sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-02-16 19:40:37 +03:00
Code Issues Packages Projects Releases Wiki Activity

fix for that duplicates

Browse Source
This commit is contained in:
Miroslav Stampar 2010-10-15 00:34:16 +00:00
parent 4f7f20b94f
commit d0df8cdac9
2 changed files with 34 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
lib/controller/controller.py
View File

@ -7,6 +7,8 @@ Copyright (c) 2006-2010 sqlmap developers (http://sqlmap.sourceforge.net/)
See the file 'doc/COPYING' for copying permission
"""
import re
from lib.controller.action import action
from lib.controller.checks import checkSqlInjection
from lib.controller.checks import heuristicCheckSqlInjection
@ -116,6 +118,21 @@ def start():
conf.data = targetData
conf.cookie = targetCookie
injData = []
initTargetEnv()
parseTargetUrl()
testSqlInj = False
if "GET" in conf.parameters:
for parameter in re.findall(r"([^=]+)=[^&]+&?", conf.parameters["GET"]):
paramKey = (conf.hostname, conf.path, "GET", parameter)
if paramKey not in kb.testedParams:
testSqlInj = True
break
if not testSqlInj:
infoMsg = "skipping '%s'" % targetUrl
logger.info(infoMsg)
continue
if conf.multipleTargets:
hostCount += 1
@ -140,8 +157,6 @@ def start():
logMsg = "testing url %s" % targetUrl
logger.info(logMsg)
initTargetEnv()
parseTargetUrl()
setupTargetEnv()
if not checkConnection() or not checkString() or not checkRegexp():
@ -192,23 +207,26 @@ def start():
continue
paramDict = conf.paramDict[place]
for parameter, value in paramDict.items():
testSqlInj = True
paramKey = (conf.hostname, place, parameter)
paramKey = (conf.hostname, conf.path, place, parameter)
if paramKey in kb.testedParams:
warnMsg = "skipping previously processed %s parameter '%s'" % (place, parameter)
logger.warn(warnMsg)
testSqlInj = False
infoMsg = "skipping previously processed %s parameter '%s'" % (place, parameter)
logger.info(infoMsg)
# Avoid dinamicity test if the user provided the
# parameter manually
elif parameter in conf.testParameter:
pass
elif not checkDynParam(place, parameter, value):
warnMsg = "%s parameter '%s' is not dynamic" % (place, parameter)
logger.warn(warnMsg)
testSqlInj = False
else:
logMsg = "%s parameter '%s' is dynamic" % (place, parameter)
logger.info(logMsg)
@ -217,6 +235,7 @@ def start():
if testSqlInj:
heuristicCheckSqlInjection(place, parameter, value)
for parenthesis in range(0, 4):
logMsg = "testing sql injection on %s " % place
logMsg += "parameter '%s' with " % parameter
@ -227,8 +246,8 @@ def start():
if injType:
injData.append((place, parameter, injType))
break
else:
infoMsg = "%s parameter '%s' is not " % (place, parameter)
infoMsg += "injectable with %d parenthesis" % parenthesis

8
lib/core/target.py
View File

@ -124,20 +124,26 @@ def __setRequestParams():
def __findPageForms():
infoMsg = "searching for forms"
logger.info(infoMsg)
response, _ = Request.queryPage(response=True)
forms = ParseResponse(response, backwards_compat=False)
count = 1
for form in forms:
request = form.click()
url = request.get_full_url()
method = request.get_method()
data = request.get_data() if request.has_data() else None
message = "(#%d) Do you want to test form '%s' (%s, %s%s) [Y/n] " % (count, form.name, method, url, ", %s" % repr(data) if data else "")
test = readInput(message, default="Y")
if not test or test[0] in ("y", "Y"):
if method == "POST":
message = " Edit POST data [default: %s]: " % (data if data else "")
test = readInput(message, default=data)
elif method == "GET":
if url.find("?") > -1:
firstPart = url[:url.find("?")]
@ -145,7 +151,9 @@ def __findPageForms():
message = " Edit GET data [default: %s]: " % secondPart
test = readInput(message, default=secondPart)
url = "%s?%s" % (firstPart, test)
kb.targetUrls.add((url, method, data, conf.cookie))
count +=1
def __setOutputResume():