PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-12-06 20:51:31 +00:00
Code Issues Projects Releases Wiki Activity

update regarding explicit testing of ua and referer when using -p

Browse Source
This commit is contained in:
Miroslav Stampar
2011-02-13 21:58:48 +00:00
parent 429ab631fe
commit 50d25c3b4d
3 changed files with 14 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
lib/controller/controller.py
View File

@@ -22,6 +22,7 @@ from lib.controller.checks import simpletonCheckSqlInjection
from lib.core.agent import agent
from lib.core.common import getFilteredPageContent
from lib.core.common import getUnicode
from lib.core.common import intersect
from lib.core.common import paramToDict
from lib.core.common import parseTargetUrl
from lib.core.common import readInput
@@ -38,6 +39,8 @@ from lib.core.exception import sqlmapSilentQuitException
from lib.core.exception import sqlmapValueException
from lib.core.exception import sqlmapUserQuitException
from lib.core.session import setInjection
from lib.core.settings import REFERER_ALIASES
from lib.core.settings import USER_AGENT_ALIASES
from lib.core.target import initTargetEnv
from lib.core.target import setupTargetEnv
from extra.pagerank.pagerank import get_pagerank
@@ -309,6 +312,9 @@ def start():
# Test Cookie header only if --level >= 2
condition |= (place == PLACE.COOKIE and conf.level < 2)
condition &= not (place == PLACE.UA and intersect(USER_AGENT_ALIASES, conf.testParameter))
condition &= not (place == PLACE.REFERER and intersect(REFERER_ALIASES, conf.testParameter))
if condition:
continue