mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2024-11-29 04:53:48 +03:00
improved redirection mechanism
This commit is contained in:
parent
128a012121
commit
a536bf210f
|
@ -1301,7 +1301,6 @@ def __setConfAttributes():
|
|||
conf.parameters = {}
|
||||
conf.path = None
|
||||
conf.port = None
|
||||
conf.redirectHandled = False
|
||||
conf.resultsFilename = None
|
||||
conf.resultsFP = None
|
||||
conf.scheme = None
|
||||
|
@ -1322,6 +1321,7 @@ def __setKnowledgeBaseAttributes(flushAll=True):
|
|||
|
||||
kb.absFilePaths = set()
|
||||
kb.adjustTimeDelay = False
|
||||
kb.alwaysRedirect = None
|
||||
kb.arch = None
|
||||
kb.authHeader = None
|
||||
kb.bannerFp = advancedDict()
|
||||
|
|
|
@ -92,7 +92,6 @@ class Connect:
|
|||
method = kwargs.get('method', None)
|
||||
cookie = kwargs.get('cookie', None)
|
||||
ua = kwargs.get('ua', None)
|
||||
host = kwargs.get('host', None)
|
||||
referer = kwargs.get('referer', None)
|
||||
direct = kwargs.get('direct', False)
|
||||
multipart = kwargs.get('multipart', False)
|
||||
|
@ -103,6 +102,7 @@ class Connect:
|
|||
ignoreTimeout = kwargs.get('ignoreTimeout', kb.ignoreTimeout)
|
||||
refreshing = kwargs.get('refreshing', False)
|
||||
retrying = kwargs.get('retrying', False)
|
||||
redirecting = kwargs.get('redirecting', False)
|
||||
|
||||
# flag to know if we are dealing with the same target host
|
||||
target = reduce(lambda x, y: x == y, map(lambda x: urlparse.urlparse(x).netloc.split(':')[0], [url, conf.url]))
|
||||
|
@ -192,7 +192,7 @@ class Connect:
|
|||
if kb.proxyAuthHeader:
|
||||
headers[HTTPHEADER.PROXY_AUTHORIZATION] = kb.proxyAuthHeader
|
||||
|
||||
headers[HTTPHEADER.HOST] = host or urlparse.urlparse(url).netloc.split(':')[0]
|
||||
headers[HTTPHEADER.HOST] = urlparse.urlparse(url).netloc.split(':')[0]
|
||||
|
||||
if auxHeaders:
|
||||
for key, item in auxHeaders.items():
|
||||
|
@ -251,29 +251,20 @@ class Connect:
|
|||
if hasattr(conn, "setcookie"):
|
||||
kb.redirectSetCookie = conn.setcookie
|
||||
|
||||
if hasattr(conn, "redurl") and hasattr(conn, "redcode") and target and not conf.redirectHandled and not conf.realTest:
|
||||
if hasattr(conn, "redurl") and hasattr(conn, "redcode") and target\
|
||||
and not redirecting and not conf.realTest:
|
||||
|
||||
if kb.alwaysRedirect is None:
|
||||
msg = "sqlmap got a %d redirect to " % conn.redcode
|
||||
msg += "%s - What target address do you " % conn.redurl
|
||||
msg += "want to use from now on? %s " % conf.url
|
||||
msg += "(default) or provide another target address based "
|
||||
msg += "also on the redirection got from the application\n"
|
||||
msg += "'%s'. do you want to follow redirects " % conn.redurl
|
||||
msg += "from now on (or stay on the original page)? [Y/n]"
|
||||
choice = readInput(msg, default="Y")
|
||||
|
||||
while True:
|
||||
choice = readInput(msg, default=None)
|
||||
kb.alwaysRedirect = choice in ("n", "N")
|
||||
|
||||
if not choice:
|
||||
pass
|
||||
else:
|
||||
conf.url = choice
|
||||
try:
|
||||
parseTargetUrl()
|
||||
kwargs['url'] = conn.redurl if kb.alwaysRedirect else conf.url
|
||||
kwargs['redirecting'] = True
|
||||
return Connect.__getPageProxy(**kwargs)
|
||||
except sqlmapSyntaxException:
|
||||
continue
|
||||
|
||||
break
|
||||
|
||||
conf.redirectHandled = True
|
||||
|
||||
# Return response object
|
||||
if response:
|
||||
|
|
|
@ -8,6 +8,7 @@ See the file 'doc/COPYING' for copying permission
|
|||
"""
|
||||
|
||||
import urllib2
|
||||
import urlparse
|
||||
|
||||
from lib.core.data import conf
|
||||
from lib.core.data import logger
|
||||
|
@ -52,6 +53,10 @@ class SmartRedirectHandler(urllib2.HTTPRedirectHandler):
|
|||
elif "uri" in headers:
|
||||
result.redurl = headers.getheaders("uri")[0].split("?")[0]
|
||||
|
||||
if hasattr(result, 'redurl'):
|
||||
if result.redurl.startswith('.') or result.redurl.startswith('/'):
|
||||
result.redurl = urlparse.urljoin(conf.url, result.redurl)
|
||||
|
||||
if "set-cookie" in headers:
|
||||
result.setcookie = headers["set-cookie"].split("; path")[0]
|
||||
|
||||
|
|
Loading…
Reference in New Issue
Block a user