PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-12-06 20:51:31 +00:00
Code Issues Projects Releases Wiki Activity

Implementation for #2552 (sorry @mg98)

Browse Source
This commit is contained in:
Miroslav Stampar
2018-12-10 14:53:11 +01:00
parent e47c1aa61b
commit 2c95b65eac
7 changed files with 61 additions and 42 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
lib/core/option.py
View File

@@ -1560,6 +1560,23 @@ def _cleanupOptions():
except re.error:
conf.testFilter = re.escape(conf.testFilter)
if conf.csrfToken:
original = conf.csrfToken
try:
re.compile(conf.csrfToken)
if re.escape(conf.csrfToken) != conf.csrfToken:
message = "provided value for option '--csrf-token' is a regular expression? [Y/n] "
if not readInput(message, default='Y', boolean=True):
conf.csrfToken = re.escape(conf.csrfToken)
except re.error:
conf.csrfToken = re.escape(conf.csrfToken)
finally:
class _(unicode):
pass
conf.csrfToken = _(conf.csrfToken)
conf.csrfToken._original = original
if conf.testSkip:
conf.testSkip = conf.testSkip.strip('*+')
conf.testSkip = re.sub(r"([^.])([*+])", r"\g<1>.\g<2>", conf.testSkip)