mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2024-11-26 03:23:48 +03:00
first commit regarding Feature #144
This commit is contained in:
parent
540a9b391f
commit
da8ae5578b
|
@ -99,6 +99,8 @@ class Agent:
|
||||||
# Before identifing the injectable parameter
|
# Before identifing the injectable parameter
|
||||||
elif parameter == "User-Agent":
|
elif parameter == "User-Agent":
|
||||||
retValue = value.replace(value, newValue)
|
retValue = value.replace(value, newValue)
|
||||||
|
elif parameter == "URI":
|
||||||
|
retValue = value.replace('*', newValue)
|
||||||
else:
|
else:
|
||||||
paramString = conf.parameters[place]
|
paramString = conf.parameters[place]
|
||||||
|
|
||||||
|
|
|
@ -83,6 +83,12 @@ def __setRequestParams():
|
||||||
|
|
||||||
conf.method = "POST"
|
conf.method = "POST"
|
||||||
|
|
||||||
|
if '*' in conf.url:
|
||||||
|
conf.parameters["URI"] = conf.url
|
||||||
|
conf.paramDict["URI"] = { "URI": conf.url } # similar as for User-Agent
|
||||||
|
conf.url = conf.url.replace('*', '')
|
||||||
|
__testableParameters = True
|
||||||
|
|
||||||
# Perform checks on Cookie parameters
|
# Perform checks on Cookie parameters
|
||||||
if conf.cookie:
|
if conf.cookie:
|
||||||
conf.parameters["Cookie"] = conf.cookie
|
conf.parameters["Cookie"] = conf.cookie
|
||||||
|
|
|
@ -293,6 +293,8 @@ class Connect:
|
||||||
ua = None
|
ua = None
|
||||||
page = None
|
page = None
|
||||||
pageLength = None
|
pageLength = None
|
||||||
|
uri = conf.url
|
||||||
|
raise404 = place != "URI"
|
||||||
|
|
||||||
if not place:
|
if not place:
|
||||||
place = kb.injPlace
|
place = kb.injPlace
|
||||||
|
@ -309,6 +311,9 @@ class Connect:
|
||||||
if "User-Agent" in conf.parameters:
|
if "User-Agent" in conf.parameters:
|
||||||
ua = conf.parameters["User-Agent"] if place != "User-Agent" or not value else value
|
ua = conf.parameters["User-Agent"] if place != "User-Agent" or not value else value
|
||||||
|
|
||||||
|
if "URI" in conf.parameters:
|
||||||
|
uri = conf.url if place != "URI" or not value else value
|
||||||
|
|
||||||
if conf.safUrl and conf.saFreq > 0:
|
if conf.safUrl and conf.saFreq > 0:
|
||||||
kb.queryCounter += 1
|
kb.queryCounter += 1
|
||||||
if kb.queryCounter % conf.saFreq == 0:
|
if kb.queryCounter % conf.saFreq == 0:
|
||||||
|
@ -316,19 +321,19 @@ class Connect:
|
||||||
|
|
||||||
if not content and kb.nullConnection:
|
if not content and kb.nullConnection:
|
||||||
if kb.nullConnection == "HEAD":
|
if kb.nullConnection == "HEAD":
|
||||||
_, headers = Connect.getPage(get=get, post=post, cookie=cookie, ua=ua, silent=silent, method="HEAD", auxHeaders=auxHeaders)
|
_, headers = Connect.getPage(url=uri, get=get, post=post, cookie=cookie, ua=ua, silent=silent, method="HEAD", auxHeaders=auxHeaders, raise404=raise404)
|
||||||
pageLength = int(headers['Content-Length'])
|
pageLength = int(headers['Content-Length'])
|
||||||
elif kb.nullConnection == "Range":
|
elif kb.nullConnection == "Range":
|
||||||
if not auxHeaders:
|
if not auxHeaders:
|
||||||
auxHeaders = {}
|
auxHeaders = {}
|
||||||
auxHeaders["Range"] = "bytes=-1"
|
auxHeaders["Range"] = "bytes=-1"
|
||||||
_, headers = Connect.getPage(get=get, post=post, cookie=cookie, ua=ua, silent=silent, method=method, auxHeaders=auxHeaders)
|
_, headers = Connect.getPage(url=uri, get=get, post=post, cookie=cookie, ua=ua, silent=silent, method=method, auxHeaders=auxHeaders, raise404=raise404)
|
||||||
pageLength = int(headers['Content-Range'][headers['Content-Range'].find('/') + 1:])
|
pageLength = int(headers['Content-Range'][headers['Content-Range'].find('/') + 1:])
|
||||||
else:
|
else:
|
||||||
kb.nullConnection = None
|
kb.nullConnection = None
|
||||||
|
|
||||||
if not pageLength:
|
if not pageLength:
|
||||||
page, headers = Connect.getPage(get=get, post=post, cookie=cookie, ua=ua, silent=silent, method=method, auxHeaders=auxHeaders)
|
page, headers = Connect.getPage(url=uri, get=get, post=post, cookie=cookie, ua=ua, silent=silent, method=method, auxHeaders=auxHeaders, raise404=raise404)
|
||||||
|
|
||||||
if content:
|
if content:
|
||||||
return page, headers
|
return page, headers
|
||||||
|
|
Loading…
Reference in New Issue
Block a user