Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 508b9cc

Browse files
stamparmstamparm
committed
dynamicity engine update
1 parent 3619fc5 commit 508b9cc

5 files changed

Lines changed: 20 additions & 8 deletions

File tree

lib/controller/checks.py

Lines changed: 9 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -15,7 +15,6 @@
1515

1616
from lib.core.agent import agent
1717
from lib.core.common import beep
18-
from lib.core.common import getFilteredPageContent
1918
from lib.core.common import getUnicode
2019
from lib.core.common import randomInt
2120
from lib.core.common import randomStr
@@ -28,6 +27,7 @@
2827
from lib.core.data import logger
2928
from lib.core.data import paths
3029
from lib.core.exception import sqlmapConnectionException
30+
from lib.core.exception import sqlmapGenericException
3131
from lib.core.exception import sqlmapNoneDataException
3232
from lib.core.exception import sqlmapUserQuitException
3333
from lib.core.exception import sqlmapSilentQuitException
@@ -219,6 +219,8 @@ def checkStability():
219219
time.sleep(1)
220220
secondPage, _ = Request.queryPage(content=True)
221221

222+
conf.seqMatcher.set_seq1(firstPage)
223+
222224
kb.pageStable = (firstPage == secondPage)
223225

224226
if kb.pageStable:
@@ -283,6 +285,11 @@ def checkStability():
283285
else:
284286
checkDynamicContent(firstPage, secondPage)
285287

288+
if not Request.queryPage():
289+
errMsg = "target url is too dynamic. unable to continue. consider using other methods"
290+
logger.error(errMsg)
291+
raise sqlmapSilentQuitException
292+
286293
return kb.pageStable
287294

288295
def checkString():
@@ -386,8 +393,7 @@ def checkConnection():
386393
logger.info(infoMsg)
387394

388395
try:
389-
page, _ = Request.getPage()
390-
conf.seqMatcher.set_seq1(page if not conf.textOnly else getFilteredPageContent(page))
396+
Request.getPage()
391397

392398
except sqlmapConnectionException, errMsg:
393399
errMsg = getUnicode(errMsg)

lib/core/common.py

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -41,6 +41,7 @@
4141
from lib.core.data import logger
4242
from lib.core.data import paths
4343
from lib.core.data import queries
44+
from lib.core.convert import htmlunescape
4445
from lib.core.convert import urlencode
4546
from lib.core.exception import sqlmapFilePathException
4647
from lib.core.exception import sqlmapGenericException
@@ -1102,6 +1103,8 @@ def getFilteredPageContent(page):
11021103
while retVal.find(" ") != -1:
11031104
retVal = retVal.replace(" ", " ")
11041105

1106+
retVal = htmlunescape(retVal)
1107+
11051108
return retVal
11061109

11071110
def getPageTextWordsSet(page):

lib/core/convert.py

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -93,7 +93,7 @@ def utf8decode(string):
9393
return string.decode("utf-8")
9494

9595
def htmlescape(string):
96-
return string.replace('&', '&amp;').replace('<', '&lt;').replace('>', '&gt;').replace('"', '&quot;').replace("'", '&#39;')
96+
return string.replace('&', '&amp;').replace('<', '&lt;').replace('>', '&gt;').replace('"', '&quot;').replace("'", '&#39;').replace(' ', '&nbsp;')
9797

9898
def htmlunescape(string):
99-
return string.replace('&amp;', '&').replace('&lt;', '<').replace('&gt;', '>').replace('&quot;', '"').replace('&#39;', "'")
99+
return string.replace('&amp;', '&').replace('&lt;', '<').replace('&gt;', '>').replace('&quot;', '"').replace('&#39;', "'").replace('&nbsp;', ' ')

lib/request/comparison.py

Lines changed: 2 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -9,7 +9,6 @@
99

1010
import re
1111

12-
from lib.core.common import getFilteredPageContent
1312
from lib.core.common import wasLastRequestError
1413
from lib.core.data import conf
1514
from lib.core.data import kb
@@ -50,7 +49,7 @@ def comparison(page, headers=None, getSeqMatcher=False, pageLength=None):
5049
if conf.regexp:
5150
return re.search(conf.regexp, page, re.I | re.M) is not None
5251

53-
# Dynamic content lines to be excluded before calculating page hash
52+
# Dynamic content lines to be excluded before comparison
5453
if not kb.nullConnection:
5554
for item in kb.dynamicMarkings:
5655
prefix, postfix = item
@@ -72,7 +71,7 @@ def comparison(page, headers=None, getSeqMatcher=False, pageLength=None):
7271
if ratio > 1.:
7372
ratio = 1. / ratio
7473
else:
75-
conf.seqMatcher.set_seq2(page if not conf.textOnly else getFilteredPageContent(page))
74+
conf.seqMatcher.set_seq2(page)
7675
ratio = round(conf.seqMatcher.ratio(), 3)
7776

7877
if kb.locks.seqLock:

lib/request/connect.py

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -18,6 +18,7 @@
1818
from lib.contrib import multipartpost
1919
from lib.core.agent import agent
2020
from lib.core.common import readInput
21+
from lib.core.common import getFilteredPageContent
2122
from lib.core.common import getUnicode
2223
from lib.core.convert import urlencode
2324
from lib.core.common import urlEncodeCookieValues
@@ -366,6 +367,9 @@ def queryPage(value=None, place=None, content=False, getSeqMatcher=False, silent
366367

367368
if not pageLength:
368369
page, headers = Connect.getPage(url=uri, get=get, post=post, cookie=cookie, ua=ua, silent=silent, method=method, auxHeaders=auxHeaders, response=response, raise404=raise404)
370+
371+
if conf.textOnly:
372+
page = getFilteredPageContent(page)
369373

370374
if content or response:
371375
return page, headers

0 commit comments

Comments
 (0)