|
80 | 80 | from lib.core.settings import CODECS_LIST_PAGE |
81 | 81 | from lib.core.settings import DEFAULT_PAGE_ENCODING |
82 | 82 | from lib.core.settings import DEFAULT_TOR_PORTS |
| 83 | +from lib.core.settings import GENERAL_IP_ADDRESS_REGEX |
83 | 84 | from lib.core.settings import IS_WIN |
84 | 85 | from lib.core.settings import PLATFORM |
85 | 86 | from lib.core.settings import PYVERSION |
@@ -829,8 +830,12 @@ def __setDNSCache(): |
829 | 830 | """ |
830 | 831 |
|
831 | 832 | def _getaddrinfo(*args, **kwargs): |
832 | | - if args in kb.cache: |
| 833 | + if conf.proxyDNSResponse: |
| 834 | + return conf.proxyDNSResponse |
| 835 | + |
| 836 | + elif args in kb.cache: |
833 | 837 | return kb.cache[args] |
| 838 | + |
834 | 839 | else: |
835 | 840 | kb.cache[args] = socket._getaddrinfo(*args, **kwargs) |
836 | 841 | return kb.cache[args] |
@@ -897,6 +902,17 @@ def __setHTTPProxy(): |
897 | 902 | else: |
898 | 903 | proxyHandler = urllib2.ProxyHandler({"http": __proxyString}) |
899 | 904 |
|
| 905 | + # Patch for DNS leakage |
| 906 | + if conf.proxy: |
| 907 | + if not re.match(GENERAL_IP_ADDRESS_REGEX, __hostname): |
| 908 | + try: |
| 909 | + addrinfo = socket.getaddrinfo(__hostname, __port) |
| 910 | + except: |
| 911 | + errMsg = "proxy host '%s' does not exist" % __hostname |
| 912 | + raise sqlmapConnectionException, errMsg |
| 913 | + __hostname = addrinfo[0][4][0] |
| 914 | + conf.proxyDNSResponse = [(2, 1, 0, '', (__hostname, int(__port)))] |
| 915 | + |
900 | 916 | def __setSafeUrl(): |
901 | 917 | """ |
902 | 918 | Check and set the safe URL options. |
@@ -1323,6 +1339,7 @@ def __setConfAttributes(): |
1323 | 1339 | conf.parameters = {} |
1324 | 1340 | conf.path = None |
1325 | 1341 | conf.port = None |
| 1342 | + conf.proxyDNSResponse = None |
1326 | 1343 | conf.resultsFilename = None |
1327 | 1344 | conf.resultsFP = None |
1328 | 1345 | conf.scheme = None |
|
0 commit comments