Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Incorrect payload location marking in Multipart forms #5602

Open
rohitkumarankam opened this issue Jan 10, 2024 · 1 comment
Open

Incorrect payload location marking in Multipart forms #5602

rohitkumarankam opened this issue Jan 10, 2024 · 1 comment
Labels
bug report

Comments

@rohitkumarankam
Copy link
Contributor

Describe the bug
Currently sqlmap is trying to mark all fields in multipart forms which is leading to corruption of file contents.

this is dumped by adding print(conf.data) after line 229 of /lib/core/target.py

--AaB03x
Content-Disposition: form-data; name="submit-name"

Larry*
--AaB03x
Content-Disposition: form-data; name="files"; filename="file1.txt"
Content-Type: text/plain

... contents of file1.txt ...*
--AaB03x
Content-Disposition: form-data; name="test-name"

IDK*
--AaB03x
Content-Disposition: form-data; name="files"
Content-Type: multipart/mixed; boundary=BbC04y
*
--BbC04y
Content-Disposition: file; filename="file1.txt"
Content-Type: text/plain

... contents of file1.txt ...*
--BbC04y
Content-Disposition: file; filename="file2.gif"
Content-Type: image/gif
Content-Transfer-Encoding: binary

...contents of file2.gif...*
--BbC04y--
--AaB03x--

Test file
multipart-test.req.txt
test file is based on multipart/form-data spec

To Reproduce

  1. Run 'sqlmap -r multipart-test.req.txt'

Expected behavior
Ideally it should only mark submit-name and test-name fields of the test file attached.

--AaB03x
Content-Disposition: form-data; name="submit-name"

Larry*
--AaB03x
Content-Disposition: form-data; name="files"; filename="file1.txt"
Content-Type: text/plain

... contents of file1.txt ...
--AaB03x
Content-Disposition: form-data; name="test-name"

IDK*
--AaB03x
Content-Disposition: form-data; name="files"
Content-Type: multipart/mixed; boundary=BbC04y

--BbC04y
Content-Disposition: file; filename="file1.txt"
Content-Type: text/plain

... contents of file1.txt ...
--BbC04y
Content-Disposition: file; filename="file2.gif"
Content-Type: image/gif
Content-Transfer-Encoding: binary

...contents of file2.gif...
--BbC04y--
--AaB03x--

Running environment:

  • sqlmap version: 1.8.1.2#dev
  • Installation method: git
  • Operating system: macOS 14.2.1 23C71 arm64
  • Python version: 3.9.6
@rohitkumarankam rohitkumarankam mentioned this issue Jan 10, 2024
Merged
@mastercho
Copy link

thats being bug for years

stamparm pushed a commit that referenced this issue Feb 8, 2024
@rohitkumarankam
fixed multipart form handling issue (#5602) (#5603)
9c1879b
MirMohammadd pushed a commit to MirMohammadd/sqlmap that referenced this issue May 4, 2024
@rohitkumarankam @MirMohammadd
fixed multipart form handling issue (sqlmapproject#5602) (sqlmapproje…
6041837 
…ct#5603)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug report
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@mastercho @rohitkumarankam