stamparm
commented
11 months ago when i spotted statistics-from-2022*.html i immediately knew that this is something that will never go into the sqlmap's codebase. imagine injecting everything everywhere. that would a chaos
please make your own crawler for such cases
kazet
Feature: support of crawling of sites that use clean URLs (e.g.
/statistics/2022orstatistics,2022,statistics-from-2022.html).Describe the solution you'd like Modify https://github.com/sqlmapproject/sqlmap/blob/master/lib/utils/crawler.py so that if the site links to a clean URL heuristics are used to generate a set of URLs to be scanned with injection points inserted:
/statistics/2022->/statistics*/2022and/statistics/2022*.statistics,2022,statistics-from-2022.html->statistics*,2022,statistics-from-2022.html,statistics,2022*,statistics-from-2022.html,statistics*,2022,statistics-from-2022*.html.Then, each of the URL with injection points is passed for scanning.
Describe alternatives you've considered I have considered implementing a separate crawler and running sqlmap on each of the found URLs with injection points - but if sqlmap already has a crawler, why not to modify it?
I am willing to implement such a feature - please let me know whether it makes sense to add it to sqlmap and whether the approach outlined above makes sense.