upgrade of web directory parsing for things like C:/xampp/htdocs/sqlmap/mysql/get_int.php (XAMPP uses this)

stamparm · stamparm · commit 25f1a9c7d051 · 2010-02-03T15:06:41.000Z
diff --git a/lib/core/common.py b/lib/core/common.py
@@ -235,7 +235,7 @@ def getDocRoot():
             absFilePath = normalizePath(absFilePath)
             absFilePathWin = None
 
-            if re.match("[A-Za-z]:(\\[\w.\\]*)?", absFilePath):
+            if re.match("[A-Za-z]:([\\/][\w.\\/]*)?", absFilePath):
                 absFilePathWin = absFilePath
                 absFilePath    = absFilePath[2:].replace("\\", "/")
             
diff --git a/lib/request/basic.py b/lib/request/basic.py
@@ -73,17 +73,18 @@ def parseResponse(page, headers):
         # Detect injectable page absolute system path
         # NOTE: this regular expression works if the remote web application
         # is written in PHP and debug/error messages are enabled.
-        absFilePathsRegExp = ( r" in <b>(?P<result>.*?)</b> on line",  r"\b(?P<result>[A-Za-z]:(\\[\w.\\]*)?)", r"(\A|[^<])(?P<result>/[/\w.]+)" )
+        absFilePathsRegExp = ( r" in <b>(?P<result>.*?)</b> on line",  r"\b(?P<result>[A-Za-z]:([\\/][\w.\\/]*)?)", r"(\A|[^<])(?P<result>/[/\w.]+)" )
 
         for absFilePathRegExp in absFilePathsRegExp:
             reobj = re.compile(absFilePathRegExp)
 
             for match in reobj.finditer(page):
                 absFilePath = match.group("result").strip()
-
+                page = page.replace(absFilePath, "")
                 if absFilePath not in kb.absFilePaths:
                     dirname = directoryPath(absFilePath)
                     kb.absFilePaths.add(dirname)
+                    
 
 def decodePage(page, encoding):
     """
