PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-12-08 13:41:29 +00:00
Code Issues Projects Releases Wiki Activity

Patch for an Issue #1285

Browse Source
This commit is contained in:
Miroslav Stampar
2015-07-06 11:50:59 +02:00
parent 96327b6701
commit 6a1b3895f9
1 changed files with 55 additions and 41 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
lib/core/target.py
View File

@@ -80,6 +80,7 @@ def _setRequestParams():
return return
testableParameters = False testableParameters = False
skipHeaders = False
# Perform checks on GET parameters # Perform checks on GET parameters
if conf.parameters.get(PLACE.GET): if conf.parameters.get(PLACE.GET):
@@ -123,7 +124,13 @@ def _setRequestParams():
else: else:
kb.processUserMarks = not test or test[0] not in ("n", "N") kb.processUserMarks = not test or test[0] not in ("n", "N")
if kb.processUserMarks and "=%s" % CUSTOM_INJECTION_MARK_CHAR in conf.data: if kb.processUserMarks:
skipHeaders = True
conf.parameters.clear()
conf.paramDict.clear()
if "=%s" % CUSTOM_INJECTION_MARK_CHAR in conf.data:
warnMsg = "it seems that you've provided empty parameter value(s) " warnMsg = "it seems that you've provided empty parameter value(s) "
warnMsg += "for testing. Please, always use only valid parameter values " warnMsg += "for testing. Please, always use only valid parameter values "
warnMsg += "so sqlmap could be able to run properly" warnMsg += "so sqlmap could be able to run properly"
@@ -241,7 +248,13 @@ def _setRequestParams():
else: else:
kb.processUserMarks = not test or test[0] not in ("n", "N") kb.processUserMarks = not test or test[0] not in ("n", "N")
if kb.processUserMarks and "=%s" % CUSTOM_INJECTION_MARK_CHAR in _: if kb.processUserMarks:
skipHeaders = True
conf.parameters.clear()
conf.paramDict.clear()
if "=%s" % CUSTOM_INJECTION_MARK_CHAR in _:
warnMsg = "it seems that you've provided empty parameter value(s) " warnMsg = "it seems that you've provided empty parameter value(s) "
warnMsg += "for testing. Please, always use only valid parameter values " warnMsg += "for testing. Please, always use only valid parameter values "
warnMsg += "so sqlmap could be able to run properly" warnMsg += "so sqlmap could be able to run properly"
@@ -304,6 +317,7 @@ def _setRequestParams():
if conf.get(item): if conf.get(item):
conf[item] = conf[item].replace(CUSTOM_INJECTION_MARK_CHAR, "") conf[item] = conf[item].replace(CUSTOM_INJECTION_MARK_CHAR, "")
if not skipHeaders:
# Perform checks on Cookie parameters # Perform checks on Cookie parameters
if conf.cookie: if conf.cookie:
conf.parameters[PLACE.COOKIE] = conf.cookie conf.parameters[PLACE.COOKIE] = conf.cookie