mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2024-11-29 04:53:48 +03:00
fix for redirect/HOST header bug
This commit is contained in:
parent
1061c06617
commit
ccbd93cc2e
|
@ -648,6 +648,9 @@ Phil P <@superevr>
|
||||||
ragos <ragos@joker.ms>
|
ragos <ragos@joker.ms>
|
||||||
for reporting a minor bug
|
for reporting a minor bug
|
||||||
|
|
||||||
|
rmillet <rmillet42@gmail.com>
|
||||||
|
for reporting a bug
|
||||||
|
|
||||||
shiftzwei <shiftzwei@gmail.com>
|
shiftzwei <shiftzwei@gmail.com>
|
||||||
for reporting a couple of bugs
|
for reporting a couple of bugs
|
||||||
|
|
||||||
|
|
|
@ -3128,3 +3128,11 @@ def findPageForms(content, url, raise_=False, addToTargets=False):
|
||||||
kb.targetUrls.add(target)
|
kb.targetUrls.add(target)
|
||||||
|
|
||||||
return retVal
|
return retVal
|
||||||
|
|
||||||
|
def getHostHeader(url):
|
||||||
|
retVal = urlparse.urlparse(url).netloc
|
||||||
|
|
||||||
|
if any(map(lambda x: retVal.endswith(':%d' % x), [80, 443])):
|
||||||
|
retVal = retVal.split(':')[0]
|
||||||
|
|
||||||
|
return retVal
|
|
@ -25,6 +25,7 @@ from lib.core.common import cpuThrottle
|
||||||
from lib.core.common import extractRegexResult
|
from lib.core.common import extractRegexResult
|
||||||
from lib.core.common import getCurrentThreadData
|
from lib.core.common import getCurrentThreadData
|
||||||
from lib.core.common import getFilteredPageContent
|
from lib.core.common import getFilteredPageContent
|
||||||
|
from lib.core.common import getHostHeader
|
||||||
from lib.core.common import getUnicode
|
from lib.core.common import getUnicode
|
||||||
from lib.core.common import logHTTPTraffic
|
from lib.core.common import logHTTPTraffic
|
||||||
from lib.core.common import parseTargetUrl
|
from lib.core.common import parseTargetUrl
|
||||||
|
@ -234,10 +235,7 @@ class Connect:
|
||||||
|
|
||||||
headers[HTTPHEADER.ACCEPT] = HTTP_ACCEPT_HEADER_VALUE
|
headers[HTTPHEADER.ACCEPT] = HTTP_ACCEPT_HEADER_VALUE
|
||||||
|
|
||||||
headers[HTTPHEADER.HOST] = urlparse.urlparse(url).netloc
|
headers[HTTPHEADER.HOST] = getHostHeader(url)
|
||||||
|
|
||||||
if any(map(lambda x: headers[HTTPHEADER.HOST].endswith(':%d' % x), [80, 443])):
|
|
||||||
headers[HTTPHEADER.HOST] = headers[HTTPHEADER.HOST].split(':')[0]
|
|
||||||
|
|
||||||
if auxHeaders:
|
if auxHeaders:
|
||||||
for key, item in auxHeaders.items():
|
for key, item in auxHeaders.items():
|
||||||
|
|
|
@ -12,6 +12,7 @@ import urlparse
|
||||||
|
|
||||||
from lib.core.data import conf
|
from lib.core.data import conf
|
||||||
from lib.core.data import logger
|
from lib.core.data import logger
|
||||||
|
from lib.core.common import getHostHeader
|
||||||
from lib.core.common import getUnicode
|
from lib.core.common import getUnicode
|
||||||
from lib.core.common import logHTTPTraffic
|
from lib.core.common import logHTTPTraffic
|
||||||
from lib.core.enums import HTTPHEADER
|
from lib.core.enums import HTTPHEADER
|
||||||
|
@ -28,6 +29,16 @@ class SmartRedirectHandler(urllib2.HTTPRedirectHandler):
|
||||||
# assuming we're in a loop
|
# assuming we're in a loop
|
||||||
max_redirections = 10
|
max_redirections = 10
|
||||||
|
|
||||||
|
def _get_header_redirect(self, headers):
|
||||||
|
retVal = None
|
||||||
|
|
||||||
|
if "location" in headers:
|
||||||
|
retVal = headers.getheaders("location")[0].split("?")[0]
|
||||||
|
elif "uri" in headers:
|
||||||
|
retVal = headers.getheaders("uri")[0].split("?")[0]
|
||||||
|
|
||||||
|
return retVal
|
||||||
|
|
||||||
def common_http_redirect(self, result, headers, code, content, msg):
|
def common_http_redirect(self, result, headers, code, content, msg):
|
||||||
content = decodePage(content, headers.get(HTTPHEADER.CONTENT_ENCODING), headers.get(HTTPHEADER.CONTENT_TYPE))
|
content = decodePage(content, headers.get(HTTPHEADER.CONTENT_ENCODING), headers.get(HTTPHEADER.CONTENT_TYPE))
|
||||||
|
|
||||||
|
@ -49,10 +60,8 @@ class SmartRedirectHandler(urllib2.HTTPRedirectHandler):
|
||||||
logger.log(7, responseMsg)
|
logger.log(7, responseMsg)
|
||||||
|
|
||||||
if result:
|
if result:
|
||||||
if "location" in headers:
|
if self._get_header_redirect(headers):
|
||||||
result.redurl = headers.getheaders("location")[0].split("?")[0]
|
result.redurl = self._get_header_redirect(headers)
|
||||||
elif "uri" in headers:
|
|
||||||
result.redurl = headers.getheaders("uri")[0].split("?")[0]
|
|
||||||
|
|
||||||
if hasattr(result, 'redurl'):
|
if hasattr(result, 'redurl'):
|
||||||
if not urlparse.urlsplit(result.redurl).netloc:
|
if not urlparse.urlsplit(result.redurl).netloc:
|
||||||
|
@ -76,6 +85,9 @@ class SmartRedirectHandler(urllib2.HTTPRedirectHandler):
|
||||||
dbgMsg += "redirect response content (%s)" % msg
|
dbgMsg += "redirect response content (%s)" % msg
|
||||||
logger.debug(dbgMsg)
|
logger.debug(dbgMsg)
|
||||||
|
|
||||||
|
if self._get_header_redirect(headers):
|
||||||
|
req.headers[HTTPHEADER.HOST] = getHostHeader(self._get_header_redirect(headers))
|
||||||
|
|
||||||
result = urllib2.HTTPRedirectHandler.http_error_301(self, req, fp, code, msg, headers)
|
result = urllib2.HTTPRedirectHandler.http_error_301(self, req, fp, code, msg, headers)
|
||||||
return self.common_http_redirect(result, headers, code, content, msg)
|
return self.common_http_redirect(result, headers, code, content, msg)
|
||||||
|
|
||||||
|
@ -90,6 +102,9 @@ class SmartRedirectHandler(urllib2.HTTPRedirectHandler):
|
||||||
dbgMsg += "redirect response content (%s)" % msg
|
dbgMsg += "redirect response content (%s)" % msg
|
||||||
logger.debug(dbgMsg)
|
logger.debug(dbgMsg)
|
||||||
|
|
||||||
|
if self._get_header_redirect(headers):
|
||||||
|
req.headers[HTTPHEADER.HOST] = getHostHeader(self._get_header_redirect(headers))
|
||||||
|
|
||||||
result = urllib2.HTTPRedirectHandler.http_error_302(self, req, fp, code, msg, headers)
|
result = urllib2.HTTPRedirectHandler.http_error_302(self, req, fp, code, msg, headers)
|
||||||
return self.common_http_redirect(result, headers, code, content, msg)
|
return self.common_http_redirect(result, headers, code, content, msg)
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue
Block a user