mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2025-06-12 09:03:12 +03:00
Fixes #172 - also cookies are parsed from burp/webscarab logs (-l) and request file (-r) now
This commit is contained in:
Bernardo Damele
parent
466df89c4a
commit
d2f86fb0a5
|
|
@ -138,7 +138,7 @@ def start():
|
||||||
|
|
||||||
logMsg = "testing url %s" % targetUrl
|
logMsg = "testing url %s" % targetUrl
|
||||||
logger.info(logMsg)
|
logger.info(logMsg)
|
||||||
|
|
||||||
initTargetEnv()
|
initTargetEnv()
|
||||||
parseTargetUrl()
|
parseTargetUrl()
|
||||||
setupTargetEnv()
|
setupTargetEnv()
|
||||||
|
|
@ -150,12 +150,12 @@ def start():
|
||||||
for _, cookie in enumerate(conf.cj):
|
for _, cookie in enumerate(conf.cj):
|
||||||
cookie = str(cookie)
|
cookie = str(cookie)
|
||||||
index = cookie.index(" for ")
|
index = cookie.index(" for ")
|
||||||
|
|
||||||
cookieStr += "%s;" % cookie[8:index]
|
cookieStr += "%s;" % cookie[8:index]
|
||||||
|
|
||||||
if cookieStr:
|
if cookieStr:
|
||||||
cookieStr = cookieStr[:-1]
|
cookieStr = cookieStr[:-1]
|
||||||
|
|
||||||
if "Cookie" in conf.parameters:
|
if "Cookie" in conf.parameters:
|
||||||
message = "you provided an HTTP Cookie header value. "
|
message = "you provided an HTTP Cookie header value. "
|
||||||
message += "The target url provided its own Cookie within "
|
message += "The target url provided its own Cookie within "
|
||||||
|
|
@ -163,15 +163,15 @@ def start():
|
||||||
message += "continue using the HTTP Cookie values that "
|
message += "continue using the HTTP Cookie values that "
|
||||||
message += "you provided? [Y/n] "
|
message += "you provided? [Y/n] "
|
||||||
test = readInput(message, default="Y")
|
test = readInput(message, default="Y")
|
||||||
|
|
||||||
if not test or test[0] in ("y", "Y"):
|
if not test or test[0] in ("y", "Y"):
|
||||||
setCookieAsInjectable = False
|
setCookieAsInjectable = False
|
||||||
|
|
||||||
if setCookieAsInjectable:
|
if setCookieAsInjectable:
|
||||||
conf.httpHeaders.append(("Cookie", cookieStr))
|
conf.httpHeaders.append(("Cookie", cookieStr))
|
||||||
conf.parameters["Cookie"] = cookieStr
|
conf.parameters["Cookie"] = cookieStr
|
||||||
__paramDict = paramToDict("Cookie", cookieStr)
|
__paramDict = paramToDict("Cookie", cookieStr)
|
||||||
|
|
||||||
if __paramDict:
|
if __paramDict:
|
||||||
conf.paramDict["Cookie"] = __paramDict
|
conf.paramDict["Cookie"] = __paramDict
|
||||||
__testableParameters = True
|
__testableParameters = True
|
||||||
|
|
|
||||||
|
|
@ -227,6 +227,29 @@ def __setMultipleTargets():
|
||||||
infoMsg += "testable requests from the targets list"
|
infoMsg += "testable requests from the targets list"
|
||||||
logger.info(infoMsg)
|
logger.info(infoMsg)
|
||||||
|
|
||||||
|
def __setRequestFromFile():
|
||||||
|
"""
|
||||||
|
This function checks if the way to make a HTTP request is through supplied
|
||||||
|
textual file, parses it and saves the information into the knowledge base.
|
||||||
|
"""
|
||||||
|
|
||||||
|
if not conf.requestFile:
|
||||||
|
return
|
||||||
|
|
||||||
|
addedTargetUrls = set()
|
||||||
|
|
||||||
|
conf.requestFile = os.path.expanduser(conf.requestFile)
|
||||||
|
|
||||||
|
infoMsg = "parsing HTTP request from '%s'" % conf.requestFile
|
||||||
|
logger.info(infoMsg)
|
||||||
|
|
||||||
|
if not os.path.isfile(conf.requestFile):
|
||||||
|
errMsg = "the specified HTTP request file "
|
||||||
|
errMsg += "does not exist"
|
||||||
|
raise sqlmapFilePathException, errMsg
|
||||||
|
|
||||||
|
__feedTargetsDict(conf.requestFile, addedTargetUrls)
|
||||||
|
|
||||||
def __setGoogleDorking():
|
def __setGoogleDorking():
|
||||||
"""
|
"""
|
||||||
This function checks if the way to request testable hosts is through
|
This function checks if the way to request testable hosts is through
|
||||||
|
|
@ -274,109 +297,6 @@ def __setGoogleDorking():
|
||||||
errMsg += "have GET parameters to test for SQL injection"
|
errMsg += "have GET parameters to test for SQL injection"
|
||||||
raise sqlmapGenericException, errMsg
|
raise sqlmapGenericException, errMsg
|
||||||
|
|
||||||
def __setRequestFromFile():
|
|
||||||
"""
|
|
||||||
This function checks if the way to make a HTTP request is through supplied
|
|
||||||
textual file, parses it and saves the information into the knowledge base.
|
|
||||||
"""
|
|
||||||
|
|
||||||
if not conf.requestFile:
|
|
||||||
return
|
|
||||||
|
|
||||||
conf.requestFile = os.path.expanduser(conf.requestFile)
|
|
||||||
|
|
||||||
infoMsg = "parsing HTTP request from '%s'" % conf.requestFile
|
|
||||||
logger.info(infoMsg)
|
|
||||||
|
|
||||||
if not os.path.isfile(conf.requestFile):
|
|
||||||
errMsg = "the specified HTTP request file "
|
|
||||||
errMsg += "'%s' does not exist" % conf.requestFile
|
|
||||||
raise sqlmapFilePathException, errMsg
|
|
||||||
|
|
||||||
fp = open(conf.requestFile, "r")
|
|
||||||
fread = fp.read()
|
|
||||||
fread = fread.replace("\r", "")
|
|
||||||
fp.close()
|
|
||||||
|
|
||||||
lines = fread.split("\n")
|
|
||||||
|
|
||||||
if len(lines) == 0:
|
|
||||||
errMsg = "the specified HTTP request file "
|
|
||||||
errMsg += "'%s' has no content" % conf.requestFile
|
|
||||||
raise sqlmapFilePathException, errMsg
|
|
||||||
|
|
||||||
if not (lines[0].upper().startswith("GET ") or lines[0].upper().startswith("POST ")):
|
|
||||||
errMsg = "the specified HTTP request file "
|
|
||||||
errMsg += "doesn't start with GET or POST keyword"
|
|
||||||
raise sqlmapFilePathException, errMsg
|
|
||||||
|
|
||||||
|
|
||||||
if lines[0].upper().startswith("GET "):
|
|
||||||
index = 4
|
|
||||||
else:
|
|
||||||
index = 5
|
|
||||||
|
|
||||||
if lines[0].upper().find(" HTTP/") == -1:
|
|
||||||
errMsg = "the specified HTTP request file "
|
|
||||||
errMsg += "has a syntax error at line: 1"
|
|
||||||
raise sqlmapFilePathException, errMsg
|
|
||||||
|
|
||||||
host = None
|
|
||||||
headers = ""
|
|
||||||
page = lines[0][index:lines[0].index(" HTTP/")]
|
|
||||||
|
|
||||||
if conf.method:
|
|
||||||
warnMsg = "HTTP method previously set. overriding it with "
|
|
||||||
warnMsg += "the value supplied from the HTTP request file"
|
|
||||||
logger.warn(warnMsg)
|
|
||||||
conf.method = lines[0][:index-1]
|
|
||||||
|
|
||||||
for index in xrange(1, len(lines) - 1):
|
|
||||||
line = lines[index]
|
|
||||||
valid = True
|
|
||||||
|
|
||||||
if len(line) == 0:
|
|
||||||
break
|
|
||||||
|
|
||||||
headers += line + "\n"
|
|
||||||
|
|
||||||
items = line.split(': ')
|
|
||||||
if len(items) != 2:
|
|
||||||
valid = False
|
|
||||||
else:
|
|
||||||
if items[0].upper() == "HOST":
|
|
||||||
host = items[1]
|
|
||||||
|
|
||||||
if not valid:
|
|
||||||
errMsg = "the specified HTTP request file"
|
|
||||||
errMsg += "has a syntax error at line: %d" % (index + 1)
|
|
||||||
raise sqlmapFilePathException, errMsg
|
|
||||||
|
|
||||||
if conf.headers and headers:
|
|
||||||
warnMsg = "HTTP headers previously set. overriding it with "
|
|
||||||
warnMsg += "the value(s) supplied from the HTTP request file"
|
|
||||||
logger.warn(warnMsg)
|
|
||||||
conf.headers = headers.strip("\n")
|
|
||||||
|
|
||||||
if fread.find("\n\n") != -1:
|
|
||||||
if conf.data:
|
|
||||||
warnMsg = "HTTP POST data previously set. overriding it with "
|
|
||||||
warnMsg += "the value supplied from the HTTP request file"
|
|
||||||
logger.warn(warnMsg)
|
|
||||||
conf.data = fread[fread.index('\n\n')+2:].strip("\n")
|
|
||||||
|
|
||||||
if conf.url:
|
|
||||||
warnMsg = "target url previously set. overriding it with "
|
|
||||||
warnMsg += "the value supplied from the HTTP request file"
|
|
||||||
logger.warn(warnMsg)
|
|
||||||
|
|
||||||
if host:
|
|
||||||
conf.url = "%s%s" % (host, page)
|
|
||||||
else:
|
|
||||||
errMsg = "mandatory HTTP header HOST is missing in "
|
|
||||||
errMsg += "the HTTP request file"
|
|
||||||
raise sqlmapFilePathException, errMsg
|
|
||||||
|
|
||||||
def __setMetasploit():
|
def __setMetasploit():
|
||||||
if not conf.osPwn and not conf.osSmb and not conf.osBof:
|
if not conf.osPwn and not conf.osSmb and not conf.osBof:
|
||||||
return
|
return
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue
Block a user