Some questions about HTTP requests from files.

[chalan630]

I've encountered issues in practical usage, as noted in issues #5434 and #5563 . When probing web services on non-standard ports using the following command:

python sqlmap.py -r "req.txt" --level 3 --dbms mssql --batch
        ___
       __H__
 ___ ___[)]_____ ___ ___  {1.8.6.9#dev}
|_ -| . [']     | .'| . |
|___|_  [)]_|_|_|__,|  _|
      |_|V...       |_|   https://sqlmap.org

[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program

[*] starting @ 09:59:23 /2024-06-25/

[09:59:23] [INFO] parsing HTTP request from 'req.txt'
it appears that provided value for POST parameter 'plog' has boundaries. Do you want to inject inside? [y/N] N
[09:59:24] [WARNING] provided value for parameter 'para1' is empty. Please, always use only valid parameter values so sqlmap could be able to run properly
[09:59:24] [INFO] testing connection to the target URL
[09:59:29] [CRITICAL] unable to retrieve page content
[09:59:29] [WARNING] HTTP error codes detected during run:
502 (Bad Gateway) - 1 times

Upon investigation, I found that the issue was resolved by disabling system proxy settings.

However, I observed in the source code at common#L5408 that the port number is intentionally removed from the Host header.

I also found that disabling this line of code resolves the issue I mentioned earlier.

Could you please clarify why the port number is deliberately omitted from the Host header in this context?

[stamparm]

please try it now with the latest revision.

example run:

$ cat req.txt 
GET /?id=1 HTTP/1.1
Content-Type: text/html
Host: 127.0.0.1:8000

$ python sqlmap.py -r req.txt -v 5 | grep Host:
Host: 127.0.0.1:8000
Host: 127.0.0.1:8000
Host: 127.0.0.1:8000
Host: 127.0.0.1:8000
Host: 127.0.0.1:8000
...