PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-12-07 05:01:30 +00:00
Code Issues Projects Releases Wiki Activity

Minor enhancemet to support also --regexp, --excl-str and --excl-reg

Browse Source 
options rather than only --string when comparing HTTP responses page
content
This commit is contained in:
Bernardo Damele
2008-12-05 15:34:13 +00:00
parent 78e8a83c11
commit 38c9627700
9 changed files with 145 additions and 36 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
lib/request/connect.py
View File

@@ -42,7 +42,7 @@ from lib.core.exception import sqlmapConnectionException
from lib.core.settings import RETRIES
from lib.request.basic import forgeHeaders
from lib.request.basic import parseResponse
from lib.request.comparison import comparison
class Connect:
@@ -190,15 +190,15 @@ class Connect:
warnMsg += "status code, try to force the HTTP User-Agent "
warnMsg += "header with option --user-agent or -a"
if "BadStatusLine" not in tbMsg:
warnMsg += " or proxy"
if conf.multipleTargets:
warnMsg += ", skipping to next url"
logger.warn(warnMsg)
return None
if "BadStatusLine" not in tbMsg:
warnMsg += " or proxy"
if conf.retries < RETRIES:
conf.retries += 1
@@ -207,6 +207,7 @@ class Connect:
time.sleep(1)
return Connect.__getPageProxy(get=get, post=post, cookie=cookie, ua=ua, direct=direct, multipart=multipart)
else:
raise sqlmapConnectionException, warnMsg
@@ -220,7 +221,7 @@ class Connect:
logger.log(8, responseMsg)
return page
return page, responseHeaders
@staticmethod
@@ -263,15 +264,9 @@ class Connect:
else:
ua = conf.parameters["User-Agent"]
page = Connect.getPage(get=get, post=post, cookie=cookie, ua=ua)
page, headers = Connect.getPage(get=get, post=post, cookie=cookie, ua=ua)
# TODO: create a comparison library and move these checks there
if content:
return page
elif conf.string:
if conf.string in page:
return True
else:
return False
else:
return md5.new(page).hexdigest()
return comparison(page, headers, content)