PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-12-07 13:11:29 +00:00
Code Issues Projects Releases Wiki Activity

adding switch --skip-urlencode to skip URL encoding of POST data

Browse Source
This commit is contained in:
Miroslav Stampar
2012-05-24 23:30:33 +00:00
parent 7657bbeaf9
commit c394610740
4 changed files with 12 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
lib/request/connect.py
View File

@@ -559,7 +559,7 @@ class Connect:
# addendum: as we support url encoding in tampering
# functions therefore we need to use % as a safe char
if place != PLACE.URI or (value and payload and '?' in value and value.find('?') < value.find(payload)):
payload = urlencode(payload, '%', False, True)
payload = urlencode(payload, '%', False, True) if not place == PLACE.POST and conf.skipUrlEncode else payload
value = agent.replacePayload(value, payload)
elif place == PLACE.SOAP:
@@ -653,9 +653,9 @@ class Connect:
get += "%s%s=%s" % (delimiter, name, value)
get = urlencode(get, limit=True)
if post and place != PLACE.POST and hasattr(post, UNENCODED_ORIGINAL_VALUE):
if post and place not in (PLACE.POST, PLACE.SOAP) and hasattr(post, UNENCODED_ORIGINAL_VALUE):
post = getattr(post, UNENCODED_ORIGINAL_VALUE)
else:
elif not conf.skipUrlEncode and place not in (PLACE.SOAP,):
post = urlencode(post)
if timeBasedCompare: