mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2024-11-22 09:36:35 +03:00
Implements #4656
This commit is contained in:
Miroslav Stampar
parent
76b310cc43
commit
cfa7b3c3bd
|
|
@ -11,6 +11,7 @@ import random
|
||||||
import re
|
import re
|
||||||
import string
|
import string
|
||||||
import sys
|
import sys
|
||||||
|
import time
|
||||||
|
|
||||||
from lib.core.enums import DBMS
|
from lib.core.enums import DBMS
|
||||||
from lib.core.enums import DBMS_DIRECTORY_NAME
|
from lib.core.enums import DBMS_DIRECTORY_NAME
|
||||||
|
|
@ -18,7 +19,7 @@ from lib.core.enums import OS
|
||||||
from thirdparty.six import unichr as _unichr
|
from thirdparty.six import unichr as _unichr
|
||||||
|
|
||||||
# sqlmap version (<major>.<minor>.<month>.<monthly commit>)
|
# sqlmap version (<major>.<minor>.<month>.<monthly commit>)
|
||||||
VERSION = "1.5.4.8"
|
VERSION = "1.5.4.9"
|
||||||
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
|
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
|
||||||
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
|
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
|
||||||
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
|
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
|
||||||
|
|
@ -125,6 +126,9 @@ MAX_MURPHY_SLEEP_TIME = 3
|
||||||
# Regular expression used for extracting results from Google search
|
# Regular expression used for extracting results from Google search
|
||||||
GOOGLE_REGEX = r"webcache\.googleusercontent\.com/search\?q=cache:[^:]+:([^+]+)\+&cd=|url\?\w+=((?![^>]+webcache\.googleusercontent\.com)http[^>]+)&(sa=U|rct=j)"
|
GOOGLE_REGEX = r"webcache\.googleusercontent\.com/search\?q=cache:[^:]+:([^+]+)\+&cd=|url\?\w+=((?![^>]+webcache\.googleusercontent\.com)http[^>]+)&(sa=U|rct=j)"
|
||||||
|
|
||||||
|
# Google Search consent cookie
|
||||||
|
GOOGLE_CONSENT_COOKIE = "CONSENT=YES+shp.gws-%s-0-RC1.%s+FX+740" % (time.strftime("%Y%m%d"), "".join(random.sample(string.ascii_lowercase, 2)))
|
||||||
|
|
||||||
# Regular expression used for extracting results from DuckDuckGo search
|
# Regular expression used for extracting results from DuckDuckGo search
|
||||||
DUCKDUCKGO_REGEX = r'<a class="result__url" href="(htt[^"]+)'
|
DUCKDUCKGO_REGEX = r'<a class="result__url" href="(htt[^"]+)'
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -28,6 +28,7 @@ from lib.core.exception import SqlmapUserQuitException
|
||||||
from lib.core.settings import BING_REGEX
|
from lib.core.settings import BING_REGEX
|
||||||
from lib.core.settings import DUCKDUCKGO_REGEX
|
from lib.core.settings import DUCKDUCKGO_REGEX
|
||||||
from lib.core.settings import DUMMY_SEARCH_USER_AGENT
|
from lib.core.settings import DUMMY_SEARCH_USER_AGENT
|
||||||
|
from lib.core.settings import GOOGLE_CONSENT_COOKIE
|
||||||
from lib.core.settings import GOOGLE_REGEX
|
from lib.core.settings import GOOGLE_REGEX
|
||||||
from lib.core.settings import HTTP_ACCEPT_ENCODING_HEADER_VALUE
|
from lib.core.settings import HTTP_ACCEPT_ENCODING_HEADER_VALUE
|
||||||
from lib.core.settings import UNICODE_ENCODING
|
from lib.core.settings import UNICODE_ENCODING
|
||||||
|
|
@ -52,6 +53,7 @@ def _search(dork):
|
||||||
|
|
||||||
requestHeaders[HTTP_HEADER.USER_AGENT] = dict(conf.httpHeaders).get(HTTP_HEADER.USER_AGENT, DUMMY_SEARCH_USER_AGENT)
|
requestHeaders[HTTP_HEADER.USER_AGENT] = dict(conf.httpHeaders).get(HTTP_HEADER.USER_AGENT, DUMMY_SEARCH_USER_AGENT)
|
||||||
requestHeaders[HTTP_HEADER.ACCEPT_ENCODING] = HTTP_ACCEPT_ENCODING_HEADER_VALUE
|
requestHeaders[HTTP_HEADER.ACCEPT_ENCODING] = HTTP_ACCEPT_ENCODING_HEADER_VALUE
|
||||||
|
requestHeaders[HTTP_HEADER.COOKIE] = GOOGLE_CONSENT_COOKIE
|
||||||
|
|
||||||
try:
|
try:
|
||||||
req = _urllib.request.Request("https://www.google.com/ncr", headers=requestHeaders)
|
req = _urllib.request.Request("https://www.google.com/ncr", headers=requestHeaders)
|
||||||
|
|
@ -63,7 +65,7 @@ def _search(dork):
|
||||||
gpage = conf.googlePage if conf.googlePage > 1 else 1
|
gpage = conf.googlePage if conf.googlePage > 1 else 1
|
||||||
logger.info("using search result page #%d" % gpage)
|
logger.info("using search result page #%d" % gpage)
|
||||||
|
|
||||||
url = "http://www.google.com/search?" # NOTE: https version goes to the consent
|
url = "https://www.google.com/search?" # NOTE: if consent fails, try to use the "http://"
|
||||||
url += "q=%s&" % urlencode(dork, convall=True)
|
url += "q=%s&" % urlencode(dork, convall=True)
|
||||||
url += "num=100&hl=en&complete=0&safe=off&filter=0&btnG=Search"
|
url += "num=100&hl=en&complete=0&safe=off&filter=0&btnG=Search"
|
||||||
url += "&start=%d" % ((gpage - 1) * 100)
|
url += "&start=%d" % ((gpage - 1) * 100)
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue
Block a user