Re: [sqlmap-users] Google search ('dork') bug in sqlmap?
Brought to you by:
inquisb
Menu
▾
▴
Re: [sqlmap-users] Google search ('dork') bug in sqlmap?
|
From: Miroslav S. <mir...@gm...> - 2010-10-01 08:04:45
|
thanks. you are absolutely right. i've done the necessary changes.
thanks for report. check out the latest version from our SVN
repository to have it fixed.
kind regards.
On Fri, Oct 1, 2010 at 7:03 AM, Brandon E. <bra...@gm...> wrote:
> When using the Google 'dork' feature (-g option) in the latest development
> version of sqlmap (and what I can only assume would be all previous
> versions), it appears that when Google returns results it encodes HTML
> entities like the ampersand "&" with &. sqlmap does not do anything with
> these encoded entities and results in improperly named variables/parameters
> being checked.
>
> Observe the following output:
>
> [23:50:28] [WARNING] GET parameter 'amp;s' is not dynamic
> [23:50:28] [INFO] testing if GET parameter 'amp;id' is dynamic
> [23:50:29] [WARNING] GET parameter 'amp;id' is not dynamic
> [23:50:29] [INFO] testing if GET parameter 'amp;Name' is dynamic
>
> As "&" isn't converted to "&" prior to the disassembly of the URL for
> testing, sqlmap is under the impression that variable names are different
> than what they should be, and the wrong variables get tested.
>
> I have written a one-line patch to remedy this. In lib/utils/google.py, line
> 74 adds the target URL. Prior to the targetUrls.add() statement, place the
> following:
> match = match.replace("&", "&")
>
> This results in the for match .. block that the statements are contained in
> resembling:
>
> for match in self.__matches:
> if re.search("(.*?)\?(.+)", match, re.I):
> match = match.replace("&", "&")
> kb.targetUrls.add(( match, None, None, None ))
>
>
> If I am wrong and the right variables are being tested (but not properly
> displayed in the verbose output), please let me know. Otherwise this patch
> should be committed to the codebase in order to remedy this Google search
> results issue.
>
> - Brandon
>
>
> ------------------------------------------------------------------------------
> Start uncovering the many advantages of virtual appliances
> and start using them to simplify application deployment and
> accelerate your shift to cloud computing.
> http://p.sf.net/sfu/novell-sfdev2dev
> _______________________________________________
> sqlmap-users mailing list
> sql...@li...
> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>
>
--
Miroslav Stampar
E-mail / Jabber: miroslav.stampar (at) gmail.com
Mobile: +385921010204 (HR 0921010204)
PGP Key ID: 0xB5397B1B
Location: Zagreb, Croatia
|
