Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit d0df8cd

Browse files
stamparmstamparm
committed
fix for that duplicates
1 parent 4f7f20b commit d0df8cd

2 files changed

Lines changed: 34 additions & 7 deletions

File tree

lib/controller/controller.py

Lines changed: 26 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -7,6 +7,8 @@
77
See the file 'doc/COPYING' for copying permission
88
"""
99

10+
import re
11+
1012
from lib.controller.action import action
1113
from lib.controller.checks import checkSqlInjection
1214
from lib.controller.checks import heuristicCheckSqlInjection
@@ -116,6 +118,21 @@ def start():
116118
conf.data = targetData
117119
conf.cookie = targetCookie
118120
injData = []
121+
122+
initTargetEnv()
123+
parseTargetUrl()
124+
125+
testSqlInj = False
126+
if "GET" in conf.parameters:
127+
for parameter in re.findall(r"([^=]+)=[^&]+&?", conf.parameters["GET"]):
128+
paramKey = (conf.hostname, conf.path, "GET", parameter)
129+
if paramKey not in kb.testedParams:
130+
testSqlInj = True
131+
break
132+
if not testSqlInj:
133+
infoMsg = "skipping '%s'" % targetUrl
134+
logger.info(infoMsg)
135+
continue
119136

120137
if conf.multipleTargets:
121138
hostCount += 1
@@ -140,8 +157,6 @@ def start():
140157
logMsg = "testing url %s" % targetUrl
141158
logger.info(logMsg)
142159

143-
initTargetEnv()
144-
parseTargetUrl()
145160
setupTargetEnv()
146161

147162
if not checkConnection() or not checkString() or not checkRegexp():
@@ -192,23 +207,26 @@ def start():
192207
continue
193208

194209
paramDict = conf.paramDict[place]
195-
196210
for parameter, value in paramDict.items():
197211
testSqlInj = True
198-
paramKey = (conf.hostname, place, parameter)
212+
paramKey = (conf.hostname, conf.path, place, parameter)
199213

200214
if paramKey in kb.testedParams:
201-
warnMsg = "skipping previously processed %s parameter '%s'" % (place, parameter)
202-
logger.warn(warnMsg)
203215
testSqlInj = False
216+
217+
infoMsg = "skipping previously processed %s parameter '%s'" % (place, parameter)
218+
logger.info(infoMsg)
219+
204220
# Avoid dinamicity test if the user provided the
205221
# parameter manually
206222
elif parameter in conf.testParameter:
207223
pass
224+
208225
elif not checkDynParam(place, parameter, value):
209226
warnMsg = "%s parameter '%s' is not dynamic" % (place, parameter)
210227
logger.warn(warnMsg)
211228
testSqlInj = False
229+
212230
else:
213231
logMsg = "%s parameter '%s' is dynamic" % (place, parameter)
214232
logger.info(logMsg)
@@ -217,6 +235,7 @@ def start():
217235

218236
if testSqlInj:
219237
heuristicCheckSqlInjection(place, parameter, value)
238+
220239
for parenthesis in range(0, 4):
221240
logMsg = "testing sql injection on %s " % place
222241
logMsg += "parameter '%s' with " % parameter
@@ -227,8 +246,8 @@ def start():
227246

228247
if injType:
229248
injData.append((place, parameter, injType))
230-
231249
break
250+
232251
else:
233252
infoMsg = "%s parameter '%s' is not " % (place, parameter)
234253
infoMsg += "injectable with %d parenthesis" % parenthesis

lib/core/target.py

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -124,28 +124,36 @@ def __setRequestParams():
124124
def __findPageForms():
125125
infoMsg = "searching for forms"
126126
logger.info(infoMsg)
127+
127128
response, _ = Request.queryPage(response=True)
128129
forms = ParseResponse(response, backwards_compat=False)
130+
129131
count = 1
130132
for form in forms:
131133
request = form.click()
134+
132135
url = request.get_full_url()
133136
method = request.get_method()
134137
data = request.get_data() if request.has_data() else None
138+
135139
message = "(#%d) Do you want to test form '%s' (%s, %s%s) [Y/n] " % (count, form.name, method, url, ", %s" % repr(data) if data else "")
136140
test = readInput(message, default="Y")
141+
137142
if not test or test[0] in ("y", "Y"):
138143
if method == "POST":
139144
message = " Edit POST data [default: %s]: " % (data if data else "")
140145
test = readInput(message, default=data)
146+
141147
elif method == "GET":
142148
if url.find("?") > -1:
143149
firstPart = url[:url.find("?")]
144150
secondPart = url[url.find("?")+1:]
145151
message = " Edit GET data [default: %s]: " % secondPart
146152
test = readInput(message, default=secondPart)
147153
url = "%s?%s" % (firstPart, test)
154+
148155
kb.targetUrls.add((url, method, data, conf.cookie))
156+
149157
count +=1
150158

151159
def __setOutputResume():

0 commit comments

Comments
 (0)