PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-12-09 14:11:29 +00:00
Code Issues Projects Releases Wiki Activity

sqlmap 0.6.3-rc4: minor enhancement to be able to specify extra HTTP headers

Browse Source 
by providing option --headers. By default Accept, Accept-Language and
Accept-Charset headers are set.
Added support to get the injection payload prefix and postfix from user.
Minor bug fix to exclude image files when parsing (-l) proxies log files.
Minor code adjustments.
Updated documentation.
This commit is contained in:
Bernardo Damele
2008-12-08 21:24:24 +00:00
parent 15542d2772
commit 9dbad512f1
15 changed files with 365 additions and 232 deletions
Download Patch File Download Diff File Expand all files Collapse all files

56
lib/core/agent.py
View File

@@ -91,17 +91,20 @@ class Agent:
query = ""
if kb.injType == "numeric":
pass
elif kb.injType in ( "stringsingle", "likesingle" ):
query = "'"
elif kb.injType in ( "stringdouble", "likedouble" ):
query = "\""
if conf.prefix:
query = conf.prefix
else:
raise sqlmapNoneDataException, "unsupported injection type"
if kb.injType == "numeric":
pass
elif kb.injType in ( "stringsingle", "likesingle" ):
query = "'"
elif kb.injType in ( "stringdouble", "likedouble" ):
query = "\""
else:
raise sqlmapNoneDataException, "unsupported injection type"
if kb.parenthesis not in ( None, 0 ):
query += "%s " % (")" * kb.parenthesis)
if kb.parenthesis not in ( None, 0 ):
query += "%s " % (")" * kb.parenthesis)
query += string
@@ -118,25 +121,28 @@ class Agent:
randStr = randomStr()
if comment:
string += "%s" % comment
string += comment
if kb.parenthesis != None:
string += " AND %s" % ("(" * kb.parenthesis)
if conf.postfix:
string += " %s" % conf.postfix
else:
raise sqlmapNoneDataException, "unable to get the number of parenthesis"
if kb.parenthesis != None:
string += " AND %s" % ("(" * kb.parenthesis)
else:
raise sqlmapNoneDataException, "unable to get the number of parenthesis"
if kb.injType == "numeric":
string += "%d=%d" % (randInt, randInt)
elif kb.injType == "stringsingle":
string += "'%s'='%s" % (randStr, randStr)
elif kb.injType == "likesingle":
string += "'%s' LIKE '%s" % (randStr, randStr)
elif kb.injType == "stringdouble":
string += "\"%s\"=\"%s" % (randStr, randStr)
elif kb.injType == "likedouble":
string += "\"%s\" LIKE \"%s" % (randStr, randStr)
else:
raise sqlmapNoneDataException, "unsupported injection type"
if kb.injType == "numeric":
string += "%d=%d" % (randInt, randInt)
elif kb.injType == "stringsingle":
string += "'%s'='%s" % (randStr, randStr)
elif kb.injType == "likesingle":
string += "'%s' LIKE '%s" % (randStr, randStr)
elif kb.injType == "stringdouble":
string += "\"%s\"=\"%s" % (randStr, randStr)
elif kb.injType == "likedouble":
string += "\"%s\" LIKE \"%s" % (randStr, randStr)
else:
raise sqlmapNoneDataException, "unsupported injection type"
return string

36
lib/core/option.py
View File

@@ -94,6 +94,9 @@ def __feedTargetsDict(reqFile, addedTargetUrls):
if not re.search ("^[\n]*(GET|POST).*?\sHTTP\/", request, re.I):
continue
if re.search("^[\n]*(GET|POST).*?\.(gif|jpg|png)\sHTTP\/", request, re.I):
continue
getPostReq = False
url = None
host = None
@@ -235,9 +238,9 @@ def __setGoogleDorking():
raise sqlmapGenericException, errMsg
def __setRemoteDBMS():
def __setDBMS():
"""
Checks and set the back-end DBMS option.
Force the back-end DBMS option.
"""
if not conf.dbms:
@@ -384,11 +387,23 @@ def __setHTTPMethod():
logger.debug(debugMsg)
def __setHTTPStandardHeaders():
conf.httpHeaders.append(("Accept", "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8"))
conf.httpHeaders.append(("Accept-Language", "en-us,en;q=0.5"))
conf.httpHeaders.append(("Accept-Encoding", "gzip,deflate"))
conf.httpHeaders.append(("Accept-Charset", "ISO-8859-15,utf-8;q=0.7,*;q=0.7"))
def __setHTTPExtraHeaders():
if conf.headers:
debugMsg = "setting extra HTTP headers"
logger.debug(debugMsg)
conf.headers = conf.headers.split("\n")
for headerValue in conf.headers:
header, value = headerValue.split(": ")
if header and value:
conf.httpHeaders.append((header, value))
else:
conf.httpHeaders.append(("Accept", "text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5"))
conf.httpHeaders.append(("Accept-Language", "en-us,en;q=0.5"))
conf.httpHeaders.append(("Accept-Charset", "ISO-8859-15,utf-8;q=0.7,*;q=0.7"))
def __defaultHTTPUserAgent():
@@ -646,6 +661,9 @@ def __saveCmdline():
elif datatype == "string":
value = ""
if isinstance(value, str):
value = value.replace("\n", "\n ")
confFP.write("%s = %s\n" % (option, value))
confFP.write("\n")
@@ -712,12 +730,12 @@ def init(inputOptions=advancedDict()):
__setHTTPCookies()
__setHTTPReferer()
__setHTTPUserAgent()
__setHTTPStandardHeaders()
__setHTTPExtraHeaders()
__setHTTPMethod()
__setHTTPAuthentication()
__setHTTPProxy()
__setThreads()
__setRemoteDBMS()
__setDBMS()
__setGoogleDorking()
__setMultipleTargets()
__urllib2Opener()

3
lib/core/optiondict.py
View File

@@ -39,6 +39,7 @@ optDict = {
"referer": "string",
"agent": "string",
"userAgentsFile": "string",
"headers": "string",
"aType": "string",
"aCred": "string",
"proxy": "string",
@@ -50,6 +51,8 @@ optDict = {
"Injection": {
"testParameter": "string",
"dbms": "string",
"prefix": "string",
"postfix": "string",
"string": "string",
"regexp": "string",
"eString": "string",

2
lib/core/settings.py
View File

@@ -30,7 +30,7 @@ import sys
# sqlmap version and site
VERSION = "0.6.3-rc4"
VERSION = "0.6.3-rc5"
VERSION_STRING = "sqlmap/%s" % VERSION
SITE = "http://sqlmap.sourceforge.net"