sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-03-03 11:45:46 +03:00
Code Issues Packages Projects Releases Wiki Activity

Implementation for #3859

Browse Source
This commit is contained in:
Miroslav Stampar 2019-08-02 20:29:52 +02:00
parent 093b36f12d
commit b5063fc25a
3 changed files with 15 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
lib/core/option.py
View File

@ -1302,6 +1302,9 @@ def _setHTTPExtraHeaders():
if header and value: if header and value:
conf.httpHeaders.append((header, value)) conf.httpHeaders.append((header, value))
elif headerValue.startswith('@'):
checkFile(headerValue[1:])
kb.headersFile = headerValue[1:]
else: else:
errMsg = "invalid header value: %s. Valid header format is 'name:value'" % repr(headerValue).lstrip('u') errMsg = "invalid header value: %s. Valid header format is 'name:value'" % repr(headerValue).lstrip('u')
raise SqlmapSyntaxException(errMsg) raise SqlmapSyntaxException(errMsg)
@ -1905,6 +1908,7 @@ def _setKnowledgeBaseAttributes(flushAll=True):
kb.forceWhere = None kb.forceWhere = None
kb.futileUnion = None kb.futileUnion = None
kb.heavilyDynamic = False kb.heavilyDynamic = False
kb.headersFile = None
kb.headersFp = {} kb.headersFp = {}
kb.heuristicDbms = None kb.heuristicDbms = None
kb.heuristicExtendedDbms = None kb.heuristicExtendedDbms = None

2
lib/core/settings.py
View File

@ -18,7 +18,7 @@ from lib.core.enums import OS
from thirdparty.six import unichr as _unichr from thirdparty.six import unichr as _unichr
# sqlmap version (<major>.<minor>.<month>.<monthly commit>) # sqlmap version (<major>.<minor>.<month>.<monthly commit>)
VERSION = "1.3.8.0" VERSION = "1.3.8.1"
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable" TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34} TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE) VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)

10
lib/request/connect.py
View File

@ -42,6 +42,7 @@ from lib.core.common import getRequestHeader
from lib.core.common import getSafeExString from lib.core.common import getSafeExString
from lib.core.common import isMultiThreadMode from lib.core.common import isMultiThreadMode
from lib.core.common import logHTTPTraffic from lib.core.common import logHTTPTraffic
from lib.core.common import openFile
from lib.core.common import popValue from lib.core.common import popValue
from lib.core.common import pushValue from lib.core.common import pushValue
from lib.core.common import randomizeParameterValue from lib.core.common import randomizeParameterValue
@ -60,6 +61,7 @@ from lib.core.common import wasLastResponseDelayed
from lib.core.compat import patchHeaders from lib.core.compat import patchHeaders
from lib.core.compat import xrange from lib.core.compat import xrange
from lib.core.convert import getBytes from lib.core.convert import getBytes
from lib.core.convert import getText
from lib.core.convert import getUnicode from lib.core.convert import getUnicode
from lib.core.data import conf from lib.core.data import conf
from lib.core.data import kb from lib.core.data import kb
@ -426,6 +428,14 @@ class Connect(object):
if auxHeaders: if auxHeaders:
headers = forgeHeaders(auxHeaders, headers) headers = forgeHeaders(auxHeaders, headers)
if kb.headersFile:
content = openFile(kb.headersFile, "rb").read()
for line in content.split("\n"):
line = getText(line.strip())
if ':' in line:
header, value = line.split(':', 1)
headers[header] = value
for key, value in list(headers.items()): for key, value in list(headers.items()):
del headers[key] del headers[key]
if isinstance(value, six.string_types): if isinstance(value, six.string_types):