PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-12-06 20:51:31 +00:00
Code Issues Projects Releases Wiki Activity

Fixes #1303

Browse Source
This commit is contained in:
Miroslav Stampar
2015-07-17 10:14:35 +02:00
parent 49212ec920
commit 00f190fc92
3 changed files with 37 additions and 47 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
lib/controller/controller.py
View File

@@ -430,6 +430,9 @@ def start():
if skip: if skip:
continue continue
if kb.testOnlyCustom and place not in (PLACE.URI, PLACE.CUSTOM_POST, PLACE.CUSTOM_HEADER):
continue
if place not in conf.paramDict: if place not in conf.paramDict:
continue continue

1
lib/core/option.py
View File

@@ -1864,6 +1864,7 @@ def _setKnowledgeBaseAttributes(flushAll=True):
kb.technique = None kb.technique = None
kb.tempDir = None kb.tempDir = None
kb.testMode = False kb.testMode = False
kb.testOnlyCustom = False
kb.testQueryCount = 0 kb.testQueryCount = 0
kb.testType = None kb.testType = None
kb.threadContinue = True kb.threadContinue = True

18
lib/core/target.py
View File

@@ -80,7 +80,6 @@ def _setRequestParams():
return return
testableParameters = False testableParameters = False
skipHeaders = False
# Perform checks on GET parameters # Perform checks on GET parameters
if conf.parameters.get(PLACE.GET): if conf.parameters.get(PLACE.GET):
@@ -125,16 +124,7 @@ def _setRequestParams():
kb.processUserMarks = not test or test[0] not in ("n", "N") kb.processUserMarks = not test or test[0] not in ("n", "N")
if kb.processUserMarks: if kb.processUserMarks:
skipHeaders = True kb.testOnlyCustom = True
conf.parameters.clear()
conf.paramDict.clear()
if "=%s" % CUSTOM_INJECTION_MARK_CHAR in conf.data:
warnMsg = "it seems that you've provided empty parameter value(s) "
warnMsg += "for testing. Please, always use only valid parameter values "
warnMsg += "so sqlmap could be able to run properly"
logger.warn(warnMsg)
if not (kb.processUserMarks and CUSTOM_INJECTION_MARK_CHAR in conf.data): if not (kb.processUserMarks and CUSTOM_INJECTION_MARK_CHAR in conf.data):
if re.search(JSON_RECOGNITION_REGEX, conf.data): if re.search(JSON_RECOGNITION_REGEX, conf.data):
@@ -249,10 +239,7 @@ def _setRequestParams():
kb.processUserMarks = not test or test[0] not in ("n", "N") kb.processUserMarks = not test or test[0] not in ("n", "N")
if kb.processUserMarks: if kb.processUserMarks:
skipHeaders = True kb.testOnlyCustom = True
conf.parameters.clear()
conf.paramDict.clear()
if "=%s" % CUSTOM_INJECTION_MARK_CHAR in _: if "=%s" % CUSTOM_INJECTION_MARK_CHAR in _:
warnMsg = "it seems that you've provided empty parameter value(s) " warnMsg = "it seems that you've provided empty parameter value(s) "
@@ -317,7 +304,6 @@ def _setRequestParams():
if conf.get(item): if conf.get(item):
conf[item] = conf[item].replace(CUSTOM_INJECTION_MARK_CHAR, "") conf[item] = conf[item].replace(CUSTOM_INJECTION_MARK_CHAR, "")
if not skipHeaders:
# Perform checks on Cookie parameters # Perform checks on Cookie parameters
if conf.cookie: if conf.cookie:
conf.parameters[PLACE.COOKIE] = conf.cookie conf.parameters[PLACE.COOKIE] = conf.cookie