Skip to content

Commit c3d191e

Browse files
stamparmstamparm
committed
Minor update for an Issue sqlmapproject#2 
1 parent 1e238b5 commit c3d191e

File tree

2 files changed

+10
-6
lines changed

2 files changed

+10
-6
lines changed

lib/controller/controller.py

Lines changed: 7 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -161,12 +161,13 @@ def __randomFillBlankFields(value):
161161
message = "do you want to fill blank fields with random values? [Y/n] "
162162
test = readInput(message, default="Y")
163163
if not test or test[0] in ("y", "Y"):
164-
while extractRegexResult(EMPTY_FORM_FIELDS_REGEX, retVal):
165-
item = extractRegexResult(EMPTY_FORM_FIELDS_REGEX, retVal)
166-
if item[-1] == DEFAULT_GET_POST_DELIMITER:
167-
retVal = retVal.replace(item, "%s%s%s" % (item[:-1], randomStr(), DEFAULT_GET_POST_DELIMITER))
168-
else:
169-
retVal = retVal.replace(item, "%s%s" % (item, randomStr()))
164+
for match in re.finditer(EMPTY_FORM_FIELDS_REGEX, retVal):
165+
item = match.group("result")
166+
if not any(_ in item for _ in IGNORE_PARAMETERS):
167+
if item[-1] == DEFAULT_GET_POST_DELIMITER:
168+
retVal = retVal.replace(item, "%s%s%s" % (item[:-1], randomStr(), DEFAULT_GET_POST_DELIMITER))
169+
else:
170+
retVal = retVal.replace(item, "%s%s" % (item, randomStr()))
170171

171172
return retVal
172173

lib/core/settings.py

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -455,3 +455,6 @@
455455

456456
# Strings for detecting formatting errors
457457
FORMAT_EXCEPTION_STRINGS = ("Type mismatch", "Error converting", "Failed to convert", "System.FormatException", "java.lang.NumberFormatException")
458+
459+
# Regular expression used for extracting ASP.NET View State values
460+
VIEWSTATE_REGEX = r'(?P<name>__VIEWSTATE[^"]*)[^>]+value="(?P<name>[^"]+)'

0 commit comments

Comments
 (0)