MCPcopy Index your code
hub / github.com/sqlmapproject/sqlmap / processResponse

Function processResponse

lib/request/basic.py:376–449  ·  view source on GitHub ↗
(page, responseHeaders, code=None, status=None)

Source from the content-addressed store, hash-verified

374 return page
375
376def processResponse(page, responseHeaders, code=None, status=None):
377 kb.processResponseCounter += 1
378 page = page or ""
379
380 parseResponse(page, responseHeaders if kb.processResponseCounter < PARSE_HEADERS_LIMIT else None, status)
381
382 if not kb.tableFrom and Backend.getIdentifiedDbms() in (DBMS.ACCESS,):
383 kb.tableFrom = extractRegexResult(SELECT_FROM_TABLE_REGEX, page)
384 else:
385 kb.tableFrom = None
386
387 if conf.parseErrors:
388 msg = extractErrorMessage(page)
389
390 if msg:
391 logger.warning("parsed DBMS error message: '%s'" % msg.rstrip('.'))
392
393 if not conf.skipWaf and kb.processResponseCounter < IDENTYWAF_PARSE_LIMIT:
394 rawResponse = "%s %s %s\n%s\n%s" % (_http_client.HTTPConnection._http_vsn_str, code or "", status or "", "".join(getUnicode(responseHeaders.headers if responseHeaders else [])), page[:HEURISTIC_PAGE_SIZE_THRESHOLD])
395
396 with kb.locks.identYwaf:
397 identYwaf.non_blind.clear()
398 try:
399 if identYwaf.non_blind_check(rawResponse, silent=True):
400 for waf in set(identYwaf.non_blind):
401 if waf not in kb.identifiedWafs:
402 kb.identifiedWafs.add(waf)
403 errMsg = "WAF/IPS identified as '%s'" % identYwaf.format_name(waf)
404 singleTimeLogMessage(errMsg, logging.CRITICAL)
405 except Exception as ex:
406 singleTimeWarnMessage("internal error occurred in WAF/IPS detection ('%s')" % getSafeExString(ex))
407
408 if kb.originalPage is None:
409 for regex in (EVENTVALIDATION_REGEX, VIEWSTATE_REGEX):
410 match = re.search(regex, page)
411 if match and PLACE.POST in conf.parameters:
412 name, value = match.groups()
413 if PLACE.POST in conf.paramDict and name in conf.paramDict[PLACE.POST]:
414 if conf.paramDict[PLACE.POST][name] in page:
415 continue
416 else:
417 msg = "do you want to automatically adjust the value of '%s'? [y/N]" % name
418
419 if not readInput(msg, default='N', boolean=True):
420 continue
421
422 conf.paramDict[PLACE.POST][name] = value
423 conf.parameters[PLACE.POST] = re.sub(r"(?i)(%s=)[^&]+" % re.escape(name), r"\g<1>%s" % value.replace('\\', r'\\'), conf.parameters[PLACE.POST])
424
425 if not kb.browserVerification and re.search(r"(?i)browser.?verification", page or ""):
426 kb.browserVerification = True
427 warnMsg = "potential browser verification protection mechanism detected"
428 if re.search(r"(?i)CloudFlare", page):
429 warnMsg += " (CloudFlare)"
430 singleTimeWarnMessage(warnMsg)
431
432 if not kb.captchaDetected and re.search(r"(?i)captcha", page or ""):
433 for match in re.finditer(r"(?si)<form.+?</form>", page):

Callers 1

getPageMethod · 0.90

Calls 14

extractRegexResultFunction · 0.90
extractErrorMessageFunction · 0.90
getUnicodeFunction · 0.90
singleTimeLogMessageFunction · 0.90
singleTimeWarnMessageFunction · 0.90
getSafeExStringFunction · 0.90
readInputFunction · 0.90
parseResponseFunction · 0.85
getIdentifiedDbmsMethod · 0.80
clearMethod · 0.45
addMethod · 0.45
searchMethod · 0.45

Tested by

no test coverage detected

Used in the wild real call sites across dependent graphs

searching dependent graphs…