Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 43af2a4

Browse files
stamparmstamparm
committed
Fixes #1899 
1 parent 1de6996 commit 43af2a4

3 files changed

Lines changed: 6 additions & 2 deletions

File tree

lib/core/settings.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -19,7 +19,7 @@
1919
from lib.core.revision import getRevisionNumber
2020

2121
# sqlmap version (<major>.<minor>.<month>.<monthly commit>)
22-
VERSION = "1.0.5.69"
22+
VERSION = "1.0.5.70"
2323
REVISION = getRevisionNumber()
2424
STABLE = VERSION.count('.') <= 2
2525
VERSION_STRING = "sqlmap/%s#%s" % (VERSION, "stable" if STABLE else "dev")

lib/core/target.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -370,7 +370,7 @@ def process(match, repl):
370370
raise SqlmapGenericException(errMsg)
371371

372372
if conf.csrfToken:
373-
if not any(conf.csrfToken in _ for _ in (conf.paramDict.get(PLACE.GET, {}), conf.paramDict.get(PLACE.POST, {}))) and not conf.csrfToken in set(_[0].lower() for _ in conf.httpHeaders) and not conf.csrfToken in conf.paramDict.get(PLACE.COOKIE, {}):
373+
if not any(conf.csrfToken in _ for _ in (conf.paramDict.get(PLACE.GET, {}), conf.paramDict.get(PLACE.POST, {}))) and not re.search(r"\b%s\b" % re.escape(conf.csrfToken), conf.data or "") and not conf.csrfToken in set(_[0].lower() for _ in conf.httpHeaders) and not conf.csrfToken in conf.paramDict.get(PLACE.COOKIE, {}):
374374
errMsg = "anti-CSRF token parameter '%s' not " % conf.csrfToken
375375
errMsg += "found in provided GET, POST, Cookie or header values"
376376
raise SqlmapGenericException(errMsg)

lib/request/connect.py

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -872,6 +872,10 @@ def _adjustParameter(paramString, parameter, newValue):
872872
match = re.search(r"<input[^>]+name=[\"']?%s[\"']?\s[^>]*value=(\"([^\"]+)|'([^']+)|([^ >]+))" % re.escape(conf.csrfToken), page or "")
873873
token = (match.group(2) or match.group(3) or match.group(4)) if match else None
874874

875+
if not token:
876+
match = re.search(r"%s[\"']:[\"']([^\"']+)" % re.escape(conf.csrfToken), page or "")
877+
token = match.group(1) if match else None
878+
875879
if not token:
876880
if conf.csrfUrl != conf.url and code == httplib.OK:
877881
if headers and "text/plain" in headers.get(HTTP_HEADER.CONTENT_TYPE, ""):

0 commit comments

Comments
 (0)