Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Support for chunked requests #3536

Merged
merged 5 commits into from Mar 19, 2019

Conversation

@boy-hack
Copy link
Contributor

commented Mar 16, 2019

refer:#3535
Bypassing some waf by using add headers for Transfer-Encoding:Chunked

I added a --chunk parameter option.when use it, it will convert all requests into chunks .
I defined the chunking keyword CHUNKED_KEYWORDS in setting.py, ensuring that each chunk does not contain a defined keyword.

@stamparm

This comment has been minimized.

Copy link
Member

commented Mar 16, 2019

I like the idea, though, there are couple of things to discuss:

  1. There is a missing reference to the (e.g.) https://github.com/icatproject/python-icat/blob/master/icat/chunkedhttp.py (or wherever this piece of code in httphandler.py has been "borrowed"). This should be added (either by yourself or myself)
  2. Header of https://github.com/sqlmapproject/sqlmap/pull/3536/files#diff-6f4e181d662678e93a05b3a19d9cd7d6 has to be the same as in all other sqlmap's python files. Handle (@w8ay) or proper contributor name can be put inside the doc/THANKS.md
  3. I would need to do some major re-vamping of the whole code as it doesn't meet the code-quality of the rest of sqlmap's code. This has nothing to do with the pull request. I am just warning that this has to be done (by myself)
@boy-hack

This comment has been minimized.

Copy link
Contributor Author

commented Mar 17, 2019

Thank you, for your comment

  1. Because urllib2 does not support chunked, I hooked some functions from the urllib2 and httplib, only I did it according to the source code of urllib2, no reference to other people's code.
  2. I'm sorry. I have removed my personal information.
  3. Good luck, I may be able to help with something.
@687766616e

This comment has been minimized.

Copy link

commented Mar 17, 2019

are you the guy named "w8ay"? @boyhack

@stamparm stamparm closed this Mar 18, 2019

@stamparm stamparm added invalid and removed invalid labels Mar 18, 2019

@stamparm stamparm reopened this Mar 18, 2019

@boy-hack

This comment has been minimized.

Copy link
Contributor Author

commented Mar 18, 2019

Ok, let me explain, I refer to urllib2 https://github.com/enthought/Python-2.7.3/blob/master/Lib/urllib2.py AbstractHTTPHandler do_request_, rewrite it in order to support chunked.
I haven't read the code for https://github.com/icatproject/python-icat/blob/master/icat/chunkedhttp.py (before you show it to me), I guess it does the same thing with me.
I am very willing to add references when referring to other people's code. This is respect for others. But I must explain that I really didn't refer to it

@stamparm stamparm merged commit 340e250 into sqlmapproject:master Mar 19, 2019

1 check passed

continuous-integration/travis-ci/pr The Travis CI build passed
Details

stamparm added a commit that referenced this pull request Mar 19, 2019

@stamparm

This comment has been minimized.

Copy link
Member

commented Mar 19, 2019

@boy-hack what to put inside doc/THANKS? @boy-hack or something else?

@stamparm

This comment has been minimized.

Copy link
Member

commented Mar 19, 2019

p.s. @boy-hack thank you for this feature and sorry for my (deleted) rant

stamparm added a commit that referenced this pull request Mar 19, 2019

stamparm added a commit that referenced this pull request Mar 19, 2019

@stamparm

This comment has been minimized.

Copy link
Member

commented Mar 19, 2019

p.p.s. added w8ay to doc/THANKS.md

@boy-hack

This comment has been minimized.

Copy link
Contributor Author

commented Mar 19, 2019

I am happy to use the name @boy-hack and it is my pleasure to contribute code to sqlmap great software :)

@boy-hack

This comment has been minimized.

Copy link
Contributor Author

commented Mar 19, 2019

w8ay is also very good

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
3 participants
You can’t perform that action at this time.