fix for Bug #202

2024-11-22 17:46:37 +03:00 · 2010-10-18 08:54:08 +00:00 · 2010-10-18 08:54:08 +00:00 · aaebb4336e
commit aaebb4336e
parent 683184cc8f
3 changed files with 10 additions and 2 deletions
--- a/lib/core/option.py
+++ b/lib/core/option.py
@ -1031,6 +1031,7 @@ def __setKnowledgeBaseAttributes():

    kb.absFilePaths    = set()
    kb.assumeEmpty     = False
+    kb.authHeader      = None
    kb.bannerFp        = advancedDict()

    kb.cache           = advancedDict()
--- a/lib/core/target.py
+++ b/lib/core/target.py
@ -286,6 +286,7 @@ def initTargetEnv():
        conf.parameters   = {}
        conf.sessionFile  = None

+        kb.authHeader     = None
        kb.dbms           = None
        kb.dbmsDetected   = False
        kb.dbmsVersion    = [ "Unknown" ]
--- a/lib/request/connect.py
+++ b/lib/request/connect.py
@ -121,6 +121,9 @@ class Connect:

            headers["Referer"] = "%s://%s" % (conf.scheme, conf.hostname)

+            if kb.authHeader:
+                headers["Authorization"] = kb.authHeader
+
            if auxHeaders:
                for key, item in auxHeaders.items():
                    headers[key] = item
@ -140,10 +143,10 @@ class Connect:
                for _, cookie in enumerate(conf.cj):
                    if not cookieStr:
                        cookieStr = "Cookie: "
-    
+
                    cookie = getUnicode(cookie)
                    index  = cookie.index(" for ")
-    
+
                    cookieStr += "%s; " % cookie[8:index]

            if not req.has_header("Cookie") and cookieStr:
@ -163,6 +166,9 @@ class Connect:

            conn = urllib2.urlopen(req)

+            if req.has_header("Authorization"):
+                kb.authHeader = req.headers["Authorization"]
+
            if hasattr(conn, "redurl") and hasattr(conn, "redcode") and not conf.redirectHandled:
                msg  = "sqlmap got a %d redirect to " % conn.redcode
                msg += "%s - What target address do you " % conn.redurl