sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-01-24 08:14:24 +03:00
Code Issues Packages Projects Releases Wiki Activity

Another update for an Issue #79

Browse Source
This commit is contained in:
Miroslav Stampar 2012-08-31 12:38:02 +02:00
parent 47d162f391
commit b916db34a4
1 changed files with 10 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
lib/request/connect.py
View File

@ -548,6 +548,7 @@ class Connect:
pageLength = None pageLength = None
uri = None uri = None
code = None code = None
skipUrlEncode = conf.skipUrlEncode
if not place: if not place:
place = kb.injection.place or PLACE.GET place = kb.injection.place or PLACE.GET
@ -558,6 +559,12 @@ class Connect:
payload = agent.extractPayload(value) payload = agent.extractPayload(value)
threadData = getCurrentThreadData() threadData = getCurrentThreadData()
if skipUrlEncode is None and conf.httpHeaders:
headers = dict(conf.httpHeaders)
_ = max(headers[_] if _.upper() == HTTPHEADER.CONTENT_TYPE.upper() else None for _ in headers.keys())
if _ and "urlencoded" not in _:
skipUrlEncode = True
if payload: if payload:
if kb.tamperFunctions: if kb.tamperFunctions:
for function in kb.tamperFunctions: for function in kb.tamperFunctions:
@ -573,7 +580,7 @@ class Connect:
# addendum: as we support url encoding in tampering # addendum: as we support url encoding in tampering
# functions therefore we need to use % as a safe char # functions therefore we need to use % as a safe char
if place != PLACE.URI or (value and payload and '?' in value and value.find('?') < value.find(payload)): if place != PLACE.URI or (value and payload and '?' in value and value.find('?') < value.find(payload)):
payload = urlencode(payload, '%', False, True) if place not in (PLACE.POST, PLACE.CUSTOM_POST) and not conf.skipUrlEncode else payload payload = urlencode(payload, '%', False, True) if place not in (PLACE.POST, PLACE.CUSTOM_POST) and not skipUrlEncode else payload
value = agent.replacePayload(value, payload) value = agent.replacePayload(value, payload)
elif place == PLACE.SOAP: elif place == PLACE.SOAP:
@ -676,10 +683,10 @@ class Connect:
msg += "Do you want to turn off URL encoding " msg += "Do you want to turn off URL encoding "
msg += "which is usually causing problems " msg += "which is usually causing problems "
msg += "in this kind of situations? [Y/n]" msg += "in this kind of situations? [Y/n]"
conf.skipUrlEncode = readInput(msg, default="Y").upper() != "N" skipUrlEncode = conf.skipUrlEncode = readInput(msg, default="Y").upper() != "N"
if place not in (PLACE.POST, PLACE.SOAP, PLACE.CUSTOM_POST) and hasattr(post, UNENCODED_ORIGINAL_VALUE): if place not in (PLACE.POST, PLACE.SOAP, PLACE.CUSTOM_POST) and hasattr(post, UNENCODED_ORIGINAL_VALUE):
post = getattr(post, UNENCODED_ORIGINAL_VALUE) post = getattr(post, UNENCODED_ORIGINAL_VALUE)
elif not conf.skipUrlEncode and place not in (PLACE.SOAP,): elif not skipUrlEncode and place not in (PLACE.SOAP,):
post = urlencode(post) post = urlencode(post)
if timeBasedCompare: if timeBasedCompare: