Fixes #59 - proper customizable redirect (302 and 301)

bdamele · bdamele · commit 6d0ea864140b · 2010-03-15T14:24:43.000Z
diff --git a/lib/core/option.py b/lib/core/option.py
@@ -69,10 +69,12 @@
 from lib.parse.queriesfile import queriesParser
 from lib.request.proxy import ProxyHTTPSHandler
 from lib.request.certhandler import HTTPSCertAuthHandler
+from lib.request.redirecthandler import SmartRedirectHandler
 from lib.utils.google import Google
 
 authHandler  = urllib2.BaseHandler()
 proxyHandler = urllib2.BaseHandler()
+redirectHandler = SmartRedirectHandler()
 
 def __urllib2Opener():
     """
@@ -81,6 +83,7 @@ def __urllib2Opener():
 
     global authHandler
     global proxyHandler
+    global redirectHandler
 
     debugMsg = "creating HTTP requests opener object"
     logger.debug(debugMsg)
@@ -89,7 +92,7 @@ def __urllib2Opener():
         opener  = urllib2.build_opener(proxyHandler, authHandler)
     else:
         conf.cj = cookielib.LWPCookieJar()
-        opener  = urllib2.build_opener(proxyHandler, authHandler, urllib2.HTTPCookieProcessor(conf.cj))
+        opener  = urllib2.build_opener(proxyHandler, authHandler, urllib2.HTTPCookieProcessor(conf.cj), redirectHandler)
 
     urllib2.install_opener(opener)
 
diff --git a/lib/request/certhandler.py b/lib/request/certhandler.py
@@ -22,9 +22,9 @@
 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
 """
 
-import sys
 import httplib
 import urllib2
+import sys
 
 from lib.core.data import conf
 
diff --git a/lib/request/connect.py b/lib/request/connect.py
@@ -125,6 +125,15 @@ def getPage(**kwargs):
             req            = urllib2.Request(url, post, headers)
             conn           = urllib2.urlopen(req)
 
+            if hasattr(conn, "redurl"):
+                infoMsg  = "connection redirected, going to use "
+                infoMsg += "%s as target address" % conn.redurl
+                logger.info(infoMsg)
+
+                conf.url = conn.redurl
+
+                return Connect.__getPageProxy(**kwargs)
+
             # Reset the number of connection retries
             conf.retriesCount = 0
 
@@ -163,7 +172,7 @@ def getPage(**kwargs):
             code            = conn.code
             status          = conn.msg
             responseHeaders = conn.info()
-            
+
             encoding = responseHeaders.get("Content-Encoding")
             page = decodePage(page, encoding)
 
diff --git a/lib/request/redirecthandler.py b/lib/request/redirecthandler.py
@@ -0,0 +1,46 @@
+#!/usr/bin/env python
+
+"""
+$Id$
+
+This file is part of the sqlmap project, http://sqlmap.sourceforge.net.
+
+Copyright (c) 2007-2010 Bernardo Damele A. G. <bernardo.damele@gmail.com>
+Copyright (c) 2006 Daniele Bellucci <daniele.bellucci@gmail.com>
+
+sqlmap is free software; you can redistribute it and/or modify it under
+the terms of the GNU General Public License as published by the Free
+Software Foundation version 2 of the License.
+
+sqlmap is distributed in the hope that it will be useful, but WITHOUT ANY
+WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more
+details.
+
+You should have received a copy of the GNU General Public License along
+with sqlmap; if not, write to the Free Software Foundation, Inc., 51
+Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+"""
+
+import urllib2
+
+class SmartRedirectHandler(urllib2.HTTPRedirectHandler):
+    def http_error_301(self, req, fp, code, msg, headers):
+        result = urllib2.HTTPRedirectHandler.http_error_301(self, req, fp, code, msg, headers)
+
+        if "location" in headers:
+            result.redurl = headers.getheaders("location")[0].split("?")[0]
+        elif "uri" in headers:
+            result.redurl = headers.getheaders("uri")[0].split("?")[0]
+
+        return result
+
+    def http_error_302(self, req, fp, code, msg, headers):
+        result = urllib2.HTTPRedirectHandler.http_error_302(self, req, fp, code, msg, headers)
+
+        if "location" in headers:
+            result.redurl = headers.getheaders("location")[0].split("?")[0]
+        elif "uri" in headers:
+            result.redurl = headers.getheaders("uri")[0].split("?")[0]
+
+        return result
