From d58ba7ee6d1395c671dda23b1b8b1e22f7177ecc Mon Sep 17 00:00:00 2001
From: Miroslav Stampar <miroslav.stampar@gmail.com>
Date: Sat, 9 Jan 2010 20:44:50 +0000
Subject: [PATCH] added --scope feature regarding Feature #105

---
 lib/core/option.py     | 5 ++++-
 lib/core/optiondict.py | 5 ++++-
 lib/parse/cmdline.py   | 3 +++
 sqlmap.conf            | 6 +++++-
 4 files changed, 16 insertions(+), 3 deletions(-)

diff --git a/lib/core/option.py b/lib/core/option.py
index 590303f4b..19a442de4 100644
--- a/lib/core/option.py
+++ b/lib/core/option.py
@@ -162,7 +162,10 @@ def __feedTargetsDict(reqFile, addedTargetUrls):
             elif method is not None and method == "POST" and "=" in line:
                 data   = line
                 params = True
-
+        
+        if conf.scope:
+            getPostReq &= re.search(conf.scope, host) is not None
+            
         if getPostReq and params:
             if not url.startswith("http"):
                 url    = "%s://%s:%s%s" % (scheme or "http", host, port or "80", url)
diff --git a/lib/core/optiondict.py b/lib/core/optiondict.py
index c5c4eb0fe..68ec7ef7f 100644
--- a/lib/core/optiondict.py
+++ b/lib/core/optiondict.py
@@ -45,7 +45,9 @@ optDict = {
                                "proxy":             "string",
                                "threads":           "integer",
                                "delay":             "float",
-                               "timeout":           "float"
+                               "timeout":           "float",
+                               "retries":           "integer",
+                               "scope":             "string"
                              },
 
             "Injection":     {
@@ -63,6 +65,7 @@ optDict = {
             "Techniques":    {
                                "stackedTest":       "boolean",
                                "timeTest":          "boolean",
+                               "timesec":           "integer",
                                "unionTest":         "boolean",
                                "uTech":             "string",
                                "unionUse":          "boolean"
diff --git a/lib/parse/cmdline.py b/lib/parse/cmdline.py
index c8145f86b..e820a866b 100644
--- a/lib/parse/cmdline.py
+++ b/lib/parse/cmdline.py
@@ -117,6 +117,9 @@ def cmdLineParser():
         request.add_option("--retries", dest="retries", type="int", default=3,
                            help="Retries when the connection timeouts "
                                 "(default 3)")
+        request.add_option("--scope", dest="scope", 
+                           help="Regex expression for filtering targets "
+                                "from provided Burp or WebScarab log")
 
         # Injection options
         injection = OptionGroup(parser, "Injection", "These options can be "
diff --git a/sqlmap.conf b/sqlmap.conf
index 9d9d41b57..785f707f9 100644
--- a/sqlmap.conf
+++ b/sqlmap.conf
@@ -95,6 +95,10 @@ timeout = 30
 # Default: 3
 retries = 3
 
+# Regex expression for filtering targets
+# from provided Burp or WebScarab log (e.g. (google|yahoo))
+scope = None
+
 
 [Injection]
 
@@ -415,4 +419,4 @@ cleanup = False
 # 4: Show also HTTP responses headers
 # 5: Show also HTTP responses page content
 # Default: 1
-verbose = 1
\ No newline at end of file
+verbose = 1