mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2025-02-27 09:20:37 +03:00
Fixes #2786
This commit is contained in:
Miroslav Stampar
parent
2333903b68
commit
ec83837342
|
|
@ -19,7 +19,7 @@ from lib.core.enums import DBMS_DIRECTORY_NAME
|
||||||
from lib.core.enums import OS
|
from lib.core.enums import OS
|
||||||
|
|
||||||
# sqlmap version (<major>.<minor>.<month>.<monthly commit>)
|
# sqlmap version (<major>.<minor>.<month>.<monthly commit>)
|
||||||
VERSION = "1.1.11.23"
|
VERSION = "1.1.11.24"
|
||||||
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
|
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
|
||||||
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
|
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
|
||||||
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
|
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
|
||||||
|
|
|
||||||
|
|
@ -796,7 +796,7 @@ class Connect(object):
|
||||||
raise404 = place != PLACE.URI if raise404 is None else raise404
|
raise404 = place != PLACE.URI if raise404 is None else raise404
|
||||||
method = method or conf.method
|
method = method or conf.method
|
||||||
|
|
||||||
pushValue(kb.postUrlEncode)
|
postUrlEncode = kb.postUrlEncode
|
||||||
|
|
||||||
value = agent.adjustLateValues(value)
|
value = agent.adjustLateValues(value)
|
||||||
payload = agent.extractPayload(value)
|
payload = agent.extractPayload(value)
|
||||||
|
|
@ -806,8 +806,8 @@ class Connect(object):
|
||||||
headers = OrderedDict(conf.httpHeaders)
|
headers = OrderedDict(conf.httpHeaders)
|
||||||
contentType = max(headers[_] if _.upper() == HTTP_HEADER.CONTENT_TYPE.upper() else None for _ in headers.keys())
|
contentType = max(headers[_] if _.upper() == HTTP_HEADER.CONTENT_TYPE.upper() else None for _ in headers.keys())
|
||||||
|
|
||||||
if (kb.postHint or conf.skipUrlEncode) and kb.postUrlEncode:
|
if (kb.postHint or conf.skipUrlEncode) and postUrlEncode:
|
||||||
kb.postUrlEncode = False
|
postUrlEncode = False
|
||||||
conf.httpHeaders = [_ for _ in conf.httpHeaders if _[1] != contentType]
|
conf.httpHeaders = [_ for _ in conf.httpHeaders if _[1] != contentType]
|
||||||
contentType = POST_HINT_CONTENT_TYPES.get(kb.postHint, PLAIN_TEXT_CONTENT_TYPE)
|
contentType = POST_HINT_CONTENT_TYPES.get(kb.postHint, PLAIN_TEXT_CONTENT_TYPE)
|
||||||
conf.httpHeaders.append((HTTP_HEADER.CONTENT_TYPE, contentType))
|
conf.httpHeaders.append((HTTP_HEADER.CONTENT_TYPE, contentType))
|
||||||
|
|
@ -851,7 +851,7 @@ class Connect(object):
|
||||||
value = agent.replacePayload(value, payload)
|
value = agent.replacePayload(value, payload)
|
||||||
else:
|
else:
|
||||||
# GET, POST, URI and Cookie payload needs to be thoroughly URL encoded
|
# GET, POST, URI and Cookie payload needs to be thoroughly URL encoded
|
||||||
if (place in (PLACE.GET, PLACE.URI, PLACE.COOKIE) or place == PLACE.CUSTOM_HEADER and value.split(',')[0] == HTTP_HEADER.COOKIE) and not conf.skipUrlEncode or place in (PLACE.POST, PLACE.CUSTOM_POST) and kb.postUrlEncode:
|
if (place in (PLACE.GET, PLACE.URI, PLACE.COOKIE) or place == PLACE.CUSTOM_HEADER and value.split(',')[0] == HTTP_HEADER.COOKIE) and not conf.skipUrlEncode or place in (PLACE.POST, PLACE.CUSTOM_POST) and postUrlEncode:
|
||||||
skip = False
|
skip = False
|
||||||
|
|
||||||
if place == PLACE.COOKIE or place == PLACE.CUSTOM_HEADER and value.split(',')[0] == HTTP_HEADER.COOKIE:
|
if place == PLACE.COOKIE or place == PLACE.CUSTOM_HEADER and value.split(',')[0] == HTTP_HEADER.COOKIE:
|
||||||
|
|
@ -864,7 +864,7 @@ class Connect(object):
|
||||||
if not skip:
|
if not skip:
|
||||||
payload = urlencode(payload, '%', False, place != PLACE.URI) # spaceplus is handled down below
|
payload = urlencode(payload, '%', False, place != PLACE.URI) # spaceplus is handled down below
|
||||||
value = agent.replacePayload(value, payload)
|
value = agent.replacePayload(value, payload)
|
||||||
kb.postUrlEncode = False
|
postUrlEncode = False
|
||||||
|
|
||||||
if conf.hpp:
|
if conf.hpp:
|
||||||
if not any(conf.url.lower().endswith(_.lower()) for _ in (WEB_API.ASP, WEB_API.ASPX)):
|
if not any(conf.url.lower().endswith(_.lower()) for _ in (WEB_API.ASP, WEB_API.ASPX)):
|
||||||
|
|
@ -1151,7 +1151,7 @@ class Connect(object):
|
||||||
if post is not None:
|
if post is not None:
|
||||||
if place not in (PLACE.POST, PLACE.CUSTOM_POST) and hasattr(post, UNENCODED_ORIGINAL_VALUE):
|
if place not in (PLACE.POST, PLACE.CUSTOM_POST) and hasattr(post, UNENCODED_ORIGINAL_VALUE):
|
||||||
post = getattr(post, UNENCODED_ORIGINAL_VALUE)
|
post = getattr(post, UNENCODED_ORIGINAL_VALUE)
|
||||||
elif kb.postUrlEncode:
|
elif postUrlEncode:
|
||||||
post = urlencode(post, spaceplus=kb.postSpaceToPlus)
|
post = urlencode(post, spaceplus=kb.postSpaceToPlus)
|
||||||
|
|
||||||
if timeBasedCompare and not conf.disableStats:
|
if timeBasedCompare and not conf.disableStats:
|
||||||
|
|
@ -1248,8 +1248,6 @@ class Connect(object):
|
||||||
|
|
||||||
kb.originalCode = kb.originalCode or code
|
kb.originalCode = kb.originalCode or code
|
||||||
|
|
||||||
kb.postUrlEncode = popValue()
|
|
||||||
|
|
||||||
if kb.testMode:
|
if kb.testMode:
|
||||||
kb.testQueryCount += 1
|
kb.testQueryCount += 1
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -46,7 +46,7 @@ e1c000db9be27f973569b1a430629037 lib/core/option.py
|
||||||
760d9df2a27ded29109b390ab202e72d lib/core/replication.py
|
760d9df2a27ded29109b390ab202e72d lib/core/replication.py
|
||||||
a2466b62e67f8b31736bac4dac590e51 lib/core/revision.py
|
a2466b62e67f8b31736bac4dac590e51 lib/core/revision.py
|
||||||
02d4762140a72fd44668d3dab5eabda9 lib/core/session.py
|
02d4762140a72fd44668d3dab5eabda9 lib/core/session.py
|
||||||
71ad4ba8829df91c6250b0f70116c7cd lib/core/settings.py
|
260554b4e0f00d84cb68da079c04d4b4 lib/core/settings.py
|
||||||
35bffbad762eb9e03db9e93b1c991103 lib/core/shell.py
|
35bffbad762eb9e03db9e93b1c991103 lib/core/shell.py
|
||||||
a59ec28371ae067a6fdd8f810edbee3d lib/core/subprocessng.py
|
a59ec28371ae067a6fdd8f810edbee3d lib/core/subprocessng.py
|
||||||
d5a04d672a18f78deb2839c3745ff83c lib/core/target.py
|
d5a04d672a18f78deb2839c3745ff83c lib/core/target.py
|
||||||
|
|
@ -68,7 +68,7 @@ d8d9bcf9e7107a5e2cf2dd10f115ac28 lib/parse/payloads.py
|
||||||
d2f13a0e2fef5273d419d06e516122e1 lib/request/basicauthhandler.py
|
d2f13a0e2fef5273d419d06e516122e1 lib/request/basicauthhandler.py
|
||||||
9ef264b5c0f9e7989b8c2ab91d40400d lib/request/basic.py
|
9ef264b5c0f9e7989b8c2ab91d40400d lib/request/basic.py
|
||||||
28348595147a731677c8bef470c6f57a lib/request/comparison.py
|
28348595147a731677c8bef470c6f57a lib/request/comparison.py
|
||||||
4015dee29a0d2bfc7820e828bfe96b91 lib/request/connect.py
|
28aa66ecdd5c03513829cb73a47658e4 lib/request/connect.py
|
||||||
ad6f76839408d827abfcdc57813f8518 lib/request/direct.py
|
ad6f76839408d827abfcdc57813f8518 lib/request/direct.py
|
||||||
4853bd0d523646315607a6a9a4c0b745 lib/request/dns.py
|
4853bd0d523646315607a6a9a4c0b745 lib/request/dns.py
|
||||||
effa0c3e4efceaf4932855e8e6677bf7 lib/request/httpshandler.py
|
effa0c3e4efceaf4932855e8e6677bf7 lib/request/httpshandler.py
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue
Block a user