Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 9be8942

Browse files
stamparmstamparm
committed
implemented parameter --skip
1 parent e0f521c commit 9be8942

5 files changed

Lines changed: 26 additions & 3 deletions

File tree

lib/controller/controller.py

Lines changed: 8 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -419,14 +419,20 @@ def start():
419419
infoMsg = "skipping previously processed %s parameter '%s'" % (place, parameter)
420420
logger.info(infoMsg)
421421

422+
elif parameter in conf.testParameter:
423+
pass
424+
422425
elif parameter == conf.rParam:
423426
testSqlInj = False
424427

425428
infoMsg = "skipping randomizing %s parameter '%s'" % (place, parameter)
426429
logger.info(infoMsg)
427430

428-
elif parameter in conf.testParameter:
429-
pass
431+
elif parameter in conf.skip:
432+
testSqlInj = False
433+
434+
infoMsg = "skipping %s parameter '%s'" % (place, parameter)
435+
logger.info(infoMsg)
430436

431437
# Ignore session-like parameters for --level < 4
432438
elif conf.level < 4 and parameter.upper() in IGNORE_PARAMETERS:

lib/core/option.py

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1290,6 +1290,12 @@ def __cleanupOptions():
12901290
else:
12911291
conf.rParam = []
12921292

1293+
if conf.skip:
1294+
conf.skip = conf.skip.replace(" ", "")
1295+
conf.skip = re.split(PARAMETER_SPLITTING_REGEX, conf.skip)
1296+
else:
1297+
conf.skip = []
1298+
12931299
if conf.delay:
12941300
conf.delay = float(conf.delay)
12951301

@@ -1768,6 +1774,10 @@ def __basicOptionValidation():
17681774
errMsg = "switch --tor is incompatible with switch --proxy"
17691775
raise sqlmapSyntaxException, errMsg
17701776

1777+
if conf.skip and conf.testParameter:
1778+
errMsg = "switch --skip is incompatible with switch -p"
1779+
raise sqlmapSyntaxException, errMsg
1780+
17711781
if conf.mobile and conf.agent:
17721782
errMsg = "switch --mobile is incompatible with switch --user-agent"
17731783
raise sqlmapSyntaxException, errMsg

lib/core/optiondict.py

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -61,6 +61,7 @@
6161
"os": "string",
6262
"prefix": "string",
6363
"suffix": "string",
64+
"skip": "string",
6465
"tamper": "string"
6566
},
6667

lib/parse/cmdline.py

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -90,7 +90,7 @@ def cmdLineParser():
9090
help="Use randomly selected HTTP User-Agent header")
9191

9292
request.add_option("--randomize", dest="rParam",
93-
help="Randomly change value for the given parameter")
93+
help="Randomly change value for given parameter(s)")
9494

9595
request.add_option("--referer", dest="referer",
9696
help="HTTP Referer header")
@@ -184,6 +184,9 @@ def cmdLineParser():
184184
injection.add_option("--suffix", dest="suffix",
185185
help="Injection payload suffix string")
186186

187+
injection.add_option("--skip", dest="skip",
188+
help="Skip testing for given parameter(s)")
189+
187190
injection.add_option("--tamper", dest="tamper",
188191
help="Use given script(s) for tampering injection data")
189192

sqlmap.conf

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -185,6 +185,9 @@ prefix =
185185
# Injection payload suffix string
186186
suffix =
187187

188+
# Skip testing for given parameter(s)
189+
skip =
190+
188191
# Use given script(s) for tampering injection data
189192
tamper =
190193

0 commit comments

Comments
 (0)