sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-02-18 04:20:35 +03:00
Code Issues Packages Projects Releases Wiki Activity

adding some user input for "refreshing" cases (like redirect ones)

Browse Source
This commit is contained in:
Miroslav Stampar 2011-05-27 22:42:23 +00:00
parent cf69809c3c
commit c11ea35d53
2 changed files with 26 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
lib/core/option.py
View File

@ -1317,6 +1317,7 @@ def __setKnowledgeBaseAttributes(flushAll=True):
kb.absFilePaths = set() kb.absFilePaths = set()
kb.adjustTimeDelay = False kb.adjustTimeDelay = False
kb.alwaysRedirect = None kb.alwaysRedirect = None
kb.alwaysRefresh = None
kb.arch = None kb.arch = None
kb.authHeader = None kb.authHeader = None
kb.bannerFp = advancedDict() kb.bannerFp = advancedDict()

40
lib/request/connect.py
View File

@ -260,7 +260,7 @@ class Connect:
msg += "from now on (or stay on the original page)? [Y/n]" msg += "from now on (or stay on the original page)? [Y/n]"
choice = readInput(msg, default="Y") choice = readInput(msg, default="Y")
kb.alwaysRedirect = choice in ("n", "N") kb.alwaysRedirect = choice not in ("n", "N")
kwargs['url'] = conn.redurl if kb.alwaysRedirect else conf.url kwargs['url'] = conn.redurl if kb.alwaysRedirect else conf.url
kwargs['redirecting'] = True kwargs['redirecting'] = True
@ -281,23 +281,33 @@ class Connect:
if extractRegexResult(META_REFRESH_REGEX, page, re.DOTALL | re.IGNORECASE) and not refreshing: if extractRegexResult(META_REFRESH_REGEX, page, re.DOTALL | re.IGNORECASE) and not refreshing:
url = extractRegexResult(META_REFRESH_REGEX, page, re.DOTALL | re.IGNORECASE) url = extractRegexResult(META_REFRESH_REGEX, page, re.DOTALL | re.IGNORECASE)
if url.lower().startswith('http://'):
kwargs['url'] = url
else:
kwargs['url'] = conf.url[:conf.url.rfind('/')+1] + url
threadData.lastRedirectMsg = (threadData.lastRequestUID, page)
kwargs['refreshing'] = True
kwargs['get'] = None
kwargs['post'] = None
debugMsg = "got HTML meta refresh header" debugMsg = "got HTML meta refresh header"
logger.debug(debugMsg) logger.debug(debugMsg)
try: if kb.alwaysRefresh is None:
return Connect.__getPageProxy(**kwargs) msg = "sqlmap got a refresh request "
except sqlmapSyntaxException: msg += "(redirect like response common to login pages). "
pass msg += "do you want to apply the refresh "
msg += "from now on (or stay on the original page)? [Y/n]"
choice = readInput(msg, default="Y")
kb.alwaysRefresh = choice not in ("n", "N")
if kb.alwaysRefresh:
if url.lower().startswith('http://'):
kwargs['url'] = url
else:
kwargs['url'] = conf.url[:conf.url.rfind('/')+1] + url
threadData.lastRedirectMsg = (threadData.lastRequestUID, page)
kwargs['refreshing'] = True
kwargs['get'] = None
kwargs['post'] = None
try:
return Connect.__getPageProxy(**kwargs)
except sqlmapSyntaxException:
pass
# Explicit closing of connection object # Explicit closing of connection object
if not conf.keepAlive: if not conf.keepAlive: