added null connection check

2025-12-26 09:29:02 +00:00 · 2010-09-16 08:43:10 +00:00
parent ecd6b573f7
commit b745331974
4 changed files with 44 additions and 12 deletions
--- a/lib/controller/checks.py
+++ b/lib/controller/checks.py
@@ -437,6 +437,29 @@ def checkRegexp():

        return False

+def checkNullConnection():
+    infoMsg = "testing NULL connection to the target url"
+    logger.info(infoMsg)
+
+    try:
+        page, headers = Request.getPage(method="HEAD")
+        if not page and 'Content-Length' in headers:
+            kb.nullConnection = "HEAD"
+        else:
+            page, headers = Request.getPage(auxHeaders={"Range":"bytes=-1"})
+            if page and len(page) == 1 and 'Content-Range' in headers:
+                kb.nullConnection = "Range"
+
+    except sqlmapConnectionException, errMsg:
+        errMsg = getUnicode(errMsg)
+        raise sqlmapConnectionException, errMsg
+
+    if kb.nullConnection:
+        infoMsg = "method '%s' seems to be working" % kb.nullConnection
+        logger.info(infoMsg)
+
+    return kb.nullConnection is not None
+
 def checkConnection():
    try:
        socket.gethostbyname(conf.hostname)
--- a/lib/controller/controller.py
+++ b/lib/controller/controller.py
@@ -29,6 +29,7 @@ from lib.controller.checks import checkStability
 from lib.controller.checks import checkString
 from lib.controller.checks import checkRegexp
 from lib.controller.checks import checkConnection
+from lib.controller.checks import checkNullConnection
 from lib.core.common import getUnicode
 from lib.core.common import paramToDict
 from lib.core.common import parseTargetUrl
@@ -165,6 +166,8 @@ def start():
            if not checkConnection() or not checkString() or not checkRegexp():
                continue

+            checkNullConnection()
+
            if not conf.dropSetCookie:
                for _, cookie in enumerate(conf.cj):
                    cookie = getUnicode(cookie)