sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-11-25 02:53:46 +03:00
Code Issues Packages Projects Releases Wiki Activity

added --charset option to force charset encoding of the retrieved data (e.g. when the backend collation is different than the current web page charset) as requested by devon.mitchell1988@y​ahoo.com

Browse Source
This commit is contained in:
Miroslav Stampar 2011-05-17 22:55:22 +00:00
parent dfe81cc66f
commit cc07e5dc97
5 changed files with 60 additions and 40 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
lib/core/option.py
View File

@ -1636,6 +1636,15 @@ def __basicOptionValidation():
errMsg = "value for --union-cols must be a range with hyphon (e.g. 1-10)"
raise sqlmapSyntaxException, errMsg
if conf.charset:
try:
codecs.lookup(conf.charset)
except LookupError:
errMsg = "unknown charset '%s'. please visit page " % conf.charset
errMsg += "'http://docs.python.org/library/codecs.html#standard-encodings' "
errMsg += "to get the full list of supported charsets"
raise sqlmapSyntaxException, errMsg
def init(inputOptions=advancedDict(), overrideOptions=False):
"""
Set attributes into both configuration and knowledge base singletons

13
lib/core/optiondict.py
View File

@ -150,14 +150,15 @@ optDict = {
"General": {
#"xmlFile": "string",
"trafficFile": "string",
"sessionFile": "string",
"flushSession": "boolean",
"freshQueries": "boolean",
"forms": "boolean",
"trafficFile": "string",
"batch": "boolean",
"charset": "string",
"eta": "boolean",
"updateAll": "boolean",
"batch": "boolean"
"flushSession": "boolean",
"forms": "boolean",
"freshQueries": "boolean",
"updateAll": "boolean"
},
"Miscellaneous": {

31
lib/parse/cmdline.py
View File

@ -447,13 +447,25 @@ def cmdLineParser():
#general.add_option("-x", dest="xmlFile",
# help="Dump the data into an XML file")
general.add_option("-s", dest="sessionFile",
help="Save and resume all data retrieved "
"on a session file")
general.add_option("-t", dest="trafficFile",
help="Log all HTTP traffic into a "
"textual file")
general.add_option("-s", dest="sessionFile",
help="Save and resume all data retrieved "
"on a session file")
general.add_option("--batch", dest="batch",
action="store_true", default=False,
help="Never ask for user input, use the default behaviour")
general.add_option("--charset", dest="charset",
help="Force character encoding used for data retrieval")
general.add_option("--eta", dest="eta",
action="store_true", default=False,
help="Display for each output the "
"estimated time of arrival")
general.add_option("--flush-session", dest="flushSession",
action="store_true", default=False,
@ -463,22 +475,13 @@ def cmdLineParser():
action="store_true", default=False,
help="Ignores query results stored in session file")
general.add_option("--eta", dest="eta",
action="store_true", default=False,
help="Display for each output the "
"estimated time of arrival")
general.add_option("--update", dest="updateAll",
action="store_true", default=False,
help="Update sqlmap")
general.add_option("--save", dest="saveCmdline",
action="store_true", default=False,
help="Save options on a configuration INI file")
general.add_option("--batch", dest="batch",
general.add_option("--update", dest="updateAll",
action="store_true", default=False,
help="Never ask for user input, use the default behaviour")
help="Update sqlmap")
# Miscellaneous options
miscellaneous = OptionGroup(parser, "Miscellaneous")

4
lib/request/basic.py
View File

@ -134,6 +134,7 @@ def checkCharEncoding(encoding):
return None
# http://www.iana.org/assignments/character-sets
# http://docs.python.org/library/codecs.html
try:
codecs.lookup(encoding)
except LookupError:
@ -173,6 +174,7 @@ def decodePage(page, contentEncoding, contentType):
page = data.read()
if not conf.charset:
httpCharset, metaCharset = None, None
# http://stackoverflow.com/questions/1020892/python-urllib2-read-to-unicode
@ -186,6 +188,8 @@ def decodePage(page, contentEncoding, contentType):
kb.pageEncoding = httpCharset or metaCharset
else:
kb.pageEncoding = None
else:
kb.pageEncoding = conf.charset
if contentType and any(map(lambda x: x in contentType.lower(), ('text/txt', 'text/raw', 'text/html', 'text/xml'))):
# can't do for all responses because we need to support binary files too

25
sqlmap.conf
View File

@ -493,11 +493,23 @@ regType =
# These options can be used to set some general working parameters.
[General]
# Save and resume all data retrieved on a session file.
sessionFile =
# Log all HTTP traffic into a textual file.
trafficFile =
# Save and resume all data retrieved on a session file.
sessionFile =
# Never ask for user input, use the default behaviour.
# Valid: True or False
batch = False
# Force character encoding used for data retrieval.
charset =
# Retrieve each query output length and calculate the estimated time of
# arrival in real time.
# Valid: True or False
eta = False
# Flush session file for current target.
# Valid: True or False
@ -507,19 +519,10 @@ flushSession = False
# Valid: True or False
freshQueries = False
# Retrieve each query output length and calculate the estimated time of
# arrival in real time.
# Valid: True or False
eta = False
# Update sqlmap.
# Valid: True or False
updateAll = False
# Never ask for user input, use the default behaviour.
# Valid: True or False
batch = False
[Miscellaneous]