diff --git a/extra/vulnserver/vulnserver.py b/extra/vulnserver/vulnserver.py index 694761615..e889cfaf6 100644 --- a/extra/vulnserver/vulnserver.py +++ b/extra/vulnserver/vulnserver.py @@ -133,7 +133,9 @@ class ReqHandler(BaseHTTPRequestHandler): self.send_response(OK) self.send_header("Content-type", "text/html") self.send_header("Connection", "close") - self.end_headers() + + if not self.raw_requestline.startswith(b"HEAD"): + self.end_headers() try: with _lock: @@ -152,7 +154,11 @@ class ReqHandler(BaseHTTPRequestHandler): except Exception as ex: output = "%s: %s" % (re.search(r"'([^']+)'", str(type(ex))).group(1), ex) - self.wfile.write(output.encode("utf8")) + if self.raw_requestline.startswith(b"HEAD"): + self.send_header("Content-Length", str(len(output))) + self.end_headers() + else: + self.wfile.write(output.encode("utf8")) else: self.send_response(NOT_FOUND) self.send_header("Connection", "close") @@ -164,6 +170,9 @@ class ReqHandler(BaseHTTPRequestHandler): def do_PUT(self): self.do_REQUEST() + def do_HEAD(self): + self.do_REQUEST() + def do_POST(self): length = int(self.headers.get("Content-length", 0)) if length: diff --git a/lib/core/settings.py b/lib/core/settings.py index 60fbbc614..28a2fb830 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -18,7 +18,7 @@ from lib.core.enums import OS from thirdparty.six import unichr as _unichr # sqlmap version (...) -VERSION = "1.3.11.48" +VERSION = "1.3.11.49" TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable" TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34} VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE) diff --git a/lib/core/testing.py b/lib/core/testing.py index de8acfcfe..14da34527 100644 --- a/lib/core/testing.py +++ b/lib/core/testing.py @@ -69,6 +69,7 @@ def vulnTest(): ("--flush-session --method=PUT --data='a=1&b=2&c=3&id=1' --skip-static --dump -T users --start=1 --stop=2", ("might be injectable", "Parameter: id (PUT)", "Type: boolean-based blind", "Type: time-based blind", "Type: UNION query", "2 entries")), ("--flush-session -H 'id: 1*' --tables", ("might be injectable", "Parameter: id #1* ((custom) HEADER)", "Type: boolean-based blind", "Type: time-based blind", "Type: UNION query", " users ")), ("--flush-session --cookie=\"PHPSESSID=d41d8cd98f00b204e9800998ecf8427e; id=1*; id2=2\" --tables --union-cols=3", ("might be injectable", "Cookie #1* ((custom) HEADER)", "Type: boolean-based blind", "Type: time-based blind", "Type: UNION query", " users ")), + ("--flush-session --null-connection --technique=B --banner", ("NULL connection is supported with HEAD method", "banner: '3")), ("--flush-session --parse-errors --eval=\"id2=2\" --referer=\"localhost\"", ("might be injectable", ": syntax error", "back-end DBMS: SQLite", "3 columns")), ("--banner --schema --dump -T users --binary-fields=surname --where \"id>3\"", ("banner: '3", "INTEGER", "TEXT", "id", "name", "surname", "2 entries", "6E616D6569736E756C6C")), ("--all --tamper=between,randomcase", ("5 entries", "Type: boolean-based blind", "Type: time-based blind", "Type: UNION query", "luther", "blisset", "fluffy", "179ad45c6ce2cb97cf1029e212046e81", "NULL", "nameisnull", "testpass")),