2019-05-08 13:47:52 +03:00
#!/usr/bin/env python
2008-10-15 19:38:22 +04:00
"""
2023-01-03 01:24:59 +03:00
Copyright ( c ) 2006 - 2023 sqlmap developers ( https : / / sqlmap . org / )
2017-10-11 15:50:46 +03:00
See the file ' LICENSE ' for copying permission
2008-10-15 19:38:22 +04:00
"""
2019-01-22 03:28:24 +03:00
from __future__ import print_function
2018-09-27 10:15:53 +03:00
try :
import sys
2016-03-12 21:28:28 +03:00
2018-09-27 10:15:53 +03:00
sys . dont_write_bytecode = True
2016-03-12 21:28:28 +03:00
2018-09-27 10:15:53 +03:00
try :
__import__ ( " lib.utils.versioncheck " ) # this has to be the first non-standard import
except ImportError :
2019-03-04 18:36:19 +03:00
sys . exit ( " [!] wrong installation detected (missing modules). Visit ' https://github.com/sqlmapproject/sqlmap/#installation ' for further details " )
2016-03-12 21:28:28 +03:00
2018-09-27 10:15:53 +03:00
import bdb
import glob
import inspect
import json
import logging
import os
import re
import shutil
import sys
2019-05-09 11:52:33 +03:00
import tempfile
2018-09-27 10:15:53 +03:00
import threading
import time
import traceback
import warnings
2010-03-28 00:50:19 +03:00
2022-06-22 12:58:09 +03:00
if " --deprecations " not in sys . argv :
warnings . filterwarnings ( action = " ignore " , category = DeprecationWarning )
else :
warnings . resetwarnings ( )
2022-06-22 14:05:41 +03:00
warnings . filterwarnings ( action = " ignore " , message = " ' crypt ' " , category = DeprecationWarning )
warnings . simplefilter ( " ignore " , category = ImportWarning )
if sys . version_info > = ( 3 , 0 ) :
warnings . simplefilter ( " ignore " , category = ResourceWarning )
2022-06-22 12:58:09 +03:00
2020-12-07 23:30:18 +03:00
warnings . filterwarnings ( action = " ignore " , message = " Python 2 is no longer supported " )
2018-09-27 10:15:53 +03:00
warnings . filterwarnings ( action = " ignore " , message = " .*was already imported " , category = UserWarning )
2019-11-06 13:26:32 +03:00
warnings . filterwarnings ( action = " ignore " , message = " .*using a very old release " , category = UserWarning )
2019-11-19 14:56:56 +03:00
warnings . filterwarnings ( action = " ignore " , message = " .*default buffer size will be used " , category = RuntimeWarning )
2019-11-19 15:02:53 +03:00
warnings . filterwarnings ( action = " ignore " , category = UserWarning , module = " psycopg2 " )
2008-10-15 19:38:22 +04:00
2018-09-27 10:15:53 +03:00
from lib . core . data import logger
2016-05-10 10:19:59 +03:00
from lib . core . common import banner
2016-07-17 01:04:30 +03:00
from lib . core . common import checkIntegrity
2019-03-15 17:36:13 +03:00
from lib . core . common import checkPipedInput
2016-05-10 10:19:59 +03:00
from lib . core . common import createGithubIssue
from lib . core . common import dataToStdout
2022-01-19 17:00:16 +03:00
from lib . core . common import extractRegexResult
2019-03-29 04:28:16 +03:00
from lib . core . common import filterNone
2019-04-15 16:15:12 +03:00
from lib . core . common import getDaysFromLastUpdate
2019-11-05 01:53:35 +03:00
from lib . core . common import getFileItems
2016-05-10 10:19:59 +03:00
from lib . core . common import getSafeExString
from lib . core . common import maskSensitiveData
2017-07-03 17:55:24 +03:00
from lib . core . common import openFile
2016-05-10 10:19:59 +03:00
from lib . core . common import setPaths
from lib . core . common import weAreFrozen
2019-05-06 01:54:21 +03:00
from lib . core . convert import getUnicode
2019-01-30 02:45:38 +03:00
from lib . core . common import setColor
2019-06-04 15:48:51 +03:00
from lib . core . common import unhandledExceptionMessage
2022-04-05 01:12:09 +03:00
from lib . core . compat import LooseVersion
from lib . core . compat import xrange
2021-10-17 00:12:18 +03:00
from lib . core . data import cmdLineOptions
from lib . core . data import conf
from lib . core . data import kb
from lib . core . datatype import OrderedSet
2023-01-28 23:50:26 +03:00
from lib . core . enums import MKSTEMP_PREFIX
2016-05-10 10:19:59 +03:00
from lib . core . exception import SqlmapBaseException
from lib . core . exception import SqlmapShellQuitException
from lib . core . exception import SqlmapSilentQuitException
from lib . core . exception import SqlmapUserQuitException
from lib . core . option import init
2019-06-04 15:48:51 +03:00
from lib . core . option import initOptions
2018-06-13 00:02:38 +03:00
from lib . core . patch import dirtyPatches
2019-05-06 01:54:21 +03:00
from lib . core . patch import resolveCrossReferences
2016-06-18 02:21:57 +03:00
from lib . core . settings import GIT_PAGE
2016-05-10 10:19:59 +03:00
from lib . core . settings import IS_WIN
2019-04-15 16:15:12 +03:00
from lib . core . settings import LAST_UPDATE_NAGGING_DAYS
2016-05-10 10:19:59 +03:00
from lib . core . settings import LEGAL_DISCLAIMER
2016-05-17 14:54:42 +03:00
from lib . core . settings import THREAD_FINALIZATION_TIMEOUT
2016-06-19 18:44:47 +03:00
from lib . core . settings import UNICODE_ENCODING
2016-05-10 10:19:59 +03:00
from lib . core . settings import VERSION
from lib . parse . cmdline import cmdLineParser
2019-11-05 01:53:35 +03:00
from lib . utils . crawler import crawl
2016-05-10 10:19:59 +03:00
except KeyboardInterrupt :
errMsg = " user aborted "
2018-09-27 10:15:53 +03:00
if " logger " in globals ( ) :
2018-10-03 12:27:51 +03:00
logger . critical ( errMsg )
2018-09-27 10:15:53 +03:00
raise SystemExit
else :
import time
2019-03-04 18:36:19 +03:00
sys . exit ( " \r [ %s ] [CRITICAL] %s " % ( time . strftime ( " %X " ) , errMsg ) )
2013-02-06 13:28:17 +04:00
def modulePath ( ) :
"""
This will get us the program ' s directory, even if we are frozen
using py2exe
"""
2013-05-29 12:20:43 +04:00
try :
_ = sys . executable if weAreFrozen ( ) else __file__
except NameError :
_ = inspect . getsourcefile ( modulePath )
2016-06-19 18:44:47 +03:00
return getUnicode ( os . path . dirname ( os . path . realpath ( _ ) ) , encoding = sys . getfilesystemencoding ( ) or UNICODE_ENCODING )
2013-02-06 13:28:17 +04:00
2016-05-06 11:23:57 +03:00
def checkEnvironment ( ) :
try :
2016-08-02 01:17:59 +03:00
os . path . isdir ( modulePath ( ) )
2016-05-06 11:23:57 +03:00
except UnicodeEncodeError :
errMsg = " your system does not properly handle non-ASCII paths. "
errMsg + = " Please move the sqlmap ' s directory to the other location "
logger . critical ( errMsg )
raise SystemExit
2021-10-07 01:29:31 +03:00
if LooseVersion ( VERSION ) < LooseVersion ( " 1.0 " ) :
2016-05-06 11:23:57 +03:00
errMsg = " your runtime environment (e.g. PYTHONPATH) is "
errMsg + = " broken. Please make sure that you are not running "
errMsg + = " newer versions of sqlmap with runtime scripts for older "
errMsg + = " versions "
logger . critical ( errMsg )
raise SystemExit
2016-09-04 04:09:28 +03:00
# Patch for pip (import) environment
2016-09-04 02:33:52 +03:00
if " sqlmap.sqlmap " in sys . modules :
2016-09-04 04:09:28 +03:00
for _ in ( " cmdLineOptions " , " conf " , " kb " ) :
globals ( ) [ _ ] = getattr ( sys . modules [ " lib.core.data " ] , _ )
for _ in ( " SqlmapBaseException " , " SqlmapShellQuitException " , " SqlmapSilentQuitException " , " SqlmapUserQuitException " ) :
globals ( ) [ _ ] = getattr ( sys . modules [ " lib.core.exception " ] , _ )
2013-02-06 13:28:17 +04:00
def main ( ) :
"""
Main function of sqlmap when running from command line .
"""
try :
2018-06-13 00:02:38 +03:00
dirtyPatches ( )
2019-05-06 01:54:21 +03:00
resolveCrossReferences ( )
2016-05-06 11:23:57 +03:00
checkEnvironment ( )
2016-08-02 01:17:59 +03:00
setPaths ( modulePath ( ) )
2016-04-19 14:45:49 +03:00
banner ( )
2013-02-06 13:28:17 +04:00
# Store original command line options for possible later restoration
2019-11-21 17:58:04 +03:00
args = cmdLineParser ( )
cmdLineOptions . update ( args . __dict__ if hasattr ( args , " __dict__ " ) else args )
2013-02-06 13:28:17 +04:00
initOptions ( cmdLineOptions )
2019-03-15 17:36:13 +03:00
if checkPipedInput ( ) :
conf . batch = True
2017-04-10 20:21:22 +03:00
if conf . get ( " api " ) :
2016-09-28 15:48:33 +03:00
# heavy imports
from lib . utils . api import StdDbOut
from lib . utils . api import setRestAPILog
2013-02-06 13:28:17 +04:00
# Overwrite system standard output and standard error to write
# to an IPC database
sys . stdout = StdDbOut ( conf . taskid , messagetype = " stdout " )
sys . stderr = StdDbOut ( conf . taskid , messagetype = " stderr " )
2022-04-05 01:12:09 +03:00
2013-02-06 13:28:17 +04:00
setRestAPILog ( )
2014-09-16 18:28:38 +04:00
conf . showTime = True
2013-02-06 13:28:17 +04:00
dataToStdout ( " [!] legal disclaimer: %s \n \n " % LEGAL_DISCLAIMER , forceOutput = True )
2018-11-02 00:59:20 +03:00
dataToStdout ( " [*] starting @ %s \n \n " % time . strftime ( " %X / % Y- % m- %d / " ) , forceOutput = True )
2013-02-06 13:28:17 +04:00
init ( )
2017-12-04 17:40:59 +03:00
if not conf . updateAll :
# Postponed imports (faster start)
2018-06-20 14:51:03 +03:00
if conf . smokeTest :
2017-12-04 17:40:59 +03:00
from lib . core . testing import smokeTest
2019-04-19 15:36:23 +03:00
os . _exitcode = 1 - ( smokeTest ( ) or 0 )
2019-04-19 14:28:11 +03:00
elif conf . vulnTest :
from lib . core . testing import vulnTest
2019-04-19 15:36:23 +03:00
os . _exitcode = 1 - ( vulnTest ( ) or 0 )
2017-12-04 17:40:59 +03:00
else :
from lib . controller . controller import start
2021-01-07 15:52:38 +03:00
if conf . profile :
2018-06-20 14:51:03 +03:00
from lib . core . profiling import profile
globals ( ) [ " start " ] = start
profile ( )
else :
try :
2019-11-05 01:53:35 +03:00
if conf . crawlDepth and conf . bulkFile :
targets = getFileItems ( conf . bulkFile )
for i in xrange ( len ( targets ) ) :
2021-03-07 22:35:51 +03:00
target = None
2019-11-05 01:53:35 +03:00
try :
2021-10-17 00:12:18 +03:00
kb . targets = OrderedSet ( )
2019-11-05 01:53:35 +03:00
target = targets [ i ]
if not re . search ( r " (?i) \ Ahttp[s]*:// " , target ) :
target = " http:// %s " % target
infoMsg = " starting crawler for target URL ' %s ' ( %d / %d ) " % ( target , i + 1 , len ( targets ) )
logger . info ( infoMsg )
crawl ( target )
except Exception as ex :
2021-03-07 22:35:51 +03:00
if target and not isinstance ( ex , SqlmapUserQuitException ) :
2019-11-05 01:53:35 +03:00
errMsg = " problem occurred while crawling ' %s ' ( ' %s ' ) " % ( target , getSafeExString ( ex ) )
logger . error ( errMsg )
2019-11-09 03:01:19 +03:00
else :
raise
2019-11-05 01:53:35 +03:00
else :
if kb . targets :
start ( )
else :
start ( )
2019-03-27 02:58:12 +03:00
except Exception as ex :
2019-04-19 15:36:23 +03:00
os . _exitcode = 1
2018-06-20 14:51:03 +03:00
if " can ' t start new thread " in getSafeExString ( ex ) :
errMsg = " unable to start new threads. Please check OS (u)limits "
logger . critical ( errMsg )
raise SystemExit
else :
raise
2013-02-06 13:28:17 +04:00
except SqlmapUserQuitException :
2018-12-21 12:38:27 +03:00
if not conf . batch :
errMsg = " user quit "
logger . error ( errMsg )
2013-02-06 13:28:17 +04:00
except ( SqlmapSilentQuitException , bdb . BdbQuit ) :
pass
2014-09-16 16:12:43 +04:00
except SqlmapShellQuitException :
cmdLineOptions . sqlmapShell = False
except SqlmapBaseException as ex :
2015-09-10 16:51:33 +03:00
errMsg = getSafeExString ( ex )
2018-12-17 17:00:57 +03:00
logger . critical ( errMsg )
2020-05-13 13:39:37 +03:00
os . _exitcode = 1
2015-10-12 11:05:49 +03:00
raise SystemExit
2013-02-06 13:28:17 +04:00
except KeyboardInterrupt :
2022-12-12 17:24:27 +03:00
try :
print ( )
except IOError :
pass
2015-12-28 13:39:46 +03:00
2013-02-06 13:28:17 +04:00
except EOFError :
2019-01-22 03:28:24 +03:00
print ( )
2015-12-28 13:39:46 +03:00
2018-12-17 17:00:57 +03:00
errMsg = " exit "
logger . error ( errMsg )
2013-02-06 13:28:17 +04:00
2020-05-13 13:39:37 +03:00
except SystemExit as ex :
os . _exitcode = ex . code or 0
2013-02-06 13:28:17 +04:00
except :
2019-01-22 03:28:24 +03:00
print ( )
2013-02-06 13:28:17 +04:00
errMsg = unhandledExceptionMessage ( )
2014-10-27 02:37:46 +03:00
excMsg = traceback . format_exc ( )
2017-04-11 11:01:37 +03:00
valid = checkIntegrity ( )
2014-10-28 16:08:06 +03:00
2020-05-13 13:39:37 +03:00
os . _exitcode = 255
2019-12-06 00:20:00 +03:00
if any ( _ in excMsg for _ in ( " MemoryError " , " Cannot allocate memory " ) ) :
2018-12-17 17:00:57 +03:00
errMsg = " memory exhaustion detected "
logger . critical ( errMsg )
raise SystemExit
2019-01-22 12:12:17 +03:00
elif any ( _ in excMsg for _ in ( " No space left " , " Disk quota exceeded " , " Disk full while accessing " ) ) :
2018-12-17 17:00:57 +03:00
errMsg = " no space left on output device "
logger . critical ( errMsg )
raise SystemExit
2019-01-22 12:12:17 +03:00
elif any ( _ in excMsg for _ in ( " The paging file is too small " , ) ) :
errMsg = " no space left for paging file "
logger . critical ( errMsg )
raise SystemExit
2019-09-24 11:24:43 +03:00
elif all ( _ in excMsg for _ in ( " Access is denied " , " subprocess " , " metasploit " ) ) :
errMsg = " permission error occurred while running Metasploit "
logger . critical ( errMsg )
raise SystemExit
2019-12-27 16:38:22 +03:00
elif all ( _ in excMsg for _ in ( " Permission denied " , " metasploit " ) ) :
errMsg = " permission error occurred while using Metasploit "
logger . critical ( errMsg )
raise SystemExit
2018-12-17 17:00:57 +03:00
elif " Read-only file system " in excMsg :
errMsg = " output device is mounted as read-only "
logger . critical ( errMsg )
raise SystemExit
2020-07-15 15:53:35 +03:00
elif " Insufficient system resources " in excMsg :
errMsg = " resource exhaustion detected "
logger . critical ( errMsg )
raise SystemExit
2018-12-17 17:00:57 +03:00
elif " OperationalError: disk I/O error " in excMsg :
errMsg = " I/O error on output device "
logger . critical ( errMsg )
raise SystemExit
2015-12-28 13:39:46 +03:00
2018-12-17 17:00:57 +03:00
elif " Violation of BIDI " in excMsg :
errMsg = " invalid URL (violation of Bidi IDNA rule - RFC 5893) "
logger . critical ( errMsg )
raise SystemExit
2019-05-13 13:21:17 +03:00
elif " Invalid IPv6 URL " in excMsg :
errMsg = " invalid URL ( ' %s ' ) " % excMsg . strip ( ) . split ( ' \n ' ) [ - 1 ]
logger . critical ( errMsg )
raise SystemExit
2018-12-17 17:00:57 +03:00
elif " _mkstemp_inner " in excMsg :
errMsg = " there has been a problem while accessing temporary files "
logger . critical ( errMsg )
raise SystemExit
2015-12-28 13:39:46 +03:00
2020-09-04 11:48:35 +03:00
elif any ( _ in excMsg for _ in ( " tempfile.mkdtemp " , " tempfile.mkstemp " , " tempfile.py " ) ) :
2019-05-09 11:52:33 +03:00
errMsg = " unable to write to the temporary directory ' %s ' . " % tempfile . gettempdir ( )
errMsg + = " Please make sure that your disk is not full and "
errMsg + = " that you have sufficient write permissions to "
errMsg + = " create temporary files and/or directories "
logger . critical ( errMsg )
raise SystemExit
2020-12-18 14:13:07 +03:00
elif " Permission denied: ' " in excMsg :
match = re . search ( r " Permission denied: ' ([^ ' ]*) " , excMsg )
errMsg = " permission error occurred while accessing file ' %s ' " % match . group ( 1 )
logger . critical ( errMsg )
raise SystemExit
2018-12-17 17:00:57 +03:00
elif all ( _ in excMsg for _ in ( " twophase " , " sqlalchemy " ) ) :
errMsg = " please update the ' sqlalchemy ' package (>= 1.1.11) "
2020-12-10 16:22:44 +03:00
errMsg + = " (Reference: ' https://qiita.com/tkprof/items/7d7b2d00df9c5f16fffe ' ) "
2018-12-17 17:00:57 +03:00
logger . critical ( errMsg )
raise SystemExit
2022-04-21 16:03:22 +03:00
elif " invalid maximum character passed to PyUnicode_New " in excMsg and re . search ( r " \ A3 \ .[34] " , sys . version ) is not None :
errMsg = " please upgrade the Python version (>= 3.5) "
errMsg + = " (Reference: ' https://bugs.python.org/issue18183 ' ) "
logger . critical ( errMsg )
raise SystemExit
2018-12-17 17:00:57 +03:00
elif all ( _ in excMsg for _ in ( " scramble_caching_sha2 " , " TypeError " ) ) :
errMsg = " please downgrade the ' PyMySQL ' package (=< 0.8.1) "
2020-12-10 16:22:44 +03:00
errMsg + = " (Reference: ' https://github.com/PyMySQL/PyMySQL/issues/700 ' ) "
2018-12-17 17:00:57 +03:00
logger . critical ( errMsg )
raise SystemExit
elif " must be pinned buffer, not bytearray " in excMsg :
errMsg = " error occurred at Python interpreter which "
2019-05-08 14:38:07 +03:00
errMsg + = " is fixed in 2.7. Please update accordingly "
2020-12-10 16:22:44 +03:00
errMsg + = " (Reference: ' https://bugs.python.org/issue8104 ' ) "
2018-12-17 17:00:57 +03:00
logger . critical ( errMsg )
raise SystemExit
2021-11-27 22:24:28 +03:00
2022-01-19 17:00:16 +03:00
elif all ( _ in excMsg for _ in ( " OSError: [Errno 22] Invalid argument: ' " , " importlib " ) ) :
errMsg = " unable to read file ' %s ' " % extractRegexResult ( r " OSError: \ [Errno 22 \ ] Invalid argument: ' (?P<result>[^ ' ]+) " , excMsg )
logger . critical ( errMsg )
raise SystemExit
2021-11-27 22:24:28 +03:00
elif " hash_randomization " in excMsg :
errMsg = " error occurred at Python interpreter which "
errMsg + = " is fixed in 2.7.3. Please update accordingly "
errMsg + = " (Reference: ' https://docs.python.org/2/library/sys.html ' ) "
logger . critical ( errMsg )
raise SystemExit
2018-12-17 17:00:57 +03:00
2022-05-13 18:50:14 +03:00
elif " AttributeError: unable to access item " in excMsg and re . search ( r " 3 \ .11 \ . \ d+a " , sys . version ) :
errMsg = " there is a known issue when sqlmap is run with ALPHA versions of Python 3.11. "
errMsg + = " Please downgrade to some stable Python version "
logger . critical ( errMsg )
raise SystemExit
2020-03-13 00:36:12 +03:00
elif all ( _ in excMsg for _ in ( " Resource temporarily unavailable " , " os.fork() " , " dictionaryAttack " ) ) :
errMsg = " there has been a problem while running the multiprocessing hash cracking. "
errMsg + = " Please rerun with option ' --threads=1 ' "
logger . critical ( errMsg )
raise SystemExit
2018-12-17 17:00:57 +03:00
elif " can ' t start new thread " in excMsg :
errMsg = " there has been a problem while creating new thread instance. "
errMsg + = " Please make sure that you are not running too many processes "
if not IS_WIN :
errMsg + = " (or increase the ' ulimit -u ' value) "
logger . critical ( errMsg )
raise SystemExit
2019-07-17 14:03:48 +03:00
elif " can ' t allocate read lock " in excMsg :
errMsg = " there has been a problem in regular socket operation "
errMsg + = " ( ' %s ' ) " % excMsg . strip ( ) . split ( ' \n ' ) [ - 1 ]
logger . critical ( errMsg )
raise SystemExit
2018-12-17 17:00:57 +03:00
elif all ( _ in excMsg for _ in ( " pymysql " , " configparser " ) ) :
2022-03-08 01:10:39 +03:00
errMsg = " wrong initialization of ' pymsql ' detected (using Python3 dependencies) "
2018-12-17 17:00:57 +03:00
logger . critical ( errMsg )
raise SystemExit
2019-12-05 15:56:46 +03:00
2020-02-06 16:20:33 +03:00
elif all ( _ in excMsg for _ in ( " ntlm " , " socket.error, err " , " SyntaxError " ) ) :
2022-03-08 01:10:39 +03:00
errMsg = " wrong initialization of ' python-ntlm ' detected (using Python2 syntax) "
2020-02-06 16:20:33 +03:00
logger . critical ( errMsg )
raise SystemExit
2020-01-20 17:33:45 +03:00
elif all ( _ in excMsg for _ in ( " drda " , " to_bytes " ) ) :
2022-03-08 01:10:39 +03:00
errMsg = " wrong initialization of ' drda ' detected (using Python3 syntax) "
2020-01-20 17:33:45 +03:00
logger . critical ( errMsg )
raise SystemExit
2021-04-02 13:56:31 +03:00
elif " ' WebSocket ' object has no attribute ' status ' " in excMsg :
errMsg = " wrong websocket library detected "
errMsg + = " (Reference: ' https://github.com/sqlmapproject/sqlmap/issues/4572#issuecomment-775041086 ' ) "
logger . critical ( errMsg )
raise SystemExit
2019-12-05 15:56:46 +03:00
elif all ( _ in excMsg for _ in ( " window = tkinter.Tk() " , ) ) :
errMsg = " there has been a problem in initialization of GUI interface "
errMsg + = " ( ' %s ' ) " % excMsg . strip ( ) . split ( ' \n ' ) [ - 1 ]
logger . critical ( errMsg )
2020-02-06 16:26:42 +03:00
raise SystemExit
elif any ( _ in excMsg for _ in ( " unable to access item ' liveTest ' " , ) ) :
errMsg = " detected usage of files from different versions of sqlmap "
logger . critical ( errMsg )
2019-12-05 15:56:46 +03:00
raise SystemExit
2018-12-17 17:00:57 +03:00
2023-02-27 19:49:42 +03:00
elif any ( _ in errMsg for _ in ( " : 9.9.9# " , ) ) :
errMsg = " LOL :) "
logger . critical ( errMsg )
raise SystemExit
2019-12-06 00:20:00 +03:00
elif kb . get ( " dumpKeyboardInterrupt " ) :
raise SystemExit
elif any ( _ in excMsg for _ in ( " Broken pipe " , ) ) :
raise SystemExit
elif valid is False :
errMsg = " code integrity check failed (turning off automatic issue creation). "
errMsg + = " You should retrieve the latest development version from official GitHub "
errMsg + = " repository at ' %s ' " % GIT_PAGE
2018-12-17 17:00:57 +03:00
logger . critical ( errMsg )
2019-12-06 00:20:00 +03:00
print ( )
dataToStdout ( excMsg )
2018-12-17 17:00:57 +03:00
raise SystemExit
2022-03-11 20:31:05 +03:00
elif any ( _ in " %s \n %s " % ( errMsg , excMsg ) for _ in ( " tamper/ " , " waf/ " , " --engagement-dojo " ) ) :
2019-12-06 00:20:00 +03:00
logger . critical ( errMsg )
print ( )
dataToStdout ( excMsg )
2018-12-17 17:00:57 +03:00
raise SystemExit
2023-02-24 23:59:12 +03:00
elif any ( _ in excMsg for _ in ( " ImportError " , " ModuleNotFoundError " , " <frozen " , " Can ' t find file for module " , " SAXReaderNotAvailable " , " <built-in function compile> returned NULL without setting an exception " , " source code string cannot contain null bytes " , " No module named " , " tp_name field " , " module ' sqlite3 ' has no attribute ' OperationalError ' " ) ) :
2019-12-06 00:20:00 +03:00
errMsg = " invalid runtime environment ( ' %s ' ) " % excMsg . split ( " Error: " ) [ - 1 ] . strip ( )
logger . critical ( errMsg )
raise SystemExit
2020-07-16 15:22:32 +03:00
elif all ( _ in excMsg for _ in ( " SyntaxError: Non-ASCII character " , " .py on line " , " but no encoding declared " ) ) :
2019-12-06 00:20:00 +03:00
errMsg = " invalid runtime environment ( ' %s ' ) " % excMsg . split ( " Error: " ) [ - 1 ] . strip ( )
logger . critical ( errMsg )
raise SystemExit
2023-04-24 15:45:19 +03:00
elif all ( _ in excMsg for _ in ( " FileNotFoundError: [Errno 2] No such file or directory " , " cwd = os.getcwd() " ) ) :
errMsg = " invalid runtime environment ( ' %s ' ) " % excMsg . split ( " Error: " ) [ - 1 ] . strip ( )
logger . critical ( errMsg )
raise SystemExit
2022-05-13 18:45:17 +03:00
elif all ( _ in excMsg for _ in ( " PermissionError: [WinError 5] " , " multiprocessing " ) ) :
errMsg = " there is a permission problem in running multiprocessing on this system. "
errMsg + = " Please rerun with ' --disable-multi ' "
logger . critical ( errMsg )
raise SystemExit
2019-12-06 00:20:00 +03:00
elif all ( _ in excMsg for _ in ( " No such file " , " _ ' " ) ) :
errMsg = " corrupted installation detected ( ' %s ' ). " % excMsg . strip ( ) . split ( ' \n ' ) [ - 1 ]
errMsg + = " You should retrieve the latest development version from official GitHub "
errMsg + = " repository at ' %s ' " % GIT_PAGE
logger . critical ( errMsg )
raise SystemExit
2021-03-31 11:42:40 +03:00
elif all ( _ in excMsg for _ in ( " No such file " , " sqlmap.conf " , " Test " ) ) :
errMsg = " you are trying to run (hidden) development tests inside the production environment "
logger . critical ( errMsg )
raise SystemExit
2020-09-09 14:58:26 +03:00
elif all ( _ in excMsg for _ in ( " HTTPNtlmAuthHandler " , " ' str ' object has no attribute ' decode ' " ) ) :
errMsg = " package ' python-ntlm ' has a known compatibility issue with the "
2020-12-10 16:22:44 +03:00
errMsg + = " Python 3 (Reference: ' https://github.com/mullender/python-ntlm/pull/61 ' ) "
2020-09-09 14:58:26 +03:00
logger . critical ( errMsg )
raise SystemExit
2019-12-06 00:20:00 +03:00
elif " ' DictObject ' object has no attribute ' " in excMsg and all ( _ in errMsg for _ in ( " (fingerprinted) " , " (identified) " ) ) :
errMsg = " there has been a problem in enumeration. "
errMsg + = " Because of a considerable chance of false-positive case "
errMsg + = " you are advised to rerun with switch ' --flush-session ' "
logger . critical ( errMsg )
raise SystemExit
2022-12-20 15:29:37 +03:00
elif " database disk image is malformed " in excMsg :
errMsg = " local session file seems to be malformed. Please rerun with ' --flush-session ' "
logger . critical ( errMsg )
raise SystemExit
2021-12-24 18:11:05 +03:00
elif " AttributeError: ' module ' object has no attribute ' F_GETFD ' " in excMsg :
errMsg = " invalid runtime ( \" %s \" ) " % excMsg . split ( " Error: " ) [ - 1 ] . strip ( )
errMsg + = " (Reference: ' https://stackoverflow.com/a/38841364 ' & ' https://bugs.python.org/issue24944#msg249231 ' ) "
logger . critical ( errMsg )
raise SystemExit
2019-12-06 00:20:00 +03:00
elif " bad marshal data (unknown type code) " in excMsg :
match = re . search ( r " \ s*(.+) \ s+ValueError " , excMsg )
errMsg = " one of your .pyc files are corrupted %s " % ( " ( ' %s ' ) " % match . group ( 1 ) if match else " " )
errMsg + = " . Please delete .pyc files on your system to fix the problem "
logger . critical ( errMsg )
2018-12-17 17:00:57 +03:00
raise SystemExit
for match in re . finditer ( r ' File " (.+?) " , line ' , excMsg ) :
file_ = match . group ( 1 )
2019-05-21 15:39:30 +03:00
try :
file_ = os . path . relpath ( file_ , os . path . dirname ( __file__ ) )
except ValueError :
pass
2018-12-17 17:00:57 +03:00
file_ = file_ . replace ( " \\ " , ' / ' )
if " ../ " in file_ :
file_ = re . sub ( r " ( \ . \ ./)+ " , ' / ' , file_ )
2016-02-16 11:15:57 +03:00
else :
2018-12-17 17:00:57 +03:00
file_ = file_ . lstrip ( ' / ' )
file_ = re . sub ( r " / { 2,} " , ' / ' , file_ )
excMsg = excMsg . replace ( match . group ( 1 ) , file_ )
errMsg = maskSensitiveData ( errMsg )
excMsg = maskSensitiveData ( excMsg )
2016-02-16 11:15:57 +03:00
2018-12-17 17:00:57 +03:00
if conf . get ( " api " ) or not valid :
logger . critical ( " %s \n %s " % ( errMsg , excMsg ) )
else :
logger . critical ( errMsg )
2019-01-30 02:45:38 +03:00
dataToStdout ( " %s \n " % setColor ( excMsg . strip ( ) , level = logging . CRITICAL ) )
2018-12-17 17:00:57 +03:00
createGithubIssue ( errMsg , excMsg )
2013-02-06 13:28:17 +04:00
finally :
kb . threadContinue = False
2023-04-05 11:31:17 +03:00
if ( getDaysFromLastUpdate ( ) or 0 ) > LAST_UPDATE_NAGGING_DAYS :
2020-07-07 12:31:07 +03:00
warnMsg = " your sqlmap version is outdated "
2022-06-22 13:04:34 +03:00
logger . warning ( warnMsg )
2019-04-15 16:15:12 +03:00
2016-01-11 02:03:22 +03:00
if conf . get ( " showTime " ) :
2018-11-02 00:59:20 +03:00
dataToStdout ( " \n [*] ending @ %s \n \n " % time . strftime ( " %X / % Y- % m- %d / " ) , forceOutput = True )
2016-01-11 02:03:22 +03:00
2016-06-19 18:17:01 +03:00
kb . threadException = True
2016-01-11 01:27:32 +03:00
if kb . get ( " tempDir " ) :
2016-07-13 15:09:33 +03:00
for prefix in ( MKSTEMP_PREFIX . IPC , MKSTEMP_PREFIX . TESTING , MKSTEMP_PREFIX . COOKIE_JAR , MKSTEMP_PREFIX . BIG_ARRAY ) :
for filepath in glob . glob ( os . path . join ( kb . tempDir , " %s * " % prefix ) ) :
try :
os . remove ( filepath )
except OSError :
pass
2019-05-02 12:26:31 +03:00
2019-05-06 16:39:11 +03:00
if not filterNone ( filepath for filepath in glob . glob ( os . path . join ( kb . tempDir , ' * ' ) ) if not any ( filepath . endswith ( _ ) for _ in ( " .lock " , " .exe " , " .so " , ' _ ' ) ) ) : # ignore junk files
2019-05-02 12:26:31 +03:00
try :
shutil . rmtree ( kb . tempDir , ignore_errors = True )
except OSError :
pass
2016-01-11 01:27:32 +03:00
2013-02-06 13:28:17 +04:00
if conf . get ( " hashDB " ) :
2018-12-17 17:00:57 +03:00
conf . hashDB . flush ( True )
2021-09-29 22:38:59 +03:00
conf . hashDB . close ( ) # NOTE: because of PyPy
2013-02-06 13:28:17 +04:00
2017-07-05 14:35:02 +03:00
if conf . get ( " harFile " ) :
2019-05-09 16:39:10 +03:00
try :
with openFile ( conf . harFile , " w+b " ) as f :
json . dump ( conf . httpCollector . obtain ( ) , fp = f , indent = 4 , separators = ( ' , ' , ' : ' ) )
except SqlmapBaseException as ex :
errMsg = getSafeExString ( ex )
logger . critical ( errMsg )
2017-07-03 17:55:24 +03:00
2017-04-10 20:21:22 +03:00
if conf . get ( " api " ) :
2018-12-17 17:00:57 +03:00
conf . databaseCursor . disconnect ( )
2013-02-06 13:28:17 +04:00
2014-10-10 12:07:17 +04:00
if conf . get ( " dumper " ) :
conf . dumper . flush ( )
2016-05-17 14:54:42 +03:00
# short delay for thread finalization
2018-12-17 17:00:57 +03:00
_ = time . time ( )
2021-10-07 01:45:55 +03:00
while threading . active_count ( ) > 1 and ( time . time ( ) - _ ) > THREAD_FINALIZATION_TIMEOUT :
2018-12-17 17:00:57 +03:00
time . sleep ( 0.01 )
if cmdLineOptions . get ( " sqlmapShell " ) :
cmdLineOptions . clear ( )
conf . clear ( )
kb . clear ( )
conf . disableBanner = True
main ( )
2013-02-06 13:28:17 +04:00
if __name__ == " __main__ " :
2018-12-17 17:00:57 +03:00
try :
main ( )
except KeyboardInterrupt :
pass
2019-05-03 14:38:09 +03:00
except SystemExit :
raise
2019-04-30 14:20:31 +03:00
except :
2019-05-03 14:38:51 +03:00
traceback . print_exc ( )
2018-12-17 17:00:57 +03:00
finally :
# Reference: http://stackoverflow.com/questions/1635080/terminate-a-multi-thread-python-program
2021-10-07 01:45:55 +03:00
if threading . active_count ( ) > 1 :
2019-04-19 15:36:23 +03:00
os . _exit ( getattr ( os , " _exitcode " , 0 ) )
else :
sys . exit ( getattr ( os , " _exitcode " , 0 ) )
2018-01-31 13:24:28 +03:00
else :
2022-04-05 01:12:09 +03:00
# cancelling postponed imports (because of CI/CD checks)
2020-05-15 13:58:03 +03:00
__import__ ( " lib.controller.controller " )