Minor refactoring

stamparm · stamparm · commit 9fab2c9764f0 · 2017-12-04T13:41:02.000+01:00
diff --git a/lib/core/settings.py b/lib/core/settings.py
@@ -300,6 +300,9 @@
 # String representation for current database
 CURRENT_DB = "CD"
 
+# Name of SQLite file used for storing session data
+SESSION_SQLITE_FILE = "session.sqlite"
+
 # Regular expressions used for finding file paths in error messages
 FILE_PATH_REGEXES = (r"<b>(?P<result>[^<>]+?)</b> on line \d+", r"(?P<result>[^<>'\"]+?)['\"]? on line \d+", r"(?:[>(\[\s])(?P<result>[A-Za-z]:[\\/][\w. \\/-]*)", r"(?:[>(\[\s])(?P<result>/\w[/\w.~-]+)", r"href=['\"]file://(?P<result>/[^'\"]+)")
 
diff --git a/lib/core/target.py b/lib/core/target.py
@@ -62,6 +62,7 @@
 from lib.core.settings import REFERER_ALIASES
 from lib.core.settings import RESTORE_MERGED_OPTIONS
 from lib.core.settings import RESULTS_FILE_FORMAT
+from lib.core.settings import SESSION_SQLITE_FILE
 from lib.core.settings import SUPPORTED_DBMS
 from lib.core.settings import UNENCODED_ORIGINAL_VALUE
 from lib.core.settings import UNICODE_ENCODING
@@ -396,22 +397,25 @@ def process(match, repl):
             raise SqlmapGenericException(errMsg)
     else:
         for place in (PLACE.GET, PLACE.POST, PLACE.COOKIE):
+            if conf.csrfToken:
+                break
+
             for parameter in conf.paramDict.get(place, {}):
                 if any(parameter.lower().count(_) for _ in CSRF_TOKEN_PARAMETER_INFIXES):
                     message = "%s parameter '%s' appears to hold anti-CSRF token. " % (place, parameter)
                     message += "Do you want sqlmap to automatically update it in further requests? [y/N] "
 
                     if readInput(message, default='N', boolean=True):
                         conf.csrfToken = getUnicode(parameter)
-                    break
+                        break
 
 def _setHashDB():
     """
     Check and set the HashDB SQLite file for query resume functionality.
     """
 
     if not conf.hashDBFile:
-        conf.hashDBFile = conf.sessionFile or os.path.join(conf.outputPath, "session.sqlite")
+        conf.hashDBFile = conf.sessionFile or os.path.join(conf.outputPath, SESSION_SQLITE_FILE)
 
     if os.path.exists(conf.hashDBFile):
         if conf.flushSession:
diff --git a/txt/checksum.md5 b/txt/checksum.md5
@@ -46,10 +46,10 @@ e1c000db9be27f973569b1a430629037  lib/core/option.py
 760d9df2a27ded29109b390ab202e72d  lib/core/replication.py
 a2466b62e67f8b31736bac4dac590e51  lib/core/revision.py
 02d4762140a72fd44668d3dab5eabda9  lib/core/session.py
-0b215c469175a858a36a8858b22c475e  lib/core/settings.py
+4a2c73dcb44a0982c61e35afee07aada  lib/core/settings.py
 35bffbad762eb9e03db9e93b1c991103  lib/core/shell.py
 a59ec28371ae067a6fdd8f810edbee3d  lib/core/subprocessng.py
-d5a04d672a18f78deb2839c3745ff83c  lib/core/target.py
+d93501771b41315f9fb949305b6ed257  lib/core/target.py
 df8f6475a53d83400c1a3967c0a21bd7  lib/core/testing.py
 632538fe50f6b3179e1a5a85e8b79741  lib/core/threads.py
 a119989ca03f8c8fbdf7d3035084eb31  lib/core/unescaper.py
