Search for --string and --regexp matches also in HTTP response headers

2025-12-06 12:41:30 +00:00 · 2011-08-12 15:33:37 +00:00
parent 6d22d09a61
commit fff4c34e33
4 changed files with 25 additions and 24 deletions
--- a/lib/controller/checks.py
+++ b/lib/controller/checks.py
@@ -804,13 +804,13 @@ def checkString():
    infoMsg += "target URL page content"
    logger.info(infoMsg)

-    page, _ = Request.queryPage(content=True)
+    page, headers = Request.queryPage(content=True)
+    rawResponse = "%s%s" % (listToStrValue(headers.headers if headers else ""), page)

-    if conf.string not in page:
+    if conf.string not in rawResponse:
        warnMsg = "you provided '%s' as the string to " % conf.string
        warnMsg += "match, but such a string is not within the target "
-        warnMsg += "URL page content original request, sqlmap will "
-        warnMsg += "keep going anyway"
+        warnMsg += "URL raw response, sqlmap will carry on anyway"
        logger.warn(warnMsg)

    return True
@@ -823,13 +823,14 @@ def checkRegexp():
    infoMsg += "the target URL page content"
    logger.info(infoMsg)

-    page, _ = Request.queryPage(content=True)
+    page, headers = Request.queryPage(content=True)
+    rawResponse = "%s%s" % (listToStrValue(headers.headers if headers else ""), page)

-    if not re.search(conf.regexp, page, re.I | re.M):
+    if not re.search(conf.regexp, rawResponse, re.I | re.M):
        warnMsg = "you provided '%s' as the regular expression to " % conf.regexp
        warnMsg += "match, but such a regular expression does not have any "
-        warnMsg += "match within the target URL page content, sqlmap "
-        warnMsg += "will keep going anyway"
+        warnMsg += "match within the target URL raw response, sqlmap "
+        warnMsg += "will carry on anyway"
        logger.warn(warnMsg)

    return True