sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-11-29 04:53:48 +03:00
Code Issues Packages Projects Releases Wiki Activity

Support for multiple injection marks inside the same header value (Issue #48)

Browse Source
This commit is contained in:
Miroslav Stampar 2013-02-12 12:06:13 +01:00
parent b9cc127ead
commit c2672e78fc
1 changed files with 11 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
lib/core/target.py
View File

@ -148,12 +148,13 @@ def _setRequestParams():
elif test[0] in ("q", "Q"): elif test[0] in ("q", "Q"):
raise SqlmapUserQuitException raise SqlmapUserQuitException
for place, value in ((PLACE.URI, conf.url), (PLACE.CUSTOM_POST, conf.data), (PLACE.CUSTOM_HEADER, re.sub(r"\bq=[^;']+", "", str(conf.httpHeaders)))): for place, value in ((PLACE.URI, conf.url), (PLACE.CUSTOM_POST, conf.data), (PLACE.CUSTOM_HEADER, str(conf.httpHeaders))):
if CUSTOM_INJECTION_MARK_CHAR in (value or ""): _ = re.sub(r"\bq=[^;']+", "", value or "")
if CUSTOM_INJECTION_MARK_CHAR in _:
if kb.processUserMarks is None: if kb.processUserMarks is None:
_ = {PLACE.URI: '-u', PLACE.CUSTOM_POST: '--data', PLACE.CUSTOM_HEADER: '--headers/--user-agent/--referer'} lut = {PLACE.URI: '-u', PLACE.CUSTOM_POST: '--data', PLACE.CUSTOM_HEADER: '--headers/--user-agent/--referer/--cookie'}
message = "custom injection marking character ('%s') found in option " % CUSTOM_INJECTION_MARK_CHAR message = "custom injection marking character ('%s') found in option " % CUSTOM_INJECTION_MARK_CHAR
message += "'%s'. Do you want to process it? [Y/n/q] " % _[place] message += "'%s'. Do you want to process it? [Y/n/q] " % lut[place]
test = readInput(message, default="Y") test = readInput(message, default="Y")
if test and test[0] in ("q", "Q"): if test and test[0] in ("q", "Q"):
raise SqlmapUserQuitException raise SqlmapUserQuitException
@ -187,7 +188,9 @@ def _setRequestParams():
for index in xrange(len(conf.httpHeaders)): for index in xrange(len(conf.httpHeaders)):
header, value = conf.httpHeaders[index] header, value = conf.httpHeaders[index]
if CUSTOM_INJECTION_MARK_CHAR in re.sub(r"\bq=[^;']+", "", value): if CUSTOM_INJECTION_MARK_CHAR in re.sub(r"\bq=[^;']+", "", value):
conf.paramDict[place][header] = "%s,%s" % (header, value) parts = value.split(CUSTOM_INJECTION_MARK_CHAR)
for i in xrange(len(parts) - 1):
conf.paramDict[place]["%s #%d%s" % (header, i + 1, CUSTOM_INJECTION_MARK_CHAR)] = "%s,%s" % (header, "".join("%s%s" % (parts[j], CUSTOM_INJECTION_MARK_CHAR if i == j else "") for j in xrange(len(parts))))
conf.httpHeaders[index] = (header, value.replace(CUSTOM_INJECTION_MARK_CHAR, "")) conf.httpHeaders[index] = (header, value.replace(CUSTOM_INJECTION_MARK_CHAR, ""))
else: else:
parts = value.split(CUSTOM_INJECTION_MARK_CHAR) parts = value.split(CUSTOM_INJECTION_MARK_CHAR)
@ -203,8 +206,9 @@ def _setRequestParams():
testableParameters = True testableParameters = True
if kb.processUserMarks: if kb.processUserMarks:
conf.url = conf.url.replace(CUSTOM_INJECTION_MARK_CHAR, "") for item in ("url", "data", "agent", "referer", "cookie"):
conf.data = conf.data.replace(CUSTOM_INJECTION_MARK_CHAR, "") if conf.data else conf.data if conf.get(item):
conf[item] = conf[item].replace(CUSTOM_INJECTION_MARK_CHAR, "")
# Perform checks on Cookie parameters # Perform checks on Cookie parameters
if conf.cookie: if conf.cookie: