sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-02-09 08:00:36 +03:00
Code Issues Packages Projects Releases Wiki Activity

Fixes #172 - also cookies are parsed from burp/webscarab logs (-l) and request file (-r) now

Browse Source
This commit is contained in:
Bernardo Damele 2010-03-16 15:21:42 +00:00
parent 466df89c4a
commit d2f86fb0a5
2 changed files with 29 additions and 109 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

126
lib/core/option.py
View File

@ -227,6 +227,29 @@ def __setMultipleTargets():
infoMsg += "testable requests from the targets list" infoMsg += "testable requests from the targets list"
logger.info(infoMsg) logger.info(infoMsg)
def __setRequestFromFile():
"""
This function checks if the way to make a HTTP request is through supplied
textual file, parses it and saves the information into the knowledge base.
"""
if not conf.requestFile:
return
addedTargetUrls = set()
conf.requestFile = os.path.expanduser(conf.requestFile)
infoMsg = "parsing HTTP request from '%s'" % conf.requestFile
logger.info(infoMsg)
if not os.path.isfile(conf.requestFile):
errMsg = "the specified HTTP request file "
errMsg += "does not exist"
raise sqlmapFilePathException, errMsg
__feedTargetsDict(conf.requestFile, addedTargetUrls)
def __setGoogleDorking(): def __setGoogleDorking():
""" """
This function checks if the way to request testable hosts is through This function checks if the way to request testable hosts is through
@ -274,109 +297,6 @@ def __setGoogleDorking():
errMsg += "have GET parameters to test for SQL injection" errMsg += "have GET parameters to test for SQL injection"
raise sqlmapGenericException, errMsg raise sqlmapGenericException, errMsg
def __setRequestFromFile():
"""
This function checks if the way to make a HTTP request is through supplied
textual file, parses it and saves the information into the knowledge base.
"""
if not conf.requestFile:
return
conf.requestFile = os.path.expanduser(conf.requestFile)
infoMsg = "parsing HTTP request from '%s'" % conf.requestFile
logger.info(infoMsg)
if not os.path.isfile(conf.requestFile):
errMsg = "the specified HTTP request file "
errMsg += "'%s' does not exist" % conf.requestFile
raise sqlmapFilePathException, errMsg
fp = open(conf.requestFile, "r")
fread = fp.read()
fread = fread.replace("\r", "")
fp.close()
lines = fread.split("\n")
if len(lines) == 0:
errMsg = "the specified HTTP request file "
errMsg += "'%s' has no content" % conf.requestFile
raise sqlmapFilePathException, errMsg
if not (lines[0].upper().startswith("GET ") or lines[0].upper().startswith("POST ")):
errMsg = "the specified HTTP request file "
errMsg += "doesn't start with GET or POST keyword"
raise sqlmapFilePathException, errMsg
if lines[0].upper().startswith("GET "):
index = 4
else:
index = 5
if lines[0].upper().find(" HTTP/") == -1:
errMsg = "the specified HTTP request file "
errMsg += "has a syntax error at line: 1"
raise sqlmapFilePathException, errMsg
host = None
headers = ""
page = lines[0][index:lines[0].index(" HTTP/")]
if conf.method:
warnMsg = "HTTP method previously set. overriding it with "
warnMsg += "the value supplied from the HTTP request file"
logger.warn(warnMsg)
conf.method = lines[0][:index-1]
for index in xrange(1, len(lines) - 1):
line = lines[index]
valid = True
if len(line) == 0:
break
headers += line + "\n"
items = line.split(': ')
if len(items) != 2:
valid = False
else:
if items[0].upper() == "HOST":
host = items[1]
if not valid:
errMsg = "the specified HTTP request file"
errMsg += "has a syntax error at line: %d" % (index + 1)
raise sqlmapFilePathException, errMsg
if conf.headers and headers:
warnMsg = "HTTP headers previously set. overriding it with "
warnMsg += "the value(s) supplied from the HTTP request file"
logger.warn(warnMsg)
conf.headers = headers.strip("\n")
if fread.find("\n\n") != -1:
if conf.data:
warnMsg = "HTTP POST data previously set. overriding it with "
warnMsg += "the value supplied from the HTTP request file"
logger.warn(warnMsg)
conf.data = fread[fread.index('\n\n')+2:].strip("\n")
if conf.url:
warnMsg = "target url previously set. overriding it with "
warnMsg += "the value supplied from the HTTP request file"
logger.warn(warnMsg)
if host:
conf.url = "%s%s" % (host, page)
else:
errMsg = "mandatory HTTP header HOST is missing in "
errMsg += "the HTTP request file"
raise sqlmapFilePathException, errMsg
def __setMetasploit(): def __setMetasploit():
if not conf.osPwn and not conf.osSmb and not conf.osBof: if not conf.osPwn and not conf.osSmb and not conf.osBof:
return return