Improvement regarding option --skip for excluding certain parameter…

…(s) from testing
commixproject · Apr 17, 2024 · 0cf03d4 · 0cf03d4
1 parent f59c0d2
commit 0cf03d4
Show file tree

Hide file tree

Showing 4 changed files with 22 additions and 18 deletions.
diff --git a/doc/CHANGELOG.md b/doc/CHANGELOG.md
@@ -1,4 +1,5 @@
 ## Version 4.0 (TBA)
+* Revised: Improvement regarding option `--skip` for excluding certain parameter(s) from testing.
 * Revised: Improvement regarding specifying which parameter(s) to test (i.e. `-p` option).
 * Revised: Improvement regarding processing / ignoring injection marker (i.e. asterisk `*`).
 * Revised: Improvement regarding forcing usage of provided HTTP method (e.g. `PUT`).

diff --git a/src/core/injections/controller/checks.py b/src/core/injections/controller/checks.py
@@ -1162,22 +1162,27 @@ def check_provided_parameters():
         settings.TEST_PARAMETER[i] = settings.TEST_PARAMETER[i].split("=")[0]
 
 """
-Check defined skipped parameters
+Remove skipped parameters
 """
-def check_skipped_params(check_parameters, http_request_method):
-  settings.TEST_PARAMETER = [x + "," for x in settings.TEST_PARAMETER]
+def remove_skipped_params(url, check_parameters):
+  testable_parameters = list(set(check_parameters) - set(menu.options.skip_parameter.split(",")))
+  settings.TEST_PARAMETER = [x for x in testable_parameters if x not in settings.PARAMETER_SPLITTING_REGEX.join(settings.TEST_PARAMETER).split(settings.PARAMETER_SPLITTING_REGEX)]
+  _ = []
   for parameter in check_parameters:
-    if parameter in settings.PARAMETER_SPLITTING_REGEX.join(settings.TEST_PARAMETER).split(settings.PARAMETER_SPLITTING_REGEX):
-      info_msg = "Skipping " + http_request_method + " parameter '" + parameter + "'."
-      print(settings.print_info_msg(info_msg))
-  settings.TEST_PARAMETER = [x for x in check_parameters if x not in settings.PARAMETER_SPLITTING_REGEX.join(settings.TEST_PARAMETER).split(settings.PARAMETER_SPLITTING_REGEX)]
-  settings.TEST_PARAMETER = settings.PARAMETER_SPLITTING_REGEX.join(settings.TEST_PARAMETER)
+    if parameter not in settings.PARAMETER_SPLITTING_REGEX.join(settings.TEST_PARAMETER).split(settings.PARAMETER_SPLITTING_REGEX):
+      _.append(parameter)
+  if _:    
+    info_msg = "Skipping " + check_http_method(url) + " parameter" + ('', 's')[len(_) > 1] + " '" + str(", ".join(_)) + "'."
+    print(settings.print_info_msg(info_msg))
   menu.options.test_parameter = True
 
 """
 Print the non-listed parameters.
 """
-def testable_parameters(check_parameters, http_request_method, header_name):
+def testable_parameters(url, check_parameters, header_name):
+  if menu.options.skip_parameter != None:
+    remove_skipped_params(url, check_parameters)
+
   if len([i for i in settings.TEST_PARAMETER if i in settings.HTTP_HEADERS]) != 0 :
     menu.options.level = int(settings.HTTP_HEADER_INJECTION_LEVEL)
 
@@ -1226,13 +1231,11 @@ def testable_parameters(check_parameters, http_request_method, header_name):
         if menu.options.level >= settings.COOKIE_INJECTION_LEVEL and header_name != "":
           warn_msg += settings.HTTP_HEADER.capitalize()
         else:
-          warn_msg += http_request_method
+          warn_msg += check_http_method(url)
         warn_msg += "."
         print(settings.print_warning_msg(warn_msg))
-
-  if menu.options.skip_parameter != None:
-    check_skipped_params(check_parameters, http_request_method)
 
+
 """
 Only time-relative injection techniques support tamper
 """

diff --git a/src/core/injections/controller/controller.py b/src/core/injections/controller/controller.py
@@ -495,8 +495,8 @@ def cookie_injection(url, http_request_method, filename, timesec):
       menu.options.cookie = cookie_parameters[i]
       check_parameter = parameters.specify_cookie_parameter(menu.options.cookie)
       check_parameters.append(check_parameter)
-
-    checks.testable_parameters(check_parameters, http_request_method, header_name)
+      
+    checks.testable_parameters(url, check_parameters, header_name)
 
     for i in range(0, len(cookie_parameters)):
       parameter = menu.options.cookie = cookie_parameters[i]
@@ -543,7 +543,7 @@ def get_request(url, http_request_method, filename, timesec):
       check_parameters.append(check_parameter)
 
     header_name = ""
-    checks.testable_parameters(check_parameters, http_request_method, header_name)
+    checks.testable_parameters(url, check_parameters, header_name)
 
     for i in range(0, len(found_url)):
       url = found_url[i]
@@ -603,7 +603,7 @@ def post_request(url, http_request_method, filename, timesec):
     check_parameters.append(check_parameter)
 
   header_name = ""
-  checks.testable_parameters(check_parameters, http_request_method, header_name)
+  checks.testable_parameters(url, check_parameters, header_name)
 
   for i in range(0, len(found_parameter)):
     #if settings.INJECT_TAG in found_parameter[i]:

diff --git a/src/utils/settings.py b/src/utils/settings.py
@@ -247,7 +247,7 @@ def sys_argv_errors():
 DESCRIPTION = "The command injection exploiter"
 AUTHOR  = "Anastasios Stasinopoulos"
 VERSION_NUM = "4.0"
-REVISION = "30"
+REVISION = "31"
 STABLE_RELEASE = False
 VERSION = "v"
 if STABLE_RELEASE: