diff --git a/lib/core/enums.py b/lib/core/enums.py
index 7efb9ef6f..7b4d9949c 100644
--- a/lib/core/enums.py
+++ b/lib/core/enums.py
@@ -76,6 +76,12 @@ class HTTPMETHOD:
GET = "GET"
POST = "POST"
HEAD = "HEAD"
+ PUT = "PUT"
+ DELETE = "DETELE"
+ TRACE = "TRACE"
+ OPTIONS = "OPTIONS"
+ CONNECT = "CONNECT"
+ PATCH = "PATCH"
class NULLCONNECTION:
HEAD = "HEAD"
diff --git a/lib/core/option.py b/lib/core/option.py
index 9551d542f..8aef58d63 100644
--- a/lib/core/option.py
+++ b/lib/core/option.py
@@ -241,10 +241,10 @@ def _feedTargetsDict(reqFile, addedTargetUrls):
else:
scheme, port = None, None
- if not re.search(r"^[\n]*(GET|POST).*?\sHTTP\/", request, re.I | re.M):
+ if not re.search(r"^[\n]*(%s).*?\sHTTP\/" % "|".join(getPublicTypeMembers(HTTPMETHOD, True)), request, re.I | re.M):
continue
- if re.search(r"^[\n]*(GET|POST).*?\.(%s)\sHTTP\/" % "|".join(CRAWL_EXCLUDE_EXTENSIONS), request, re.I | re.M):
+ if re.search(r"^[\n]*(%s|%s).*?\.(%s)\sHTTP\/" % (HTTPMETHOD.GET, HTTPMETHOD.POST, "|".join(CRAWL_EXCLUDE_EXTENSIONS)), request, re.I | re.M):
continue
getPostReq = False
@@ -260,19 +260,16 @@ def _feedTargetsDict(reqFile, addedTargetUrls):
for line in lines:
newline = "\r\n" if line.endswith('\r') else '\n'
line = line.strip('\r')
+ match = re.search(r"\A(%s) (.+) HTTP/[\d.]+\Z" % "|".join(getPublicTypeMembers(HTTPMETHOD, True)), line) if not method else None
+
if len(line) == 0:
- if method == HTTPMETHOD.POST and data is None:
+ if method in (HTTPMETHOD.POST, HTTPMETHOD.PUT) and data is None:
data = ""
params = True
- elif (line.startswith("GET ") or line.startswith("POST ")) and " HTTP/" in line:
- if line.startswith("GET "):
- index = 4
- else:
- index = 5
-
- url = line[index:line.index(" HTTP/")]
- method = line[:index - 1]
+ elif match:
+ method = match.group(1)
+ url = match.group(2)
if "?" in line and "=" in line:
params = True
diff --git a/lib/core/target.py b/lib/core/target.py
index 095b73f75..a07a3878b 100644
--- a/lib/core/target.py
+++ b/lib/core/target.py
@@ -86,7 +86,7 @@ def _setRequestParams():
raise SqlmapSyntaxException(errMsg)
if conf.data is not None:
- conf.method = HTTPMETHOD.POST
+ conf.method = HTTPMETHOD.POST if not conf.method or conf.method == HTTPMETHOD.GET else conf.method
def process(match, repl):
retVal = match.group(0)
@@ -103,7 +103,7 @@ def _setRequestParams():
return retVal
if re.search(JSON_RECOGNITION_REGEX, conf.data):
- message = "JSON like data found in POST data. "
+ message = "JSON like data found in %s data. " % conf.method
message += "Do you want to process it? [Y/n/q] "
test = readInput(message, default="Y")
if test and test[0] in ("q", "Q"):
@@ -115,7 +115,7 @@ def _setRequestParams():
kb.postHint = POST_HINT.JSON
elif re.search(SOAP_RECOGNITION_REGEX, conf.data):
- message = "SOAP/XML like data found in POST data. "
+ message = "SOAP/XML like data found in %s data. " % conf.method
message += "Do you want to process it? [Y/n/q] "
test = readInput(message, default="Y")
if test and test[0] in ("q", "Q"):
@@ -126,7 +126,7 @@ def _setRequestParams():
kb.postHint = POST_HINT.SOAP if "soap" in conf.data.lower() else POST_HINT.XML
elif re.search(MULTIPART_RECOGNITION_REGEX, conf.data):
- message = "Multipart like data found in POST data. "
+ message = "Multipart like data found in %s data. " % conf.method
message += "Do you want to process it? [Y/n/q] "
test = readInput(message, default="Y")
if test and test[0] in ("q", "Q"):