@@ -136,7 +136,9 @@ def __setRequestParams():
136136 errMsg += "within the GET, POST and Cookie parameters"
137137 raise sqlmapGenericException , errMsg
138138
139- def __setPageForms ():
139+ def __findPageForms ():
140+ infoMsg = "searching for forms"
141+ logger .info (infoMsg )
140142 response , _ = Request .queryPage (response = True )
141143 forms = ParseResponse (response , backwards_compat = False )
142144 count = 1
@@ -145,10 +147,21 @@ def __setPageForms():
145147 url = request .get_full_url ()
146148 method = request .get_method ()
147149 data = request .get_data () if request .has_data () else None
148- message = "Form #%d (%s) [default: '%s'] " % (count , form .name , data )
149- test = readInput (message , default = data )
150+ message = "(#%d) Do you want to test form '%s' (%s, %s%s) [Y/n] " % (count , form .name , method , url , ", %s" % repr (data ) if data else "" )
151+ test = readInput (message , default = "Y" )
152+ if not test or test [0 ] in ("y" , "Y" ):
153+ if method == "POST" :
154+ message = " Edit POST data [default: %s]: " % (data if data else "" )
155+ test = readInput (message , default = data )
156+ elif method == "GET" :
157+ if url .find ("?" ) > - 1 :
158+ firstPart = url [:url .find ("?" )]
159+ secondPart = url [url .find ("?" )+ 1 :]
160+ message = " Edit GET data [default: %s]: " % secondPart
161+ test = readInput (message , default = secondPart )
162+ url = "%s?%s" % (firstPart , test )
163+ kb .targetUrls .add ((url , method , data , conf .cookie ))
150164 count += 1
151- kb .targetUrls .add ((url , method , data , conf .cookie ))
152165
153166def __setOutputResume ():
154167 """
0 commit comments