mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2024-11-29 13:03:50 +03:00
Minor code refactoring and added internal debug prints
This commit is contained in:
Bernardo Damele
parent
af9725214a
commit
b3a0f38f3f
|
|
@ -67,46 +67,52 @@ class Agent:
|
||||||
if where is None and isTechniqueAvailable(kb.technique):
|
if where is None and isTechniqueAvailable(kb.technique):
|
||||||
where = kb.injection.data[kb.technique].where
|
where = kb.injection.data[kb.technique].where
|
||||||
|
|
||||||
|
# Debug print
|
||||||
|
#print "value: %s, newValue: %s, where: %s, kb.technique: %s" % (value, newValue, where, kb.technique)
|
||||||
|
|
||||||
if kb.injection.place is not None:
|
if kb.injection.place is not None:
|
||||||
place = kb.injection.place
|
place = kb.injection.place
|
||||||
|
|
||||||
if kb.injection.parameter is not None:
|
if kb.injection.parameter is not None:
|
||||||
parameter = kb.injection.parameter
|
parameter = kb.injection.parameter
|
||||||
|
|
||||||
if place == PLACE.UA:
|
paramString = conf.parameters[place]
|
||||||
retValue = parameter.replace(parameter, self.addPayloadDelimiters(parameter + newValue))
|
paramDict = conf.paramDict[place]
|
||||||
else:
|
origValue = paramDict[parameter]
|
||||||
paramString = conf.parameters[place]
|
|
||||||
paramDict = conf.paramDict[place]
|
|
||||||
origValue = paramDict[parameter]
|
|
||||||
|
|
||||||
if value is None:
|
if value is None:
|
||||||
if where == 1:
|
if where == 1:
|
||||||
value = origValue
|
value = origValue
|
||||||
elif where == 2:
|
elif where == 2:
|
||||||
value = "-%s" % randomInt()
|
if newValue.startswith("-"):
|
||||||
elif where == 3:
|
|
||||||
value = ""
|
value = ""
|
||||||
else:
|
else:
|
||||||
value = origValue
|
value = "-%s" % randomInt()
|
||||||
|
elif where == 3:
|
||||||
newValue = "%s%s" % (value, newValue)
|
value = ""
|
||||||
|
|
||||||
newValue = self.cleanupPayload(newValue, origValue)
|
|
||||||
|
|
||||||
if "POSTxml" in conf.paramDict and place == PLACE.POST:
|
|
||||||
root = ET.XML(paramString)
|
|
||||||
iterator = root.getiterator(parameter)
|
|
||||||
|
|
||||||
for child in iterator:
|
|
||||||
child.text = self.addPayloadDelimiters(newValue)
|
|
||||||
|
|
||||||
retValue = ET.tostring(root)
|
|
||||||
elif place == PLACE.URI:
|
|
||||||
retValue = paramString.replace("*", self.addPayloadDelimiters(newValue))
|
|
||||||
else:
|
else:
|
||||||
retValue = paramString.replace("%s=%s" % (parameter, origValue),
|
value = origValue
|
||||||
"%s=%s" % (parameter, self.addPayloadDelimiters(newValue)))
|
|
||||||
|
newValue = "%s%s" % (value, newValue)
|
||||||
|
|
||||||
|
newValue = self.cleanupPayload(newValue, origValue)
|
||||||
|
|
||||||
|
if "POSTxml" in conf.paramDict and place == PLACE.POST:
|
||||||
|
root = ET.XML(paramString)
|
||||||
|
iterator = root.getiterator(parameter)
|
||||||
|
|
||||||
|
for child in iterator:
|
||||||
|
child.text = self.addPayloadDelimiters(newValue)
|
||||||
|
|
||||||
|
retValue = ET.tostring(root)
|
||||||
|
elif place in (PLACE.UA, PLACE.URI):
|
||||||
|
retValue = paramString.replace("*", self.addPayloadDelimiters(newValue))
|
||||||
|
else:
|
||||||
|
retValue = paramString.replace("%s=%s" % (parameter, origValue),
|
||||||
|
"%s=%s" % (parameter, self.addPayloadDelimiters(newValue)))
|
||||||
|
|
||||||
|
# Debug print
|
||||||
|
#print "retValue:", retValue
|
||||||
|
|
||||||
return retValue
|
return retValue
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue
Block a user