adding compatibility support for using --crawl and --forms together

2025-11-04 01:47:37 +03:00 · 2011-10-29 09:32:20 +00:00 · 2011-10-29 09:32:20 +00:00 · ef987c6954
commit ef987c6954
parent ddc4dfe5ff
4 changed files with 16 additions and 9 deletions
--- a/extra/clientform/clientform.py
+++ b/extra/clientform/clientform.py
@ -3363,6 +3363,9 @@ class HTMLForm:
            if self.enctype == "application/x-www-form-urlencoded":
                return (uri, urlencode(self._pairs()),
                        [("Content-Type", self.enctype)])
+            elif self.enctype == "text/plain":
+                return (uri, self._pairs(),
+                        [("Content-Type", self.enctype)])
            elif self.enctype == "multipart/form-data":
                data = StringIO()
                http_hdrs = []
--- a/lib/core/common.py
+++ b/lib/core/common.py
@ -3073,7 +3073,7 @@ def asciifyUrl(url, forceQuote=False):

 def findPageForms(content, url, raise_=False, addToTargets=False):
    class _(StringIO):
-        def __init__(self):
+        def __init__(self, content, url):
            StringIO.__init__(self, unicodeencode(content, kb.pageEncoding) if isinstance(content, unicode) else content)
            self._url = url
        def geturl(self):
@ -3083,17 +3083,21 @@ def findPageForms(content, url, raise_=False, addToTargets=False):
        errMsg = "can't parse forms as the page content appears to be blank"
        raise sqlmapGenericException, errMsg

+    forms = None
    retVal = set()
-    response = _()
+    response = _(content, url)
    try:
        forms = ParseResponse(response, backwards_compat=False)
    except ParseError:
        errMsg = "badly formed HTML at the target url. will try to filter it"
        logger.error(errMsg)
        response.seek(0)
-        filtered = _("".join(re.findall(r'<form.+?</form>', response.read(), re.I | re.S)), response.geturl())
+        filtered = re.findall(r'<form.+?</form>', response.read(), re.I | re.S)
+        for i in xrange(len(filtered)):
+            filtered[i] = filtered[i][filtered[i].lower().rfind("<form"):]
+        response = _("".join(filtered), response.geturl())
        try:
-            forms = ParseResponse(filtered, backwards_compat=False)
+            forms = ParseResponse(response, backwards_compat=False)
        except ParseError:
            errMsg = "no success"
            if raise_:
--- a/lib/core/option.py
+++ b/lib/core/option.py
@ -522,7 +522,7 @@ def __setBulkMultipleTargets():
    f.close()

 def __findPageForms():
-    if not conf.forms:
+    if not conf.forms or conf.crawlDepth:
        return

    if not checkConnection():
@ -1796,10 +1796,6 @@ def __basicOptionValidation():
        errMsg = "switch --forms is compatible only with -u (--url) target switch"
        raise sqlmapSyntaxException, errMsg

-    if conf.forms and conf.crawlDepth:
-        errMsg = "switch --forms is currently not compatible with --crawl switch"
-        raise sqlmapSyntaxException, errMsg
-
    if conf.timeSec < 1:
        errMsg = "value for --time-sec option must be an integer greater than 0"
        raise sqlmapSyntaxException, errMsg
--- a/lib/utils/crawler.py
+++ b/lib/utils/crawler.py
@ -15,6 +15,7 @@ import time

 from lib.core.common import clearConsoleLine
 from lib.core.common import dataToStdout
+from lib.core.common import findPageForms
 from lib.core.common import singleTimeWarnMessage
 from lib.core.data import conf
 from lib.core.data import kb
@ -92,6 +93,9 @@ class Crawler:
                                        threadData.shared.outputs.add(url)
                                    kb.locks.outputs.release()

+                        if conf.forms:
+                            findPageForms(content, current, False, True)
+
                    if conf.verbose in (1, 2):
                        kb.locks.ioLock.acquire()
                        threadData.shared.count += 1