adding compatibility support for using --crawl and --forms together

stamparm · stamparm · commit ef987c6954de · 2011-10-29T09:32:20.000Z
diff --git a/extra/clientform/clientform.py b/extra/clientform/clientform.py
@@ -3363,6 +3363,9 @@ def _request_data(self):
             if self.enctype == "application/x-www-form-urlencoded":
                 return (uri, urlencode(self._pairs()),
                         [("Content-Type", self.enctype)])
+            elif self.enctype == "text/plain":
+                return (uri, self._pairs(),
+                        [("Content-Type", self.enctype)])
             elif self.enctype == "multipart/form-data":
                 data = StringIO()
                 http_hdrs = []
diff --git a/lib/core/common.py b/lib/core/common.py
@@ -3073,7 +3073,7 @@ def quote(s, safe):
 
 def findPageForms(content, url, raise_=False, addToTargets=False):
     class _(StringIO):
-        def __init__(self):
+        def __init__(self, content, url):
             StringIO.__init__(self, unicodeencode(content, kb.pageEncoding) if isinstance(content, unicode) else content)
             self._url = url
         def geturl(self):
@@ -3083,17 +3083,21 @@ def geturl(self):
         errMsg = "can't parse forms as the page content appears to be blank"
         raise sqlmapGenericException, errMsg
 
+    forms = None
     retVal = set()
-    response = _()
+    response = _(content, url)
     try:
         forms = ParseResponse(response, backwards_compat=False)
     except ParseError:
         errMsg = "badly formed HTML at the target url. will try to filter it"
         logger.error(errMsg)
         response.seek(0)
-        filtered = _("".join(re.findall(r'<form.+?</form>', response.read(), re.I | re.S)), response.geturl())
+        filtered = re.findall(r'<form.+?</form>', response.read(), re.I | re.S)
+        for i in xrange(len(filtered)):
+            filtered[i] = filtered[i][filtered[i].lower().rfind("<form"):]
+        response = _("".join(filtered), response.geturl())
         try:
-            forms = ParseResponse(filtered, backwards_compat=False)
+            forms = ParseResponse(response, backwards_compat=False)
         except ParseError:
             errMsg = "no success"
             if raise_:
diff --git a/lib/core/option.py b/lib/core/option.py
@@ -522,7 +522,7 @@ def __setBulkMultipleTargets():
     f.close()
 
 def __findPageForms():
-    if not conf.forms:
+    if not conf.forms or conf.crawlDepth:
         return
 
     if not checkConnection():
@@ -1796,10 +1796,6 @@ def __basicOptionValidation():
         errMsg = "switch --forms is compatible only with -u (--url) target switch"
         raise sqlmapSyntaxException, errMsg
 
-    if conf.forms and conf.crawlDepth:
-        errMsg = "switch --forms is currently not compatible with --crawl switch"
-        raise sqlmapSyntaxException, errMsg
-
     if conf.timeSec < 1:
         errMsg = "value for --time-sec option must be an integer greater than 0"
         raise sqlmapSyntaxException, errMsg
diff --git a/lib/utils/crawler.py b/lib/utils/crawler.py
@@ -15,6 +15,7 @@
 
 from lib.core.common import clearConsoleLine
 from lib.core.common import dataToStdout
+from lib.core.common import findPageForms
 from lib.core.common import singleTimeWarnMessage
 from lib.core.data import conf
 from lib.core.data import kb
@@ -92,6 +93,9 @@ def crawlThread():
                                         threadData.shared.outputs.add(url)
                                     kb.locks.outputs.release()
 
+                        if conf.forms:
+                            findPageForms(content, current, False, True)
+
                     if conf.verbose in (1, 2):
                         kb.locks.ioLock.acquire()
                         threadData.shared.count += 1
