added null connection check

2024-11-22 09:36:35 +03:00 · 2010-09-16 08:43:10 +00:00 · 2010-09-16 08:43:10 +00:00 · b745331974
commit b745331974
parent ecd6b573f7
4 changed files with 44 additions and 12 deletions
--- a/lib/controller/checks.py
+++ b/lib/controller/checks.py
@ -437,6 +437,29 @@ def checkRegexp():

        return False

+def checkNullConnection():
+    infoMsg = "testing NULL connection to the target url"
+    logger.info(infoMsg)
+
+    try:
+        page, headers = Request.getPage(method="HEAD")
+        if not page and 'Content-Length' in headers:
+            kb.nullConnection = "HEAD"
+        else:
+            page, headers = Request.getPage(auxHeaders={"Range":"bytes=-1"})
+            if page and len(page) == 1 and 'Content-Range' in headers:
+                kb.nullConnection = "Range"
+
+    except sqlmapConnectionException, errMsg:
+        errMsg = getUnicode(errMsg)
+        raise sqlmapConnectionException, errMsg
+
+    if kb.nullConnection:
+        infoMsg = "method '%s' seems to be working" % kb.nullConnection
+        logger.info(infoMsg)
+
+    return kb.nullConnection is not None
+
 def checkConnection():
    try:
        socket.gethostbyname(conf.hostname)
--- a/lib/controller/controller.py
+++ b/lib/controller/controller.py
@ -29,6 +29,7 @@ from lib.controller.checks import checkStability
 from lib.controller.checks import checkString
 from lib.controller.checks import checkRegexp
 from lib.controller.checks import checkConnection
+from lib.controller.checks import checkNullConnection
 from lib.core.common import getUnicode
 from lib.core.common import paramToDict
 from lib.core.common import parseTargetUrl
@ -165,6 +166,8 @@ def start():
            if not checkConnection() or not checkString() or not checkRegexp():
                continue

+            checkNullConnection()
+
            if not conf.dropSetCookie:
                for _, cookie in enumerate(conf.cj):
                    cookie = getUnicode(cookie)
--- a/lib/core/option.py
+++ b/lib/core/option.py
@ -1010,6 +1010,7 @@ def __setKnowledgeBaseAttributes():
    kb.injPlace       = None
    kb.injType        = None
    kb.hintValue      = None
+    kb.nullConnection = None

    # Back-end DBMS underlying operating system fingerprint via banner (-b)
    # parsing
--- a/lib/request/connect.py
+++ b/lib/request/connect.py
@ -69,16 +69,17 @@ class Connect:
            delay = 0.00001 * (conf.cpuThrottle ** 2)
            time.sleep(delay)

-        url       = kwargs.get('url',       conf.url).replace(" ", "%20")
-        get       = kwargs.get('get',       None)
-        post      = kwargs.get('post',      None)
-        method    = kwargs.get('method',    None)
-        cookie    = kwargs.get('cookie',    None)
-        ua        = kwargs.get('ua',        None)
-        direct    = kwargs.get('direct',    False)
-        multipart = kwargs.get('multipart', False)
-        silent    = kwargs.get('silent',    False)
-        raise404  = kwargs.get('raise404',  True)
+        url             = kwargs.get('url',       conf.url).replace(" ", "%20")
+        get             = kwargs.get('get',       None)
+        post            = kwargs.get('post',      None)
+        method          = kwargs.get('method',    None)
+        cookie          = kwargs.get('cookie',    None)
+        ua              = kwargs.get('ua',        None)
+        direct          = kwargs.get('direct',    False)
+        multipart       = kwargs.get('multipart', False)
+        silent          = kwargs.get('silent',    False)
+        raise404        = kwargs.get('raise404',  True)
+        auxHeaders      = kwargs.get('auxHeaders',    None)

        page            = ""
        cookieStr       = ""
@ -130,6 +131,10 @@ class Connect:
            # Perform HTTP request
            headers = forgeHeaders(cookie, ua)

+            if auxHeaders:
+                for key, item in auxHeaders.items():
+                    headers[key] = item
+
            if method:
                req = MethodRequest(url, post, headers)
                req.set_method(method)
@ -272,7 +277,7 @@ class Connect:
        return page, responseHeaders

    @staticmethod
-    def queryPage(value=None, place=None, content=False, getSeqMatcher=False, silent=False, method=None):
+    def queryPage(value=None, place=None, content=False, getSeqMatcher=False, silent=False, method=None, auxHeaders=dict()):
        """
        This method calls a function to get the target url page content
        and returns its page MD5 hash or a boolean value in case of
@ -305,7 +310,7 @@ class Connect:
        if conf.safUrl and conf.saFreq > 0:
            kb.queryCounter += 1
            if kb.queryCounter % conf.saFreq == 0:
-                Connect.getPage(url=conf.safUrl, cookie=cookie, direct=True, silent=True, ua=ua)
+                Connect.getPage(url=conf.safUrl, cookie=cookie, direct=True, silent=True, ua=ua, auxHeaders=auxHeaders)

        page, headers = Connect.getPage(get=get, post=post, cookie=cookie, ua=ua, silent=silent, method=method)