PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-12-06 12:41:30 +00:00
Code Issues Projects Releases Wiki Activity

new feature --forms (still unfinished)

Browse Source
This commit is contained in:
Miroslav Stampar
2010-10-10 18:56:43 +00:00
parent de0f6b6f72
commit 8fcad29bbf
6 changed files with 3462 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
lib/core/target.py
View File

@@ -27,8 +27,10 @@ import os
import re
import time
from extra.clientform.clientform import ParseResponse
from lib.core.common import dataToSessionFile
from lib.core.common import paramToDict
from lib.core.common import readInput
from lib.core.data import conf
from lib.core.data import kb
from lib.core.data import logger
@@ -39,6 +41,7 @@ from lib.core.exception import sqlmapGenericException
from lib.core.exception import sqlmapSyntaxException
from lib.core.session import resumeConfKb
from lib.core.xmldump import dumper as xmldumper
from lib.request.connect import Connect as Request
def __setRequestParams():
"""
@@ -133,6 +136,20 @@ def __setRequestParams():
errMsg += "within the GET, POST and Cookie parameters"
raise sqlmapGenericException, errMsg
def __setPageForms():
response, _ = Request.queryPage(response=True)
forms = ParseResponse(response, backwards_compat=False)
count = 1
for form in forms:
request = form.click()
url = request.get_full_url()
method = request.get_method()
data = request.get_data() if request.has_data() else None
message = "Form #%d (%s) [default: '%s'] " % (count, form.name, data)
test = readInput(message, default=data)
count +=1
kb.targetUrls.add((url, method, data, conf.cookie))
def __setOutputResume():
"""
Check and set the output text file and the resume functionality.