Minor fix to urldecode %3d and any other urlencoded values in target url, posted data and cookie

2024-11-22 17:46:37 +03:00 · 2008-10-16 16:31:20 +00:00 · 2008-10-16 16:31:20 +00:00 · f90a7cce28
commit f90a7cce28
parent 41f8acf0fd
3 changed files with 15 additions and 7 deletions
--- a/lib/core/common.py
+++ b/lib/core/common.py
@ -33,6 +33,7 @@ import time
 import urlparse
 from lib.core.convert import urldecode
 from lib.core.data import conf
 from lib.core.data import kb
 from lib.core.data import logger
@ -497,7 +498,7 @@ def parseTargetUrl():
        conf.port = 80
    if __urlSplit[3]:
-        conf.parameters["GET"] = __urlSplit[3].replace("%", "%%")
+        conf.parameters["GET"] = urldecode(__urlSplit[3]).replace("%", "%%")
    conf.url = "%s://%s:%d%s" % (conf.scheme, conf.hostname, conf.port, conf.path)
--- a/lib/core/convert.py
+++ b/lib/core/convert.py
@ -72,7 +72,11 @@ def urldecode(string):
    if not string:
        return
-    return urllib.unquote_plus(string)
+    doublePercFreeString = string.replace("%%", "__DPERC__")
    unquotedString = urllib.unquote_plus(doublePercFreeString)
    unquotedString = unquotedString.replace("__DPERC__", "%%")
    return unquotedString
 def urlencode(string, safe=":/?%&="):
--- a/lib/core/target.py
+++ b/lib/core/target.py
@ -32,6 +32,7 @@ from lib.core.common import dataToSessionFile
 from lib.core.common import paramToDict
 from lib.core.common import parseTargetUrl
 from lib.core.common import readInput
 from lib.core.convert import urldecode
 from lib.core.data import conf
 from lib.core.data import kb
 from lib.core.data import logger
@ -66,8 +67,9 @@ def __setRequestParams():
        raise sqlmapSyntaxException, errMsg
    if conf.data:
-        conf.parameters["POST"] = conf.data.replace("%", "%%")
+        urlDecodedData = urldecode(conf.data).replace("%", "%%")
-        __paramDict = paramToDict("POST", conf.data)
+        conf.parameters["POST"] = urlDecodedData
        __paramDict = paramToDict("POST", urlDecodedData)
        if __paramDict:
            conf.paramDict["POST"] = __paramDict
@ -75,8 +77,9 @@ def __setRequestParams():
    # Perform checks on Cookie parameters
    if conf.cookie:
-        conf.parameters["Cookie"] = conf.cookie.replace("%", "%%")
+        urlDecodedCookie = urldecode(conf.cookie).replace("%", "%%")
-        __paramDict = paramToDict("Cookie", conf.cookie)
+        conf.parameters["Cookie"] = urlDecodedCookie
        __paramDict = paramToDict("Cookie", urlDecodedCookie)
        if __paramDict:
            conf.paramDict["Cookie"] = __paramDict
@ -86,7 +89,7 @@ def __setRequestParams():
    if conf.httpHeaders:
        for httpHeader, headerValue in conf.httpHeaders:
            if httpHeader == "User-Agent":
-                conf.parameters["User-Agent"] = headerValue.replace("%", "%%")
+                conf.parameters["User-Agent"] = urldecode(headerValue).replace("%", "%%")
                condition  = not conf.testParameter
                condition |= "User-Agent" in conf.testParameter