added --scope feature regarding Feature #105

stamparm · stamparm · commit d58ba7ee6d13 · 2010-01-09T20:44:50.000Z
diff --git a/lib/core/option.py b/lib/core/option.py
@@ -162,7 +162,10 @@ def __feedTargetsDict(reqFile, addedTargetUrls):
             elif method is not None and method == "POST" and "=" in line:
                 data   = line
                 params = True
-
+        
+        if conf.scope:
+            getPostReq &= re.search(conf.scope, host) is not None
+            
         if getPostReq and params:
             if not url.startswith("http"):
                 url    = "%s://%s:%s%s" % (scheme or "http", host, port or "80", url)
diff --git a/lib/core/optiondict.py b/lib/core/optiondict.py
@@ -45,7 +45,9 @@
                                "proxy":             "string",
                                "threads":           "integer",
                                "delay":             "float",
-                               "timeout":           "float"
+                               "timeout":           "float",
+                               "retries":           "integer",
+                               "scope":             "string"
                              },
 
             "Injection":     {
@@ -63,6 +65,7 @@
             "Techniques":    {
                                "stackedTest":       "boolean",
                                "timeTest":          "boolean",
+                               "timesec":           "integer",
                                "unionTest":         "boolean",
                                "uTech":             "string",
                                "unionUse":          "boolean"
diff --git a/lib/parse/cmdline.py b/lib/parse/cmdline.py
@@ -117,6 +117,9 @@ def cmdLineParser():
         request.add_option("--retries", dest="retries", type="int", default=3,
                            help="Retries when the connection timeouts "
                                 "(default 3)")
+        request.add_option("--scope", dest="scope", 
+                           help="Regex expression for filtering targets "
+                                "from provided Burp or WebScarab log")
 
         # Injection options
         injection = OptionGroup(parser, "Injection", "These options can be "
diff --git a/sqlmap.conf b/sqlmap.conf
@@ -95,6 +95,10 @@ timeout = 30
 # Default: 3
 retries = 3
 
+# Regex expression for filtering targets
+# from provided Burp or WebScarab log (e.g. (google|yahoo))
+scope = None
+
 
 [Injection]
 
@@ -415,4 +419,4 @@ cleanup = False
 # 4: Show also HTTP responses headers
 # 5: Show also HTTP responses page content
 # Default: 1
-verbose = 1
+verbose = 1
