sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-07-28 09:00:08 +03:00
Code Issues Packages Projects Releases Wiki Activity

work with static csrf token names

Browse Source
This commit is contained in:
Marcel Gregoriadis 2018-12-05 18:00:32 +01:00
parent db25bc6ae2
commit eff7abd080
2 changed files with 16 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/core/target.py
View File

@ -393,7 +393,7 @@ def _setRequestParams():
raise SqlmapGenericException(errMsg) raise SqlmapGenericException(errMsg)
if conf.csrfToken: if conf.csrfToken:
csrfTokenPattern = '' csrfTokenPattern = ""
strings = conf.csrfToken.split("*") strings = conf.csrfToken.split("*")
for index, string in enumerate(strings): for index, string in enumerate(strings):
csrfTokenPattern += re.escape(string) csrfTokenPattern += re.escape(string)

15
lib/request/connect.py
View File

@ -61,6 +61,7 @@ from lib.core.common import unicodeencode
from lib.core.common import unsafeVariableNaming from lib.core.common import unsafeVariableNaming
from lib.core.common import urldecode from lib.core.common import urldecode
from lib.core.common import urlencode from lib.core.common import urlencode
from lib.core.common import paramToDict
from lib.core.data import conf from lib.core.data import conf
from lib.core.data import kb from lib.core.data import kb
from lib.core.data import logger from lib.core.data import logger
@ -983,6 +984,20 @@ class Connect(object):
r"(?i)<input[^>]+\bname=[\"']?%s\b[^>]*\bvalue=[\"']?(?P<result>[^>'\"]*)" % conf.csrfTokenPattern, page or "") r"(?i)<input[^>]+\bname=[\"']?%s\b[^>]*\bvalue=[\"']?(?P<result>[^>'\"]*)" % conf.csrfTokenPattern, page or "")
conf.csrfToken = extractRegexResult( conf.csrfToken = extractRegexResult(
r"(?i)<input[^>]+\bname=[\"']?(?P<result>%s)\b[^>]*\bvalue=[\"']?[^>'\"]*" % conf.csrfTokenPattern, page or "")[:-2] r"(?i)<input[^>]+\bname=[\"']?(?P<result>%s)\b[^>]*\bvalue=[\"']?[^>'\"]*" % conf.csrfTokenPattern, page or "")[:-2]
getParams = urlparse.parse_qs(conf.parameters[PLACE.GET])
for key, value in getParams.items():
if re.search(r"\b%s\b" % conf.csrfTokenPattern, key):
getParams[conf.csrfToken] = getParams[key]
del getParams[key]
conf.parameters[PLACE.GET] = urllib.urlencode(getParams, doseq=True)
paramDict = paramToDict(PLACE.GET, conf.parameters[PLACE.GET])
if paramDict:
conf.paramDict[PLACE.GET] = paramDict
print "ok"
else: else:
token = extractRegexResult(r"(?i)<input[^>]+\bname=[\"']?%s\b[^>]*\bvalue=[\"']?(?P<result>[^>'\"]*)" % re.escape(conf.csrfToken), page or "") token = extractRegexResult(r"(?i)<input[^>]+\bname=[\"']?%s\b[^>]*\bvalue=[\"']?(?P<result>[^>'\"]*)" % re.escape(conf.csrfToken), page or "")
if not token: if not token: