diff --git a/lib/core/optiondict.py b/lib/core/optiondict.py index ebf1a380b..15961b3f0 100644 --- a/lib/core/optiondict.py +++ b/lib/core/optiondict.py @@ -68,7 +68,8 @@ optDict = { "risk": "integer", "string": "string", "regexp": "string", - "textOnly": "boolean" + "textOnly": "boolean", + "titles": "boolean" }, "Techniques": { diff --git a/lib/core/settings.py b/lib/core/settings.py index 08a39b23d..db1019ac9 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -351,3 +351,6 @@ LEGAL_DISCLAIMER = "usage of sqlmap for attacking targets without prior mutual i # After this number of misses reflective removal mechanism is turned off (for speed up reasons) REFLECTIVE_MISS_THRESHOLD = 20 + +# Regular expression used for extracting HTML title +HTML_TITLE_REGEX = "(?P<result>[^<]+)" diff --git a/lib/parse/cmdline.py b/lib/parse/cmdline.py index 29417106a..fbad2d833 100644 --- a/lib/parse/cmdline.py +++ b/lib/parse/cmdline.py @@ -209,6 +209,10 @@ def cmdLineParser(): action="store_true", default=False, help="Compare pages based only on the textual content") + detection.add_option("--titles", dest="titles", + action="store_true", default=False, + help="Compare pages based only on their titles") + # Techniques options techniques = OptionGroup(parser, "Techniques", "These options can be " "used to tweak testing of specific SQL " diff --git a/lib/request/comparison.py b/lib/request/comparison.py index 7d6a3a58d..22d300c2b 100644 --- a/lib/request/comparison.py +++ b/lib/request/comparison.py @@ -9,6 +9,7 @@ See the file 'doc/COPYING' for copying permission import re +from lib.core.common import extractRegexResult from lib.core.common import getFilteredPageContent from lib.core.common import removeDynamicContent from lib.core.common import wasLastRequestDBMSError @@ -19,6 +20,7 @@ from lib.core.data import logger from lib.core.exception import sqlmapNoneDataException from lib.core.settings import DEFAULT_PAGE_ENCODING from lib.core.settings import DIFF_TOLERANCE +from lib.core.settings import HTML_TITLE_REGEX from lib.core.settings import MIN_RATIO from lib.core.settings import MAX_RATIO from lib.core.settings import LOWER_RATIO_BOUND @@ -80,8 +82,13 @@ def comparison(page, getRatioValue=False, pageLength=None): elif isinstance(seqMatcher.a, unicode) and isinstance(page, str): seqMatcher.a = seqMatcher.a.encode(kb.pageEncoding or DEFAULT_PAGE_ENCODING, 'ignore') - seqMatcher.set_seq1(getFilteredPageContent(seqMatcher.a, True) if conf.textOnly else seqMatcher.a) - seqMatcher.set_seq2(getFilteredPageContent(page, True) if conf.textOnly else page) + if conf.titles: + seqMatcher.set_seq1(extractRegexResult(HTML_TITLE_REGEX, seqMatcher.a)) + seqMatcher.set_seq2(extractRegexResult(HTML_TITLE_REGEX, page)) + else: + seqMatcher.set_seq1(getFilteredPageContent(seqMatcher.a, True) if conf.textOnly else seqMatcher.a) + seqMatcher.set_seq2(getFilteredPageContent(page, True) if conf.textOnly else page) + if seqMatcher.a is None or seqMatcher.b is None: ratio = None else: diff --git a/sqlmap.conf b/sqlmap.conf index f26eca41c..4475e778a 100644 --- a/sqlmap.conf +++ b/sqlmap.conf @@ -221,6 +221,10 @@ regexp = # Valid: True or False textOnly = False +# Compare pages based only on their titles +# Valid: True or False +titles = False + # These options can be used to tweak testing of specific SQL injection # techniques.