diff --git a/lib/controller/checks.py b/lib/controller/checks.py index 112b9e0c6..2c137c5f4 100644 --- a/lib/controller/checks.py +++ b/lib/controller/checks.py @@ -460,7 +460,7 @@ def checkSqlInjection(place, parameter, value): # Feed with the boundaries details only the first time a # test has been successful if injection.place is None or injection.parameter is None: - if place in (PLACE.UA, PLACE.REFERER, PLACE.HOST): + if place in (PLACE.USER_AGENT, PLACE.REFERER, PLACE.HOST): injection.parameter = place else: injection.parameter = parameter diff --git a/lib/controller/controller.py b/lib/controller/controller.py index 984392177..950a7c863 100644 --- a/lib/controller/controller.py +++ b/lib/controller/controller.py @@ -378,7 +378,7 @@ def start(): for place in parameters: # Test User-Agent and Referer headers only if # --level >= 3 - skip = (place == PLACE.UA and conf.level < 3) + skip = (place == PLACE.USER_AGENT and conf.level < 3) skip |= (place == PLACE.REFERER and conf.level < 3) # Test Host header only if @@ -388,11 +388,11 @@ def start(): # Test Cookie header only if --level >= 2 skip |= (place == PLACE.COOKIE and conf.level < 2) - skip |= (place == PLACE.UA and intersect(USER_AGENT_ALIASES, conf.skip, True) not in ([], None)) + skip |= (place == PLACE.USER_AGENT and intersect(USER_AGENT_ALIASES, conf.skip, True) not in ([], None)) skip |= (place == PLACE.REFERER and intersect(REFERER_ALIASES, conf.skip, True) not in ([], None)) skip |= (place == PLACE.COOKIE and intersect(PLACE.COOKIE, conf.skip, True) not in ([], None)) - skip &= not (place == PLACE.UA and intersect(USER_AGENT_ALIASES, conf.testParameter, True)) + skip &= not (place == PLACE.USER_AGENT and intersect(USER_AGENT_ALIASES, conf.testParameter, True)) skip &= not (place == PLACE.REFERER and intersect(REFERER_ALIASES, conf.testParameter, True)) skip &= not (place == PLACE.HOST and intersect(HOST_ALIASES, conf.testParameter, True)) diff --git a/lib/core/agent.py b/lib/core/agent.py index 26c4781f7..557495f91 100644 --- a/lib/core/agent.py +++ b/lib/core/agent.py @@ -118,7 +118,7 @@ class Agent: retVal = ET.tostring(root) elif place in (PLACE.URI, PLACE.CUSTOM_POST): retVal = paramString.replace("%s%s" % (origValue, CUSTOM_INJECTION_MARK_CHAR), self.addPayloadDelimiters(newValue)) - elif place in (PLACE.UA, PLACE.REFERER, PLACE.HOST): + elif place in (PLACE.USER_AGENT, PLACE.REFERER, PLACE.HOST): retVal = paramString.replace(origValue, self.addPayloadDelimiters(newValue)) else: retVal = paramString.replace("%s=%s" % (parameter, origValue), diff --git a/lib/core/enums.py b/lib/core/enums.py index 1f98c0490..1c0ddcd26 100644 --- a/lib/core/enums.py +++ b/lib/core/enums.py @@ -61,7 +61,7 @@ class PLACE: SOAP = "SOAP" URI = "URI" COOKIE = "Cookie" - UA = "User-Agent" + USER_AGENT = "User-Agent" REFERER = "Referer" HOST = "Host" CUSTOM_POST = "(custom) POST" diff --git a/lib/core/target.py b/lib/core/target.py index 68f219b25..076823e45 100644 --- a/lib/core/target.py +++ b/lib/core/target.py @@ -26,6 +26,7 @@ from lib.core.data import logger from lib.core.data import paths from lib.core.dump import dumper from lib.core.enums import HASHDB_KEYS +from lib.core.enums import HTTPHEADER from lib.core.enums import HTTPMETHOD from lib.core.enums import PLACE from lib.core.exception import sqlmapFilePathException @@ -158,16 +159,18 @@ def __setRequestParams(): # Url encoding of the header values should be avoided # Reference: http://stackoverflow.com/questions/5085904/is-ok-to-urlencode-the-value-in-headerlocation-value - if httpHeader == PLACE.UA: - conf.parameters[PLACE.UA] = urldecode(headerValue) + httpHeader = "-".join(_.capitalize() for _ in (httpHeader or "").split("-")) + + if httpHeader == HTTPHEADER.USER_AGENT: + conf.parameters[PLACE.USER_AGENT] = urldecode(headerValue) condition = any((not conf.testParameter, intersect(conf.testParameter, USER_AGENT_ALIASES))) if condition: - conf.paramDict[PLACE.UA] = {PLACE.UA: headerValue} + conf.paramDict[PLACE.USER_AGENT] = {PLACE.USER_AGENT: headerValue} testableParameters = True - elif httpHeader == PLACE.REFERER: + elif httpHeader == HTTPHEADER.REFERER: conf.parameters[PLACE.REFERER] = urldecode(headerValue) condition = any((not conf.testParameter, intersect(conf.testParameter, REFERER_ALIASES))) @@ -176,7 +179,7 @@ def __setRequestParams(): conf.paramDict[PLACE.REFERER] = {PLACE.REFERER: headerValue} testableParameters = True - elif httpHeader == PLACE.HOST: + elif httpHeader == HTTPHEADER.HOST: conf.parameters[PLACE.HOST] = urldecode(headerValue) condition = any((not conf.testParameter, intersect(conf.testParameter, HOST_ALIASES))) diff --git a/lib/request/connect.py b/lib/request/connect.py index 7f3528b53..8c1c30e71 100644 --- a/lib/request/connect.py +++ b/lib/request/connect.py @@ -595,8 +595,8 @@ class Connect: if PLACE.COOKIE in conf.parameters: cookie = conf.parameters[PLACE.COOKIE] if place != PLACE.COOKIE or not value else value - if PLACE.UA in conf.parameters: - ua = conf.parameters[PLACE.UA] if place != PLACE.UA or not value else value + if PLACE.USER_AGENT in conf.parameters: + ua = conf.parameters[PLACE.USER_AGENT] if place != PLACE.USER_AGENT or not value else value if PLACE.REFERER in conf.parameters: referer = conf.parameters[PLACE.REFERER] if place != PLACE.REFERER or not value else value