sqlmap 0.8-rc3: Merge from Miroslav Stampar's branch fixing a bug when verbosity > 2, another major bug with urlencoding/urldecoding of POST data and Cookies, adding --drop-set-cookie option, implementing support to automatically decode gzip and deflate HTTP responses, support for Google dork page result (--gpage) and a minor code cleanup.

2025-12-06 12:41:30 +00:00 · 2010-01-02 02:02:12 +00:00
parent d55175a340
commit ce022a3b6e
62 changed files with 567 additions and 1026 deletions
--- a/lib/core/option.py
+++ b/lib/core/option.py
@@ -22,8 +22,6 @@ with sqlmap; if not, write to the Free Software Foundation, Inc., 51
 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
 """

-
-
 import cookielib
 import ctypes
 import difflib
@@ -40,6 +38,7 @@ from lib.core.common import getFileType
 from lib.core.common import parseTargetUrl
 from lib.core.common import paths
 from lib.core.common import randomRange
+from lib.core.common import sanitizeCookie
 from lib.core.common import sanitizeStr
 from lib.core.data import conf
 from lib.core.data import kb
@@ -70,11 +69,9 @@ from lib.parse.queriesfile import queriesParser
 from lib.request.proxy import ProxyHTTPSHandler
 from lib.utils.google import Google

-
 authHandler  = urllib2.BaseHandler()
 proxyHandler = urllib2.BaseHandler()

-
 def __urllib2Opener():
    """
    This function creates the urllib2 OpenerDirector.
@@ -85,13 +82,15 @@ def __urllib2Opener():

    debugMsg = "creating HTTP requests opener object"
    logger.debug(debugMsg)
-
-    conf.cj = cookielib.LWPCookieJar()
-    opener  = urllib2.build_opener(proxyHandler, authHandler, urllib2.HTTPCookieProcessor(conf.cj))
+    
+    if conf.dropSetCookie:
+        opener  = urllib2.build_opener(proxyHandler, authHandler)
+    else:
+        conf.cj = cookielib.LWPCookieJar()
+        opener  = urllib2.build_opener(proxyHandler, authHandler, urllib2.HTTPCookieProcessor(conf.cj))

    urllib2.install_opener(opener)

-
 def __feedTargetsDict(reqFile, addedTargetUrls):
    fp = open(reqFile, "r")

@@ -173,7 +172,6 @@ def __feedTargetsDict(reqFile, addedTargetUrls):
                kb.targetUrls.add(( url, method, data, cookie ))
                addedTargetUrls.add(url)

-
 def __setMultipleTargets():
    """
    Define a configuration parameter if we are running in multiple target
@@ -218,7 +216,6 @@ def __setMultipleTargets():
        infoMsg += "testable requests from the targets list"
        logger.info(infoMsg)

-
 def __setGoogleDorking():
    """
    This function checks if the way to request testable hosts is through
@@ -266,7 +263,6 @@ def __setGoogleDorking():
        errMsg += "have GET parameters to test for SQL injection"
        raise sqlmapGenericException, errMsg

-
 def __setMetasploit():
    if not conf.osPwn and not conf.osSmb and not conf.osBof:
        return
@@ -276,7 +272,7 @@ def __setMetasploit():

    msfEnvPathExists = False

-    if IS_WIN is True:
+    if IS_WIN:
        warnMsg  = "Metasploit's msfconsole and msfcli are not supported "
        warnMsg += "on the native Windows Ruby interpreter. Please "
        warnMsg += "install Metasploit, Python interpreter and sqlmap on "
@@ -300,7 +296,7 @@ def __setMetasploit():
            if isinstance(isAdmin, (int, float, long)) and isAdmin == 0:
                isAdmin = True

-        elif IS_WIN is True:
+        elif IS_WIN:
            isAdmin = ctypes.windll.shell32.IsUserAnAdmin()

            if isinstance(isAdmin, (int, float, long)) and isAdmin == 1:
@@ -349,14 +345,14 @@ def __setMetasploit():
        warnMsg += "Framework 3 is installed"
        logger.warn(warnMsg)

-    if msfEnvPathExists != True:
+    if not msfEnvPathExists:
        warnMsg  = "sqlmap is going to look for Metasploit Framework 3 "
        warnMsg += "installation into the environment paths"
        logger.warn(warnMsg)

        envPaths = os.environ["PATH"]

-        if IS_WIN is True:
+        if IS_WIN:
            envPaths = envPaths.split(";")
        else:
            envPaths = envPaths.split(":")
@@ -379,12 +375,11 @@ def __setMetasploit():

                break

-    if msfEnvPathExists != True:
+    if not msfEnvPathExists:
        errMsg  = "unable to locate Metasploit Framework 3 installation. "
        errMsg += "Get it from http://metasploit.com/framework/download/"
        raise sqlmapFilePathException, errMsg

-
 def __setWriteFile():
    if not conf.wFile:
        return
@@ -403,9 +398,8 @@ def __setWriteFile():

    conf.wFileType = getFileType(conf.wFile)

-
 def __setUnionTech():
-    if conf.uTech == None:
+    if conf.uTech is None:
        conf.uTech = "NULL"

        return
@@ -428,7 +422,6 @@ def __setUnionTech():
        debugMsg += "'%s'" % uTechOriginal
        logger.debug(debugMsg)

-
 def __setOS():
    """
    Force the back-end DBMS operating system option.
@@ -451,7 +444,6 @@ def __setOS():
        errMsg += "you."
        raise sqlmapUnsupportedDBMSException, errMsg

-
 def __setDBMS():
    """
    Force the back-end DBMS option.
@@ -482,12 +474,10 @@ def __setDBMS():
        errMsg += "fingerprint it for you."
        raise sqlmapUnsupportedDBMSException, errMsg

-
 def __setThreads():
    if not isinstance(conf.threads, int) or conf.threads <= 0:
        conf.threads = 1

-
 def __setHTTPProxy():
    """
    Check and set the HTTP proxy to pass by all HTTP requests.
@@ -526,7 +516,6 @@ def __setHTTPProxy():
    else:
        proxyHandler = urllib2.ProxyHandler({"http": __proxyString})

-
 def __setHTTPAuthentication():
    """
    Check and set the HTTP authentication method (Basic, Digest or NTLM),
@@ -588,7 +577,6 @@ def __setHTTPAuthentication():

        authHandler = HTTPNtlmAuthHandler.HTTPNtlmAuthHandler(passwordMgr)

-
 def __setHTTPMethod():
    """
    Check and set the HTTP method to perform HTTP requests through.
@@ -610,7 +598,6 @@ def __setHTTPMethod():
    debugMsg = "setting the HTTP method to %s" % conf.method
    logger.debug(debugMsg)

-
 def __setHTTPExtraHeaders():
    if conf.hostname:
        conf.httpHeaders.append(("Host", conf.hostname))
@@ -632,7 +619,6 @@ def __setHTTPExtraHeaders():
        conf.httpHeaders.append(("Accept-Language", "en-us,en;q=0.5"))
        conf.httpHeaders.append(("Accept-Charset", "ISO-8859-15,utf-8;q=0.7,*;q=0.7"))

-
 def __defaultHTTPUserAgent():
    """
    @return: default sqlmap HTTP User-Agent header
@@ -648,7 +634,6 @@ def __defaultHTTPUserAgent():
    # updated at March 2009
    #return "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.2; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; .NET CLR 3.0.04506.648; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)"

-
 def __setHTTPUserAgent():
    """
    Set the HTTP User-Agent header.
@@ -712,7 +697,6 @@ def __setHTTPUserAgent():
    logMsg += "file '%s': %s" % (conf.userAgentsFile, __userAgent)
    logger.info(logMsg)

-
 def __setHTTPReferer():
    """
    Set the HTTP Referer
@@ -724,7 +708,6 @@ def __setHTTPReferer():

        conf.httpHeaders.append(("Referer", conf.referer))

-
 def __setHTTPCookies():
    """
    Set the HTTP Cookie header
@@ -733,11 +716,12 @@ def __setHTTPCookies():
    if conf.cookie:
        debugMsg = "setting the HTTP Cookie header"
        logger.debug(debugMsg)
-
+        
+        conf.cookie = sanitizeCookie(conf.cookie, True)
+        
        conf.httpHeaders.append(("Connection", "Keep-Alive"))
        conf.httpHeaders.append(("Cookie", conf.cookie))

-
 def __setHTTPTimeout():
    """
    Set the HTTP timeout
@@ -760,7 +744,6 @@ def __setHTTPTimeout():

    socket.setdefaulttimeout(conf.timeout)

-
 def __cleanupOptions():
    """
    Cleanup configuration attributes.
@@ -808,7 +791,6 @@ def __cleanupOptions():
    if conf.googleDork or conf.list:
        conf.multipleTargets = True

-
 def __setConfAttributes():
    """
    This function set some needed attributes into the configuration
@@ -843,7 +825,6 @@ def __setConfAttributes():
    conf.threadException = False
    conf.wFileType       = None

-
 def __setKnowledgeBaseAttributes():
    """
    This function set some needed attributes into the knowledge base
@@ -862,7 +843,7 @@ def __setKnowledgeBaseAttributes():
    kb.dbmsDetected   = False

    # Active (extensive) back-end DBMS fingerprint
-    kb.dbmsVersion    = []
+    kb.dbmsVersion    = [ "Unknown" ]

    kb.dep            = None
    kb.docRoot        = None
@@ -888,7 +869,6 @@ def __setKnowledgeBaseAttributes():
    kb.unionCount     = None
    kb.unionPosition  = None

-
 def __saveCmdline():
    """
    Saves the command line options on a sqlmap configuration INI file
@@ -918,7 +898,7 @@ def __saveCmdline():
        optionData.sort()

        for option, value, datatype in optionData:
-            if value == None:
+            if value is None:
                if datatype == "boolean":
                    value = "False"
                elif datatype in ( "integer", "float" ):
@@ -942,13 +922,12 @@ def __saveCmdline():
    infoMsg = "saved command line options on '%s' configuration file" % paths.SQLMAP_CONFIG
    logger.info(infoMsg)

-
 def __setVerbosity():
    """
    This function set the verbosity of sqlmap output messages.
    """

-    if conf.verbose == None:
+    if conf.verbose is None:
        conf.verbose = 1

    conf.verbose = int(conf.verbose)
@@ -965,7 +944,6 @@ def __setVerbosity():
    elif conf.verbose >= 4:
        logger.setLevel(8)

-
 def __mergeOptions(inputOptions):
    """
    Merge command line options with configuration file options.
@@ -983,10 +961,9 @@ def __mergeOptions(inputOptions):
        inputOptionsItems = inputOptions.__dict__.items()

    for key, value in inputOptionsItems:
-        if not conf.has_key(key) or conf[key] == None or value != None:
+        if not conf.has_key(key) or conf[key] is None or value is not None:
            conf[key] = value

-
 def init(inputOptions=advancedDict()):
    """
    Set attributes into both configuration and knowledge base singletons