fix for Bug #202

lib/core/option.py

@@ -1031,6 +1031,7 @@ def __setKnowledgeBaseAttributes():
 
     kb.absFilePaths    = set()
     kb.assumeEmpty     = False
+    kb.authHeader      = None
     kb.bannerFp        = advancedDict()
 
     kb.cache           = advancedDict()

lib/core/target.py

@@ -286,6 +286,7 @@ def initTargetEnv():
         conf.parameters   = {}
         conf.sessionFile  = None
 
+        kb.authHeader     = None
         kb.dbms           = None
         kb.dbmsDetected   = False
         kb.dbmsVersion    = [ "Unknown" ]

lib/request/connect.py

@@ -121,6 +121,9 @@ class Connect:
 
             headers["Referer"] = "%s://%s" % (conf.scheme, conf.hostname)
 
+            if kb.authHeader:
+                headers["Authorization"] = kb.authHeader
+
             if auxHeaders:
                 for key, item in auxHeaders.items():
                     headers[key] = item
@@ -163,6 +166,9 @@ class Connect:
 
             conn = urllib2.urlopen(req)
 
+            if req.has_header("Authorization"):
+                kb.authHeader = req.headers["Authorization"]
+
             if hasattr(conn, "redurl") and hasattr(conn, "redcode") and not conf.redirectHandled:
                 msg  = "sqlmap got a %d redirect to " % conn.redcode
                 msg += "%s - What target address do you " % conn.redurl