mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2024-11-25 02:53:46 +03:00
Adding option --safe-req
This commit is contained in:
parent
4ded9a9966
commit
bb98894dc1
|
@ -1136,21 +1136,63 @@ def _setHTTPProxy():
|
|||
|
||||
proxyHandler.__init__(proxyHandler.proxies)
|
||||
|
||||
def _setSafeUrl():
|
||||
def _setSafeVisit():
|
||||
"""
|
||||
Check and set the safe URL options.
|
||||
Check and set the safe visit options.
|
||||
"""
|
||||
if not conf.safeUrl:
|
||||
if not any ((conf.safeUrl, conf.safeReqFile)):
|
||||
return
|
||||
|
||||
if not re.search("^http[s]*://", conf.safeUrl):
|
||||
if ":443/" in conf.safeUrl:
|
||||
conf.safeUrl = "https://" + conf.safeUrl
|
||||
if conf.safeReqFile:
|
||||
checkFile(conf.safeReqFile)
|
||||
|
||||
raw = readCachedFileContent(conf.safeReqFile)
|
||||
match = re.search(r"\A([A-Z]+) ([^ ]+) HTTP/[0-9.]+\Z", raw[:raw.find('\n')])
|
||||
|
||||
if match:
|
||||
kb.safeReq.method = match.group(1)
|
||||
kb.safeReq.url = match.group(2)
|
||||
kb.safeReq.headers = {}
|
||||
|
||||
for line in raw[raw.find('\n') + 1:].split('\n'):
|
||||
line = line.strip()
|
||||
if line and ':' in line:
|
||||
key, value = line.split(':', 1)
|
||||
value = value.strip()
|
||||
kb.safeReq.headers[key] = value
|
||||
if key == HTTP_HEADER.HOST:
|
||||
if not value.startswith("http"):
|
||||
scheme = "http"
|
||||
if value.endswith(":443"):
|
||||
scheme = "https"
|
||||
value = "%s://%s" % (scheme, value)
|
||||
kb.safeReq.url = urlparse.urljoin(value, kb.safeReq.url)
|
||||
else:
|
||||
break
|
||||
|
||||
post = None
|
||||
|
||||
if '\r\n\r\n' in raw:
|
||||
post = raw[raw.find('\r\n\r\n') + 4:]
|
||||
elif '\n\n' in raw:
|
||||
post = raw[raw.find('\n\n') + 2:]
|
||||
|
||||
if post and post.strip():
|
||||
kb.safeReq.post = post
|
||||
else:
|
||||
kb.safeReq.post = None
|
||||
else:
|
||||
conf.safeUrl = "http://" + conf.safeUrl
|
||||
errMsg = "invalid format of a safe request file"
|
||||
raise SqlmapSyntaxException, errMsg
|
||||
else:
|
||||
if not re.search("^http[s]*://", conf.safeUrl):
|
||||
if ":443/" in conf.safeUrl:
|
||||
conf.safeUrl = "https://" + conf.safeUrl
|
||||
else:
|
||||
conf.safeUrl = "http://" + conf.safeUrl
|
||||
|
||||
if conf.safeFreq <= 0:
|
||||
errMsg = "please provide a valid value (>0) for safe frequency (--safe-freq) while using safe URL feature"
|
||||
errMsg = "please provide a valid value (>0) for safe frequency (--safe-freq) while using safe visit features"
|
||||
raise SqlmapSyntaxException(errMsg)
|
||||
|
||||
def _setPrefixSuffix():
|
||||
|
@ -1791,6 +1833,7 @@ def _setKnowledgeBaseAttributes(flushAll=True):
|
|||
kb.responseTimes = []
|
||||
kb.resumeValues = True
|
||||
kb.safeCharEncode = False
|
||||
kb.safeReq = AttribDict()
|
||||
kb.singleLogFlags = set()
|
||||
kb.reduceTests = None
|
||||
kb.stickyDBMS = False
|
||||
|
@ -2265,8 +2308,12 @@ def _basicOptionValidation():
|
|||
errMsg = "option '--safe-post' requires usage of option '--safe-url'"
|
||||
raise SqlmapSyntaxException(errMsg)
|
||||
|
||||
if conf.safeFreq and not conf.safeUrl:
|
||||
errMsg = "option '--safe-freq' requires usage of option '--safe-url'"
|
||||
if conf.safeFreq and not any((conf.safeUrl, conf.safeReqFile)):
|
||||
errMsg = "option '--safe-freq' requires usage of option '--safe-url' or '--safe-req'"
|
||||
raise SqlmapSyntaxException(errMsg)
|
||||
|
||||
if conf.safeReqFile and any((conf.safeUrl, conf.safePost)):
|
||||
errMsg = "option '--safe-req' is incompatible with option '--safe-url' and option '--safe-post'"
|
||||
raise SqlmapSyntaxException(errMsg)
|
||||
|
||||
if conf.csrfUrl and not conf.csrfToken:
|
||||
|
@ -2416,7 +2463,7 @@ def init():
|
|||
_setHTTPAuthentication()
|
||||
_setHTTPProxy()
|
||||
_setDNSCache()
|
||||
_setSafeUrl()
|
||||
_setSafeVisit()
|
||||
_setGoogleDorking()
|
||||
_setBulkMultipleTargets()
|
||||
_setSitemapTargets()
|
||||
|
|
|
@ -52,6 +52,7 @@ optDict = {
|
|||
"rParam": "string",
|
||||
"safeUrl": "string",
|
||||
"safePost": "string",
|
||||
"safeReqFile": "string",
|
||||
"safeFreq": "integer",
|
||||
"skipUrlEncode": "boolean",
|
||||
"csrfToken": "string",
|
||||
|
|
|
@ -191,6 +191,9 @@ def cmdLineParser():
|
|||
request.add_option("--safe-post", dest="safePost",
|
||||
help="POST data to send to a safe URL")
|
||||
|
||||
request.add_option("--safe-req", dest="safeReqFile",
|
||||
help="Load safe HTTP request from a file")
|
||||
|
||||
request.add_option("--safe-freq", dest="safeFreq", type="int",
|
||||
help="Test requests between two visits to a given safe URL")
|
||||
|
||||
|
|
|
@ -971,10 +971,13 @@ class Connect(object):
|
|||
warnMsg += "10 or more)"
|
||||
logger.critical(warnMsg)
|
||||
|
||||
if conf.safeUrl and conf.safeFreq > 0:
|
||||
if conf.safeFreq > 0:
|
||||
kb.queryCounter += 1
|
||||
if kb.queryCounter % conf.safeFreq == 0:
|
||||
Connect.getPage(url=conf.safeUrl, post=conf.safePost, cookie=cookie, direct=True, silent=True, ua=ua, referer=referer, host=host)
|
||||
if conf.safeUrl:
|
||||
Connect.getPage(url=conf.safeUrl, post=conf.safePost, cookie=cookie, direct=True, silent=True, ua=ua, referer=referer, host=host)
|
||||
elif kb.safeReq:
|
||||
Connect.getPage(url=kb.safeReq.url, post=kb.safeReq.post, method=kb.safeReq.method, auxHeaders=kb.safeReq.headers)
|
||||
|
||||
start = time.time()
|
||||
|
||||
|
|
|
@ -156,6 +156,9 @@ safeUrl =
|
|||
# Example: username=admin&password=passw0rd!
|
||||
safePost =
|
||||
|
||||
# Load safe HTTP request from a file.
|
||||
safeReqFile =
|
||||
|
||||
# Test requests between two visits to a given safe URL (default 0).
|
||||
# Valid: integer
|
||||
# Default: 0
|
||||
|
|
Loading…
Reference in New Issue
Block a user