADER.PROXY_AUTHORIZATION] = kb.proxyAuthHeader
|
headers[HTTPHEADER.PROXY_AUTHORIZATION] = kb.proxyAuthHeader
|
||||||
|
|
||||||
headers[HTTPHEADER.HOST] = host or urlparse.urlparse(url).netloc.split(':')[0]
|
headers[HTTPHEADER.HOST] = urlparse.urlparse(url).netloc.split(':')[0]
|
||||||
|
|
||||||
if auxHeaders:
|
if auxHeaders:
|
||||||
for key, item in auxHeaders.items():
|
for key, item in auxHeaders.items():
|
||||||
|
@ -251,29 +251,20 @@ class Connect:
|
||||||
if hasattr(conn, "setcookie"):
|
if hasattr(conn, "setcookie"):
|
||||||
kb.redirectSetCookie = conn.setcookie
|
kb.redirectSetCookie = conn.setcookie
|
||||||
|
|
||||||
if hasattr(conn, "redurl") and hasattr(conn, "redcode") and target and not conf.redirectHandled and not conf.realTest:
|
if hasattr(conn, "redurl") and hasattr(conn, "redcode") and target\
|
||||||
msg = "sqlmap got a %d redirect to " % conn.redcode
|
and not redirecting and not conf.realTest:
|
||||||
msg += "%s - What target address do you " % conn.redurl
|
|
||||||
msg += "want to use from now on? %s " % conf.url
|
|
||||||
msg += "(default) or provide another target address based "
|
|
||||||
msg += "also on the redirection got from the application\n"
|
|
||||||
|
|
||||||
while True:
|
if kb.alwaysRedirect is None:
|
||||||
choice = readInput(msg, default=None)
|
msg = "sqlmap got a %d redirect to " % conn.redcode
|
||||||
|
msg += "'%s'. do you want to follow redirects " % conn.redurl
|
||||||
|
msg += "from now on (or stay on the original page)? [Y/n]"
|
||||||
|
choice = readInput(msg, default="Y")
|
||||||
|
|
||||||
if not choice:
|
kb.alwaysRedirect = choice in ("n", "N")
|
||||||
pass
|
|
||||||
else:
|
|
||||||
conf.url = choice
|
|
||||||
try:
|
|
||||||
parseTargetUrl()
|
|
||||||
return Connect.__getPageProxy(**kwargs)
|
|
||||||
except sqlmapSyntaxException:
|
|
||||||
continue
|
|
||||||
|
|
||||||
break
|
kwargs['url'] = conn.redurl if kb.alwaysRedirect else conf.url
|
||||||
|
kwargs['redirecting'] = True
|
||||||
conf.redirectHandled = True
|
return Connect.__getPageProxy(**kwargs)
|
||||||
|
|
||||||
# Return response object
|
# Return response object
|
||||||
if response:
|
if response:
|
||||||
|
|
|
@ -8,6 +8,7 @@ See the file 'doc/COPYING' for copying permission
|
||||||
"""
|
"""
|
||||||
|
|
||||||
import urllib2
|
import urllib2
|
||||||
|
import urlparse
|
||||||
|
|
||||||
from lib.core.data import conf
|
from lib.core.data import conf
|
||||||
from lib.core.data import logger
|
from lib.core.data import logger
|
||||||
|
@ -52,6 +53,10 @@ class SmartRedirectHandler(urllib2.HTTPRedirectHandler):
|
||||||
elif "uri" in headers:
|
elif "uri" in headers:
|
||||||
result.redurl = headers.getheaders("uri")[0].split("?")[0]
|
result.redurl = headers.getheaders("uri")[0].split("?")[0]
|
||||||
|
|
||||||
|
if hasattr(result, 'redurl'):
|
||||||
|
if result.redurl.startswith('.') or result.redurl.startswith('/'):
|
||||||
|
result.redurl = urlparse.urljoin(conf.url, result.redurl)
|
||||||
|
|
||||||
if "set-cookie" in headers:
|
if "set-cookie" in headers:
|
||||||
result.setcookie = headers["set-cookie"].split("; path")[0]
|
result.setcookie = headers["set-cookie"].split("; path")[0]
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue
Block a user