sqlmap/lib/core/session.py

#!/usr/bin/env python

"""
$Id$

Copyright (c) 2006-2011 sqlmap developers (http://www.sqlmap.org/)
See the file 'doc/COPYING' for copying permission
"""

import re

from lib.core.common import Backend
from lib.core.common import Format
from lib.core.common import dataToSessionFile
from lib.core.common import getFilteredPageContent
from lib.core.common import intersect
from lib.core.common import readInput
from lib.core.common import singleTimeWarnMessage
from lib.core.convert import base64pickle
from lib.core.convert import base64unpickle
from lib.core.data import conf
from lib.core.data import kb
from lib.core.data import logger
from lib.core.datatype import InjectionDict
from lib.core.enums import DBMS
from lib.core.enums import OS
from lib.core.enums import PAYLOAD
from lib.core.enums import PLACE
from lib.core.settings import METADB_SUFFIX
from lib.core.settings import SUPPORTED_DBMS
from lib.core.settings import UNKNOWN_DBMS_VERSION

def safeFormatString(value):
    retVal = value
    if retVal:
        retVal = retVal.replace("[", "__LEFT_SQUARE_BRACKET__").replace("]", "__RIGHT_SQUARE_BRACKET__")
    return retVal

def unSafeFormatString(value):
    retVal = value
    if retVal:
        retVal = retVal.replace("__LEFT_SQUARE_BRACKET__", "[").replace("__RIGHT_SQUARE_BRACKET__", "]")
    return retVal

def setInjection(inj):
    """
    Save information retrieved about injection place and parameter in the
    session file.
    """

    try:
        condition = ( not kb.resumedQueries
                    or ( kb.resumedQueries.has_key(conf.url) and
                    not kb.resumedQueries[conf.url].has_key("Injection data"))
                    or ( kb.resumedQueries[conf.url].has_key("Injection data")
                    and intersect(base64unpickle(kb.resumedQueries[conf.url]["Injection data"][:-1]).data.keys(),\
                        inj.data.keys()) != inj.data.keys()
                    ) )
    except AttributeError:
        warnMsg = "there were some changes in data model "
        warnMsg += "preventing normal resume of previously stored "
        warnMsg += "injection data. please use the --flush-session "
        warnMsg += "to have it fixed"
        singleTimeWarnMessage(warnMsg)

        condition = False

    if condition:
        dataToSessionFile("[%s][%s][%s][Injection data][%s]\n" % (conf.url, inj.place, safeFormatString(conf.parameters[inj.place]), base64pickle(inj)))

def setDynamicMarkings(markings):
    """
    Save information retrieved about dynamic markings to the
    session file.
    """

    condition = (
                  ( not kb.resumedQueries
                  or ( kb.resumedQueries.has_key(conf.url) and
                  not kb.resumedQueries[conf.url].has_key("Dynamic markings")
                  ) )
                )

    if condition:
        dataToSessionFile("[%s][%s][%s][Dynamic markings][%s]\n" % (conf.url, None, None, base64pickle(markings)))

def setDbms(dbms):
    """
    @param dbms: database management system to be set into the knowledge
    base as fingerprint.
    @type dbms: C{str}
    """
    condition = (
                  not kb.resumedQueries
                  or ( kb.resumedQueries.has_key(conf.url) and
                  not kb.resumedQueries[conf.url].has_key("DBMS") )
                )

    if condition:
        dataToSessionFile("[%s][%s][%s][DBMS][%s]\n" % (conf.url, kb.injection.place, safeFormatString(conf.parameters[kb.injection.place]), safeFormatString(dbms)))

    firstRegExp = "(%s)" % ("|".join([alias for alias in SUPPORTED_DBMS]))
    dbmsRegExp = re.search("^%s" % firstRegExp, dbms, re.I)

    if dbmsRegExp:
        dbms = dbmsRegExp.group(1)

    Backend.setDbms(dbms)

    logger.info("the back-end DBMS is %s" % Backend.getDbms())

def setOs():
    """
    Example of kb.bannerFp dictionary:

    {
      'sp': set(['Service Pack 4']),
      'dbmsVersion': '8.00.194',
      'dbmsServicePack': '0',
      'distrib': set(['2000']),
      'dbmsRelease': '2000',
      'type': set(['Windows'])
    }
    """

    infoMsg = ""
    condition = (
                  not kb.resumedQueries
                  or ( kb.resumedQueries.has_key(conf.url) and
                  not kb.resumedQueries[conf.url].has_key("OS") )
                )

    if not kb.bannerFp:
        return

    if "type" in kb.bannerFp:
        Backend.setOs(Format.humanize(kb.bannerFp["type"]))
        infoMsg = "the back-end DBMS operating system is %s" % Backend.getOs()

    if "distrib" in kb.bannerFp:
        kb.osVersion = Format.humanize(kb.bannerFp["distrib"])
        infoMsg += " %s" % kb.osVersion

    if "sp" in kb.bannerFp:
        kb.osSP = int(Format.humanize(kb.bannerFp["sp"]).replace("Service Pack ", ""))

    elif "sp" not in kb.bannerFp and Backend.isOs(OS.WINDOWS):
        kb.osSP = 0

    if Backend.getOs() and kb.osVersion and kb.osSP:
        infoMsg += " Service Pack %d" % kb.osSP

    if infoMsg:
        logger.info(infoMsg)

    if condition:
        dataToSessionFile("[%s][%s][%s][OS][%s]\n" % (conf.url, kb.injection.place, safeFormatString(conf.parameters[kb.injection.place]), Backend.getOs()))

def setRemoteTempPath():
    condition = (
                  not kb.resumedQueries or ( kb.resumedQueries.has_key(conf.url) and
                  not kb.resumedQueries[conf.url].has_key("Remote temp path") )
                )

    if condition:
        dataToSessionFile("[%s][%s][%s][Remote temp path][%s]\n" % (conf.url, kb.injection.place, safeFormatString(conf.parameters[kb.injection.place]), safeFormatString(conf.tmpPath)))

def setXpCmdshellAvailability(available):
    condition = (
                  not kb.resumedQueries or ( kb.resumedQueries.has_key(conf.url) and
                  not kb.resumedQueries[conf.url].has_key("xp_cmdshell availability") )
                )

    if condition:
        dataToSessionFile("[%s][%s][%s][xp_cmdshell availability][%s]\n" % (conf.url, kb.injection.place, safeFormatString(conf.parameters[kb.injection.place]), str(available).lower()))

def resumeConfKb(expression, url, value):
    if expression == "Injection data" and url == conf.url:
        try:
            injection = base64unpickle(value[:-1])
        except AttributeError:
            warnMsg = "there were some changes in data model "
            warnMsg += "preventing normal resume of previously stored "
            warnMsg += "injection data. please use the --flush-session "
            warnMsg += "to have it fixed"
            singleTimeWarnMessage(warnMsg)
            return

        infoMsg = "resuming injection data from session file"
        logger.info(infoMsg)

        if injection.place in conf.paramDict and \
           injection.parameter in conf.paramDict[injection.place]:

            if not conf.tech or intersect(conf.tech, injection.data.keys()):
                if intersect(conf.tech, injection.data.keys()):
                    injection.data = dict(filter(lambda (key, item): key in conf.tech, injection.data.items()))

                if injection not in kb.injections:
                    kb.injections.append(injection)
        else:
            warnMsg = "there is an injection in %s parameter '%s' " % (injection.place, injection.parameter)
            warnMsg += "but you did not provided it this time"
            logger.warn(warnMsg)

    elif expression == "Dynamic markings" and url == conf.url:
        kb.dynamicMarkings = base64unpickle(value[:-1])
        infoMsg = "resuming dynamic markings from session file"
        logger.info(infoMsg)

    elif expression == "DBMS" and url == conf.url:
        dbms = unSafeFormatString(value[:-1])
        dbms = dbms.lower()
        dbmsVersion = [UNKNOWN_DBMS_VERSION]

        infoMsg = "resuming back-end DBMS '%s' " % dbms
        infoMsg += "from session file"
        logger.info(infoMsg)

        firstRegExp = "(%s)" % ("|".join([alias for alias in SUPPORTED_DBMS]))
        dbmsRegExp = re.search("%s ([\d\.]+)" % firstRegExp, dbms)

        if dbmsRegExp:
            dbms = dbmsRegExp.group(1)
            dbmsVersion = [ dbmsRegExp.group(2) ]

        if conf.dbms and conf.dbms.lower() != dbms:
            message = "you provided '%s' as back-end DBMS, " % conf.dbms
            message += "but from a past scan information on the target URL "
            message += "sqlmap assumes the back-end DBMS is %s. " % dbms
            message += "Do you really want to force the back-end "
            message += "DBMS value? [y/N] "
            test = readInput(message, default="N")

            if not test or test[0] in ("n", "N"):
                conf.dbms = None
                Backend.setDbms(dbms)
                Backend.setVersionList(dbmsVersion)
        else:
            Backend.setDbms(dbms)
            Backend.setVersionList(dbmsVersion)

    elif expression == "OS" and url == conf.url:
        os = unSafeFormatString(value[:-1])

        if os and os != 'None':
            infoMsg = "resuming back-end DBMS operating system '%s' " % os
            infoMsg += "from session file"
            logger.info(infoMsg)

            if conf.os and conf.os.lower() != os.lower():
                message = "you provided '%s' as back-end DBMS operating " % conf.os
                message += "system, but from a past scan information on the "
                message += "target URL sqlmap assumes the back-end DBMS "
                message += "operating system is %s. " % os
                message += "Do you really want to force the back-end DBMS "
                message += "OS value? [y/N] "
                test = readInput(message, default="N")

                if not test or test[0] in ("n", "N"):
                    conf.os = os
            else:
                conf.os = os

            Backend.setOs(conf.os)

    elif expression == "Remote temp path" and url == conf.url and conf.tmpPath is None:
        conf.tmpPath = unSafeFormatString(value[:-1])

        infoMsg = "resuming remote absolute path of temporary "
        infoMsg += "files directory '%s' from session file" % conf.tmpPath
        logger.info(infoMsg)

    elif conf.freshQueries:
        pass

    elif expression == "xp_cmdshell availability" and url == conf.url:
        kb.xpCmdshellAvailable = True if unSafeFormatString(value[:-1]).lower() == "true" else False
        infoMsg = "resuming xp_cmdshell availability"
        logger.info(infoMsg)
After the storm, a restore.. 2008-10-15 19:38:22 +04:00			`#!/usr/bin/env python`

			`"""`
propsets.. 2008-10-15 19:56:32 +04:00			$Id$
After the storm, a restore.. 2008-10-15 19:38:22 +04:00
Changed homepage address 2011-07-08 00:10:03 +04:00			`Copyright (c) 2006-2011 sqlmap developers (http://www.sqlmap.org/)`
sorry, cosmetics 2010-10-15 03:18:29 +04:00			`See the file 'doc/COPYING' for copying permission`
After the storm, a restore.. 2008-10-15 19:38:22 +04:00			`"""`

			`import re`

refactoring (class names should always be Capital cased) 2011-01-28 19:36:09 +03:00			`from lib.core.common import Backend`
			`from lib.core.common import Format`
After the storm, a restore.. 2008-10-15 19:38:22 +04:00			`from lib.core.common import dataToSessionFile`
minor update 2011-01-06 11:54:50 +03:00			`from lib.core.common import getFilteredPageContent`
--technique can now be something like 123 which includes both techniques 1, 2 and 3 2011-02-18 00:39:16 +03:00			`from lib.core.common import intersect`
After the storm, a restore.. 2008-10-15 19:38:22 +04:00			`from lib.core.common import readInput`
minor update 2011-07-08 13:32:58 +04:00			`from lib.core.common import singleTimeWarnMessage`
Added tag <epayload> to the payloads.xml's <test> tag to define which payload to use when exploiting the test type. Removed some useless tests. Moved <error> from queries.xml to payloads.xml as it makes more sense. Beeps at sql inj found only if --beep is provided. Minor fix in order to be able to pickle advancedDict() objects. Minor code refactoring. Removed useless folders. 2010-12-01 20:09:52 +03:00			`from lib.core.convert import base64pickle`
			`from lib.core.convert import base64unpickle`
After the storm, a restore.. 2008-10-15 19:38:22 +04:00			`from lib.core.data import conf`
			`from lib.core.data import kb`
			`from lib.core.data import logger`
few fixes and minor cosmetics 2011-07-08 10:02:31 +04:00			`from lib.core.datatype import InjectionDict`
Fixed store and resume of brute-forced tables/columns for MSSQL/Sybase 2011-02-10 14:14:05 +03:00			`from lib.core.enums import DBMS`
Minor code refactoring relating set/get back-end DBMS operating system and minor bug fix to properly enforce OS value with --os switch 2011-04-23 20:25:09 +04:00			`from lib.core.enums import OS`
Rewrite from scratch the detection engine. Now it performs checks defined in payload.xml. User can specify its own. All (hopefully) functionalities should still be working. Added two switches, --level and --risk to specify which injection tests and boundaries to use. The main advantage now is that sqlmap is able to identify initially which injection types are present so for instance if boolean-based blind is not supported, but error-based is, sqlmap will keep going and work! 2010-11-28 21:10:54 +03:00			`from lib.core.enums import PAYLOAD`
further refactoring (all enumerations are now put into enums.py) 2010-11-08 12:20:02 +03:00			`from lib.core.enums import PLACE`
resume of brute forced data is now available 2010-12-27 17:17:20 +03:00			`from lib.core.settings import METADB_SUFFIX`
fix for proper Firebird resume of version 2011-01-24 14:04:32 +03:00			`from lib.core.settings import SUPPORTED_DBMS`
code refactoring (added UNKNOWN_DBMS_VERSION instead of "Unknown") 2010-12-18 00:29:09 +03:00			`from lib.core.settings import UNKNOWN_DBMS_VERSION`
After the storm, a restore.. 2008-10-15 19:38:22 +04:00
bug fix (reported by james@ev6.net) 2010-10-11 00:51:11 +04:00			`def safeFormatString(value):`
			`retVal = value`
			`if retVal:`
			`retVal = retVal.replace("[", "__LEFT_SQUARE_BRACKET__").replace("]", "__RIGHT_SQUARE_BRACKET__")`
			`return retVal`

			`def unSafeFormatString(value):`
			`retVal = value`
			`if retVal:`
			`retVal = retVal.replace("__LEFT_SQUARE_BRACKET__", "[").replace("__RIGHT_SQUARE_BRACKET__", "]")`
			`return retVal`

Rewrite from scratch the detection engine. Now it performs checks defined in payload.xml. User can specify its own. All (hopefully) functionalities should still be working. Added two switches, --level and --risk to specify which injection tests and boundaries to use. The main advantage now is that sqlmap is able to identify initially which injection types are present so for instance if boolean-based blind is not supported, but error-based is, sqlmap will keep going and work! 2010-11-28 21:10:54 +03:00			`def setInjection(inj):`
After the storm, a restore.. 2008-10-15 19:38:22 +04:00			`"""`
			`Save information retrieved about injection place and parameter in the`
			`session file.`
			`"""`

quick fix 2011-07-09 02:34:44 +04:00			`try:`
			`condition = ( not kb.resumedQueries`
			`or ( kb.resumedQueries.has_key(conf.url) and`
			`not kb.resumedQueries[conf.url].has_key("Injection data"))`
			`or ( kb.resumedQueries[conf.url].has_key("Injection data")`
			`and intersect(base64unpickle(kb.resumedQueries[conf.url]["Injection data"][:-1]).data.keys(),\`
			`inj.data.keys()) != inj.data.keys()`
			`) )`
			`except AttributeError:`
			`warnMsg = "there were some changes in data model "`
			`warnMsg += "preventing normal resume of previously stored "`
			`warnMsg += "injection data. please use the --flush-session "`
			`warnMsg += "to have it fixed"`
			`singleTimeWarnMessage(warnMsg)`

			`condition = False`
After the storm, a restore.. 2008-10-15 19:38:22 +04:00
			`if condition:`
Added tag <epayload> to the payloads.xml's <test> tag to define which payload to use when exploiting the test type. Removed some useless tests. Moved <error> from queries.xml to payloads.xml as it makes more sense. Beeps at sql inj found only if --beep is provided. Minor fix in order to be able to pickle advancedDict() objects. Minor code refactoring. Removed useless folders. 2010-12-01 20:09:52 +03:00			`dataToSessionFile("[%s][%s][%s][Injection data][%s]\n" % (conf.url, inj.place, safeFormatString(conf.parameters[inj.place]), base64pickle(inj)))`
Proper saving and resuming when more than a parameter are injectable. Minor bug fix to --stacked-test Minor code refactoring. 2010-11-29 04:04:42 +03:00
bug fix (dynamic markings were not restored in program rerun which potentially led to no data retrieved) 2010-12-29 22:48:19 +03:00			`def setDynamicMarkings(markings):`
			`"""`
			`Save information retrieved about dynamic markings to the`
			`session file.`
			`"""`

			`condition = (`
			`( not kb.resumedQueries`
			`or ( kb.resumedQueries.has_key(conf.url) and`
			`not kb.resumedQueries[conf.url].has_key("Dynamic markings")`
			`) )`
			`)`

			`if condition:`
			`dataToSessionFile("[%s][%s][%s][Dynamic markings][%s]\n" % (conf.url, None, None, base64pickle(markings)))`

After the storm, a restore.. 2008-10-15 19:38:22 +04:00			`def setDbms(dbms):`
			`"""`
			`@param dbms: database management system to be set into the knowledge`
			`base as fingerprint.`
			`@type dbms: C{str}`
			`"""`
			`condition = (`
Implemented a better way to deal with % characters in parameters' value. Minor code restyle. 2008-10-16 19:31:02 +04:00			`not kb.resumedQueries`
After the storm, a restore.. 2008-10-15 19:38:22 +04:00			`or ( kb.resumedQueries.has_key(conf.url) and`
Implemented a better way to deal with % characters in parameters' value. Minor code restyle. 2008-10-16 19:31:02 +04:00			`not kb.resumedQueries[conf.url].has_key("DBMS") )`
After the storm, a restore.. 2008-10-15 19:38:22 +04:00			`)`

			`if condition:`
Rewrite from scratch the detection engine. Now it performs checks defined in payload.xml. User can specify its own. All (hopefully) functionalities should still be working. Added two switches, --level and --risk to specify which injection tests and boundaries to use. The main advantage now is that sqlmap is able to identify initially which injection types are present so for instance if boolean-based blind is not supported, but error-based is, sqlmap will keep going and work! 2010-11-28 21:10:54 +03:00			`dataToSessionFile("[%s][%s][%s][DBMS][%s]\n" % (conf.url, kb.injection.place, safeFormatString(conf.parameters[kb.injection.place]), safeFormatString(dbms)))`
After the storm, a restore.. 2008-10-15 19:38:22 +04:00
fix for proper Firebird resume of version 2011-01-24 14:04:32 +03:00			`firstRegExp = "(%s)" % ("\|".join([alias for alias in SUPPORTED_DBMS]))`
After the storm, a restore.. 2008-10-15 19:38:22 +04:00			`dbmsRegExp = re.search("^%s" % firstRegExp, dbms, re.I)`

			`if dbmsRegExp:`
			`dbms = dbmsRegExp.group(1)`

refactoring (class names should always be Capital cased) 2011-01-28 19:36:09 +03:00			`Backend.setDbms(dbms)`
After the storm, a restore.. 2008-10-15 19:38:22 +04:00
refactoring (class names should always be Capital cased) 2011-01-28 19:36:09 +03:00			`logger.info("the back-end DBMS is %s" % Backend.getDbms())`
Minor adjustments 2008-12-31 00:24:01 +03:00
Updated to sqlmap 0.7 release candidate 1 2009-04-22 15:48:07 +04:00			`def setOs():`
			`"""`
			`Example of kb.bannerFp dictionary:`

			`{`
			`'sp': set(['Service Pack 4']),`
			`'dbmsVersion': '8.00.194',`
			`'dbmsServicePack': '0',`
			`'distrib': set(['2000']),`
			`'dbmsRelease': '2000',`
			`'type': set(['Windows'])`
			`}`
			`"""`

Minor code restyling 2011-04-30 17:20:05 +04:00			`infoMsg = ""`
Updated to sqlmap 0.7 release candidate 1 2009-04-22 15:48:07 +04:00			`condition = (`
			`not kb.resumedQueries`
			`or ( kb.resumedQueries.has_key(conf.url) and`
			`not kb.resumedQueries[conf.url].has_key("OS") )`
			`)`

			`if not kb.bannerFp:`
			`return`

			`if "type" in kb.bannerFp:`
Minor code refactoring relating set/get back-end DBMS operating system and minor bug fix to properly enforce OS value with --os switch 2011-04-23 20:25:09 +04:00			`Backend.setOs(Format.humanize(kb.bannerFp["type"]))`
			`infoMsg = "the back-end DBMS operating system is %s" % Backend.getOs()`
Updated to sqlmap 0.7 release candidate 1 2009-04-22 15:48:07 +04:00
			`if "distrib" in kb.bannerFp:`
refactoring (class names should always be Capital cased) 2011-01-28 19:36:09 +03:00			`kb.osVersion = Format.humanize(kb.bannerFp["distrib"])`
Major code refactoring - centralized all kb.dbms* info for both retrieval and set. 2011-01-20 02:06:15 +03:00			`infoMsg += " %s" % kb.osVersion`
Updated to sqlmap 0.7 release candidate 1 2009-04-22 15:48:07 +04:00
			`if "sp" in kb.bannerFp:`
refactoring (class names should always be Capital cased) 2011-01-28 19:36:09 +03:00			`kb.osSP = int(Format.humanize(kb.bannerFp["sp"]).replace("Service Pack ", ""))`
Updated to sqlmap 0.7 release candidate 1 2009-04-22 15:48:07 +04:00
Minor code refactoring relating set/get back-end DBMS operating system and minor bug fix to properly enforce OS value with --os switch 2011-04-23 20:25:09 +04:00			`elif "sp" not in kb.bannerFp and Backend.isOs(OS.WINDOWS):`
Updated to sqlmap 0.7 release candidate 1 2009-04-22 15:48:07 +04:00			`kb.osSP = 0`

Minor code refactoring relating set/get back-end DBMS operating system and minor bug fix to properly enforce OS value with --os switch 2011-04-23 20:25:09 +04:00			`if Backend.getOs() and kb.osVersion and kb.osSP:`
Updated to sqlmap 0.7 release candidate 1 2009-04-22 15:48:07 +04:00			`infoMsg += " Service Pack %d" % kb.osSP`

			`if infoMsg:`
			`logger.info(infoMsg)`

			`if condition:`
Minor code refactoring relating set/get back-end DBMS operating system and minor bug fix to properly enforce OS value with --os switch 2011-04-23 20:25:09 +04:00			`dataToSessionFile("[%s][%s][%s][OS][%s]\n" % (conf.url, kb.injection.place, safeFormatString(conf.parameters[kb.injection.place]), Backend.getOs()))`
Updated to sqlmap 0.7 release candidate 1 2009-04-22 15:48:07 +04:00
			`def setRemoteTempPath():`
			`condition = (`
			`not kb.resumedQueries or ( kb.resumedQueries.has_key(conf.url) and`
			`not kb.resumedQueries[conf.url].has_key("Remote temp path") )`
			`)`

			`if condition:`
Rewrite from scratch the detection engine. Now it performs checks defined in payload.xml. User can specify its own. All (hopefully) functionalities should still be working. Added two switches, --level and --risk to specify which injection tests and boundaries to use. The main advantage now is that sqlmap is able to identify initially which injection types are present so for instance if boolean-based blind is not supported, but error-based is, sqlmap will keep going and work! 2010-11-28 21:10:54 +03:00			`dataToSessionFile("[%s][%s][%s][Remote temp path][%s]\n" % (conf.url, kb.injection.place, safeFormatString(conf.parameters[kb.injection.place]), safeFormatString(conf.tmpPath)))`
Updated to sqlmap 0.7 release candidate 1 2009-04-22 15:48:07 +04:00
store/resume info on xp_cmd available in session file 2011-04-21 18:25:04 +04:00			`def setXpCmdshellAvailability(available):`
			`condition = (`
			`not kb.resumedQueries or ( kb.resumedQueries.has_key(conf.url) and`
			`not kb.resumedQueries[conf.url].has_key("xp_cmdshell availability") )`
			`)`

			`if condition:`
			`dataToSessionFile("[%s][%s][%s][xp_cmdshell availability][%s]\n" % (conf.url, kb.injection.place, safeFormatString(conf.parameters[kb.injection.place]), str(available).lower()))`

After the storm, a restore.. 2008-10-15 19:38:22 +04:00			`def resumeConfKb(expression, url, value):`
unfix 2011-05-11 01:33:06 +04:00			`if expression == "Injection data" and url == conf.url:`
minor update 2011-07-08 13:32:58 +04:00			`try:`
			`injection = base64unpickle(value[:-1])`
quick fix 2011-07-09 02:34:44 +04:00			`except AttributeError:`
minor update 2011-07-08 13:32:58 +04:00			`warnMsg = "there were some changes in data model "`
			`warnMsg += "preventing normal resume of previously stored "`
			`warnMsg += "injection data. please use the --flush-session "`
			`warnMsg += "to have it fixed"`
			`singleTimeWarnMessage(warnMsg)`
			`return`
Properly handle --technique at save/resume phase 2011-02-02 01:05:48 +03:00
unfix 2011-05-11 01:33:06 +04:00			`infoMsg = "resuming injection data from session file"`
			`logger.info(infoMsg)`

Properly handle --technique at save/resume phase 2011-02-02 01:05:48 +03:00			`if injection.place in conf.paramDict and \`
			`injection.parameter in conf.paramDict[injection.place]:`

closes #219 - unhidden switch --technique and adapted code accordingly (renamed conf.technique to conf.tech to fit properly in the -h help message) 2011-04-06 18:41:44 +04:00			`if not conf.tech or intersect(conf.tech, injection.data.keys()):`
			`if intersect(conf.tech, injection.data.keys()):`
			`injection.data = dict(filter(lambda (key, item): key in conf.tech, injection.data.items()))`
minor improvement 2011-03-01 13:38:27 +03:00
unfix 2011-05-11 01:33:06 +04:00			`if injection not in kb.injections:`
minor update 2011-02-21 00:27:38 +03:00			`kb.injections.append(injection)`
fix for a bug reported by ToR (origValue = paramDict[kb.injection.parameter] -> KeyError in resume with missing injection parameter) 2010-12-07 13:57:32 +03:00			`else:`
			`warnMsg = "there is an injection in %s parameter '%s' " % (injection.place, injection.parameter)`
			`warnMsg += "but you did not provided it this time"`
			`logger.warn(warnMsg)`

bug fix (dynamic markings were not restored in program rerun which potentially led to no data retrieved) 2010-12-29 22:48:19 +03:00			`elif expression == "Dynamic markings" and url == conf.url:`
			`kb.dynamicMarkings = base64unpickle(value[:-1])`
Minor variable rename 2011-04-30 19:29:59 +04:00			`infoMsg = "resuming dynamic markings from session file"`
			`logger.info(infoMsg)`
bug fix (dynamic markings were not restored in program rerun which potentially led to no data retrieved) 2010-12-29 22:48:19 +03:00
After the storm, a restore.. 2008-10-15 19:38:22 +04:00			`elif expression == "DBMS" and url == conf.url:`
Minor code restyling 2011-04-30 17:20:05 +04:00			`dbms = unSafeFormatString(value[:-1])`
			`dbms = dbms.lower()`
code refactoring (added UNKNOWN_DBMS_VERSION instead of "Unknown") 2010-12-18 00:29:09 +03:00			`dbmsVersion = [UNKNOWN_DBMS_VERSION]`
After the storm, a restore.. 2008-10-15 19:38:22 +04:00
Minor variable rename 2011-04-30 19:29:59 +04:00			`infoMsg = "resuming back-end DBMS '%s' " % dbms`
			`infoMsg += "from session file"`
			`logger.info(infoMsg)`
After the storm, a restore.. 2008-10-15 19:38:22 +04:00
fix for proper Firebird resume of version 2011-01-24 14:04:32 +03:00			`firstRegExp = "(%s)" % ("\|".join([alias for alias in SUPPORTED_DBMS]))`
After the storm, a restore.. 2008-10-15 19:38:22 +04:00			`dbmsRegExp = re.search("%s ([\d\.]+)" % firstRegExp, dbms)`

			`if dbmsRegExp:`
Minor code restyling 2011-04-30 17:20:05 +04:00			`dbms = dbmsRegExp.group(1)`
Minor bug fix to --dbms, updated user's manual 2009-07-09 15:05:24 +04:00			`dbmsVersion = [ dbmsRegExp.group(2) ]`
After the storm, a restore.. 2008-10-15 19:38:22 +04:00
			`if conf.dbms and conf.dbms.lower() != dbms:`
Minor code restyling 2011-04-30 17:20:05 +04:00			`message = "you provided '%s' as back-end DBMS, " % conf.dbms`
After the storm, a restore.. 2008-10-15 19:38:22 +04:00			`message += "but from a past scan information on the target URL "`
			`message += "sqlmap assumes the back-end DBMS is %s. " % dbms`
			`message += "Do you really want to force the back-end "`
			`message += "DBMS value? [y/N] "`
			`test = readInput(message, default="N")`

			`if not test or test[0] in ("n", "N"):`
cleanest fix this moment (conf.dbms will for sure deal problems later in any form) 2011-06-22 19:48:44 +04:00			`conf.dbms = None`
refactoring (class names should always be Capital cased) 2011-01-28 19:36:09 +03:00			`Backend.setDbms(dbms)`
			`Backend.setVersionList(dbmsVersion)`
After the storm, a restore.. 2008-10-15 19:38:22 +04:00			`else:`
refactoring (class names should always be Capital cased) 2011-01-28 19:36:09 +03:00			`Backend.setDbms(dbms)`
			`Backend.setVersionList(dbmsVersion)`
After the storm, a restore.. 2008-10-15 19:38:22 +04:00
Updated to sqlmap 0.7 release candidate 1 2009-04-22 15:48:07 +04:00			`elif expression == "OS" and url == conf.url:`
bug fix (reported by james@ev6.net) 2010-10-11 00:51:11 +04:00			`os = unSafeFormatString(value[:-1])`
Updated to sqlmap 0.7 release candidate 1 2009-04-22 15:48:07 +04:00
another fix (OS was set to None at all previous sessions if there was no explicit OS testing done) 2011-01-02 11:08:38 +03:00			`if os and os != 'None':`
Minor variable rename 2011-04-30 19:29:59 +04:00			`infoMsg = "resuming back-end DBMS operating system '%s' " % os`
			`infoMsg += "from session file"`
			`logger.info(infoMsg)`
another fix (OS was set to None at all previous sessions if there was no explicit OS testing done) 2011-01-02 11:08:38 +03:00
			`if conf.os and conf.os.lower() != os.lower():`
Minor code restyling 2011-04-30 17:20:05 +04:00			`message = "you provided '%s' as back-end DBMS operating " % conf.os`
another fix (OS was set to None at all previous sessions if there was no explicit OS testing done) 2011-01-02 11:08:38 +03:00			`message += "system, but from a past scan information on the "`
			`message += "target URL sqlmap assumes the back-end DBMS "`
			`message += "operating system is %s. " % os`
			`message += "Do you really want to force the back-end DBMS "`
			`message += "OS value? [y/N] "`
			`test = readInput(message, default="N")`

			`if not test or test[0] in ("n", "N"):`
			`conf.os = os`
			`else:`
Updated to sqlmap 0.7 release candidate 1 2009-04-22 15:48:07 +04:00			`conf.os = os`

Minor code refactoring relating set/get back-end DBMS operating system and minor bug fix to properly enforce OS value with --os switch 2011-04-23 20:25:09 +04:00			`Backend.setOs(conf.os)`

Allow user to force temporary folder with --tmp-path even if it has been saved one in the session file 2011-04-21 18:05:37 +04:00			`elif expression == "Remote temp path" and url == conf.url and conf.tmpPath is None:`
More code cleanup 2011-01-16 02:11:36 +03:00			`conf.tmpPath = unSafeFormatString(value[:-1])`

Minor variable rename 2011-04-30 19:29:59 +04:00			`infoMsg = "resuming remote absolute path of temporary "`
			`infoMsg += "files directory '%s' from session file" % conf.tmpPath`
			`logger.info(infoMsg)`
More code cleanup 2011-01-16 02:11:36 +03:00
minor update 2011-06-28 01:48:26 +04:00			`elif conf.freshQueries:`
			`pass`

store/resume info on xp_cmd available in session file 2011-04-21 18:25:04 +04:00			`elif expression == "xp_cmdshell availability" and url == conf.url:`
			`kb.xpCmdshellAvailable = True if unSafeFormatString(value[:-1]).lower() == "true" else False`
Minor variable rename 2011-04-30 19:29:59 +04:00			`infoMsg = "resuming xp_cmdshell availability"`
			`logger.info(infoMsg)`