2008-10-15 19:38:22 +04:00
|
|
|
#!/usr/bin/env python
|
|
|
|
|
|
|
|
"""
|
2012-07-12 21:38:03 +04:00
|
|
|
Copyright (c) 2006-2012 sqlmap developers (http://sqlmap.org/)
|
2010-10-15 03:18:29 +04:00
|
|
|
See the file 'doc/COPYING' for copying permission
|
2008-10-15 19:38:22 +04:00
|
|
|
"""
|
|
|
|
|
2012-03-08 15:08:43 +04:00
|
|
|
import binascii
|
2010-05-24 15:00:49 +04:00
|
|
|
import codecs
|
2008-10-15 19:38:22 +04:00
|
|
|
import os
|
2010-06-30 01:07:23 +04:00
|
|
|
import re
|
2010-12-09 00:16:18 +03:00
|
|
|
import tempfile
|
2008-10-15 19:38:22 +04:00
|
|
|
import time
|
|
|
|
|
2012-06-21 14:09:10 +04:00
|
|
|
from lib.core.common import Backend
|
2012-02-25 14:43:10 +04:00
|
|
|
from lib.core.common import hashDBRetrieve
|
2011-02-14 00:58:48 +03:00
|
|
|
from lib.core.common import intersect
|
2008-10-15 19:38:22 +04:00
|
|
|
from lib.core.common import paramToDict
|
2010-10-10 22:56:43 +04:00
|
|
|
from lib.core.common import readInput
|
2012-03-08 14:19:34 +04:00
|
|
|
from lib.core.common import resetCookieJar
|
2011-01-27 21:36:28 +03:00
|
|
|
from lib.core.convert import urldecode
|
2011-01-02 13:37:32 +03:00
|
|
|
from lib.core.data import cmdLineOptions
|
2008-10-15 19:38:22 +04:00
|
|
|
from lib.core.data import conf
|
|
|
|
from lib.core.data import kb
|
2009-09-26 03:03:45 +04:00
|
|
|
from lib.core.data import logger
|
2008-10-15 19:38:22 +04:00
|
|
|
from lib.core.data import paths
|
|
|
|
from lib.core.dump import dumper
|
2011-12-28 17:50:03 +04:00
|
|
|
from lib.core.enums import HASHDB_KEYS
|
2010-11-08 12:44:32 +03:00
|
|
|
from lib.core.enums import HTTPMETHOD
|
|
|
|
from lib.core.enums import PLACE
|
2008-10-15 19:38:22 +04:00
|
|
|
from lib.core.exception import sqlmapFilePathException
|
|
|
|
from lib.core.exception import sqlmapGenericException
|
|
|
|
from lib.core.exception import sqlmapSyntaxException
|
2011-05-08 10:17:43 +04:00
|
|
|
from lib.core.exception import sqlmapUserQuitException
|
2012-06-05 02:30:12 +04:00
|
|
|
from lib.core.option import authHandler
|
2010-12-18 13:02:01 +03:00
|
|
|
from lib.core.option import __setDBMS
|
2010-11-17 18:33:07 +03:00
|
|
|
from lib.core.option import __setKnowledgeBaseAttributes
|
2012-04-17 12:41:19 +04:00
|
|
|
from lib.core.settings import CUSTOM_INJECTION_MARK_CHAR
|
2011-12-20 16:52:41 +04:00
|
|
|
from lib.core.settings import HOST_ALIASES
|
2011-02-14 00:58:48 +03:00
|
|
|
from lib.core.settings import REFERER_ALIASES
|
2011-05-16 02:21:38 +04:00
|
|
|
from lib.core.settings import RESULTS_FILE_FORMAT
|
2011-04-18 02:37:00 +04:00
|
|
|
from lib.core.settings import SOAP_REGEX
|
2012-06-21 14:09:10 +04:00
|
|
|
from lib.core.settings import SUPPORTED_DBMS
|
2011-10-25 13:53:44 +04:00
|
|
|
from lib.core.settings import UNENCODED_ORIGINAL_VALUE
|
2011-01-30 14:36:03 +03:00
|
|
|
from lib.core.settings import UNICODE_ENCODING
|
2012-06-21 14:09:10 +04:00
|
|
|
from lib.core.settings import UNKNOWN_DBMS_VERSION
|
2011-01-31 23:36:01 +03:00
|
|
|
from lib.core.settings import URI_INJECTABLE_REGEX
|
2011-02-14 00:58:48 +03:00
|
|
|
from lib.core.settings import USER_AGENT_ALIASES
|
2011-09-26 00:36:32 +04:00
|
|
|
from lib.utils.hashdb import HashDB
|
2010-05-28 20:43:04 +04:00
|
|
|
from lib.core.xmldump import dumper as xmldumper
|
2008-10-15 19:38:22 +04:00
|
|
|
|
|
|
|
def __setRequestParams():
|
|
|
|
"""
|
|
|
|
Check and set the parameters and perform checks on 'data' option for
|
|
|
|
HTTP method POST.
|
|
|
|
"""
|
|
|
|
|
2010-03-27 02:23:25 +03:00
|
|
|
if conf.direct:
|
|
|
|
conf.parameters[None] = "direct connection"
|
|
|
|
return
|
|
|
|
|
2012-04-17 18:23:00 +04:00
|
|
|
testableParameters = False
|
2008-10-15 19:38:22 +04:00
|
|
|
|
|
|
|
# Perform checks on GET parameters
|
2010-11-08 12:44:32 +03:00
|
|
|
if conf.parameters.has_key(PLACE.GET) and conf.parameters[PLACE.GET]:
|
|
|
|
parameters = conf.parameters[PLACE.GET]
|
2012-04-17 18:23:00 +04:00
|
|
|
paramDict = paramToDict(PLACE.GET, parameters)
|
2008-10-15 19:38:22 +04:00
|
|
|
|
2012-04-17 18:23:00 +04:00
|
|
|
if paramDict:
|
|
|
|
conf.paramDict[PLACE.GET] = paramDict
|
|
|
|
testableParameters = True
|
2008-10-15 19:38:22 +04:00
|
|
|
|
|
|
|
# Perform checks on POST parameters
|
2010-11-08 12:44:32 +03:00
|
|
|
if conf.method == HTTPMETHOD.POST and not conf.data:
|
2008-10-15 19:38:22 +04:00
|
|
|
errMsg = "HTTP POST method depends on HTTP data value to be posted"
|
|
|
|
raise sqlmapSyntaxException, errMsg
|
|
|
|
|
|
|
|
if conf.data:
|
2011-10-25 13:53:44 +04:00
|
|
|
if hasattr(conf.data, UNENCODED_ORIGINAL_VALUE):
|
|
|
|
original = getattr(conf.data, UNENCODED_ORIGINAL_VALUE)
|
|
|
|
conf.data = type(conf.data)(conf.data.replace("\n", " "))
|
|
|
|
setattr(conf.data, UNENCODED_ORIGINAL_VALUE, original)
|
|
|
|
else:
|
|
|
|
conf.data = conf.data.replace("\n", " ")
|
2010-06-30 01:07:23 +04:00
|
|
|
|
2012-07-13 14:22:37 +04:00
|
|
|
place = PLACE.SOAP if re.match(SOAP_REGEX, conf.data, re.I | re.M) else PLACE.POST
|
2011-04-18 01:39:00 +04:00
|
|
|
|
|
|
|
conf.parameters[place] = conf.data
|
2012-04-17 18:23:00 +04:00
|
|
|
paramDict = paramToDict(place, conf.data)
|
2008-10-15 19:38:22 +04:00
|
|
|
|
2012-04-17 18:23:00 +04:00
|
|
|
if paramDict:
|
|
|
|
conf.paramDict[place] = paramDict
|
|
|
|
testableParameters = True
|
2008-10-15 19:38:22 +04:00
|
|
|
|
2010-11-08 12:44:32 +03:00
|
|
|
conf.method = HTTPMETHOD.POST
|
2010-01-02 05:02:12 +03:00
|
|
|
|
2011-05-08 10:28:58 +04:00
|
|
|
if re.search(URI_INJECTABLE_REGEX, conf.url, re.I) and not any(map(lambda place: place in conf.parameters, [PLACE.GET, PLACE.POST])):
|
|
|
|
warnMsg = "you've provided target url without any GET "
|
|
|
|
warnMsg += "parameters (e.g. www.site.com/article.php?id=1) "
|
|
|
|
warnMsg += "and without providing any POST parameters "
|
|
|
|
warnMsg += "through --data option"
|
2011-05-08 10:17:43 +04:00
|
|
|
logger.warn(warnMsg)
|
|
|
|
|
|
|
|
message = "do you want to try URI injections "
|
|
|
|
message += "in the target url itself? [Y/n/q] "
|
|
|
|
test = readInput(message, default="Y")
|
|
|
|
|
2012-04-17 18:23:00 +04:00
|
|
|
if not test or test[0] not in ("n", "N"):
|
2012-04-17 12:41:19 +04:00
|
|
|
conf.url = "%s%s" % (conf.url, CUSTOM_INJECTION_MARK_CHAR)
|
2012-04-17 18:23:00 +04:00
|
|
|
kb.processUserMarks = True
|
2011-05-08 10:17:43 +04:00
|
|
|
elif test[0] in ("q", "Q"):
|
|
|
|
raise sqlmapUserQuitException
|
2011-01-31 23:36:01 +03:00
|
|
|
|
2012-04-17 18:23:00 +04:00
|
|
|
for place, value in ((PLACE.URI, conf.url), (PLACE.CUSTOM_POST, conf.data)):
|
|
|
|
if CUSTOM_INJECTION_MARK_CHAR in (value or ""):
|
|
|
|
if kb.processUserMarks is None:
|
2012-07-13 14:13:04 +04:00
|
|
|
message = "custom injection marking character ('%s') found in option " % CUSTOM_INJECTION_MARK_CHAR
|
2012-04-17 18:23:00 +04:00
|
|
|
message += "'%s'. Do you want to process it? [Y/n/q] " % {PLACE.URI: '-u', PLACE.CUSTOM_POST: '--data'}[place]
|
|
|
|
test = readInput(message, default="Y")
|
|
|
|
if test and test[0] in ("q", "Q"):
|
|
|
|
raise sqlmapUserQuitException
|
|
|
|
else:
|
|
|
|
kb.processUserMarks = not test or test[0] not in ("n", "N")
|
2011-04-22 01:15:23 +04:00
|
|
|
|
2012-04-17 18:23:00 +04:00
|
|
|
if not kb.processUserMarks:
|
|
|
|
continue
|
2011-04-22 01:15:23 +04:00
|
|
|
|
2012-04-17 18:23:00 +04:00
|
|
|
conf.parameters[place] = value
|
|
|
|
conf.paramDict[place] = {}
|
|
|
|
parts = value.split(CUSTOM_INJECTION_MARK_CHAR)
|
2011-04-22 01:15:23 +04:00
|
|
|
|
2012-04-17 18:23:00 +04:00
|
|
|
for i in xrange(len(parts) - 1):
|
|
|
|
conf.paramDict[place]["#%d%s" % (i + 1, CUSTOM_INJECTION_MARK_CHAR)] = "".join("%s%s" % (parts[j], CUSTOM_INJECTION_MARK_CHAR if i == j else "") for j in xrange(len(parts)))
|
2011-04-22 01:15:23 +04:00
|
|
|
|
2012-04-17 18:23:00 +04:00
|
|
|
if place == PLACE.URI and PLACE.GET in conf.paramDict:
|
|
|
|
del conf.paramDict[PLACE.GET]
|
|
|
|
elif place == PLACE.CUSTOM_POST and PLACE.POST in conf.paramDict:
|
|
|
|
del conf.paramDict[PLACE.POST]
|
2011-04-22 01:15:23 +04:00
|
|
|
|
2012-04-17 18:23:00 +04:00
|
|
|
testableParameters = True
|
|
|
|
|
|
|
|
if kb.processUserMarks:
|
|
|
|
conf.url = conf.url.replace(CUSTOM_INJECTION_MARK_CHAR, "")
|
|
|
|
conf.data = conf.data.replace(CUSTOM_INJECTION_MARK_CHAR, "") if conf.data else conf.data
|
2010-09-22 15:56:35 +04:00
|
|
|
|
2008-10-15 19:38:22 +04:00
|
|
|
# Perform checks on Cookie parameters
|
|
|
|
if conf.cookie:
|
2010-11-08 12:44:32 +03:00
|
|
|
conf.parameters[PLACE.COOKIE] = conf.cookie
|
2012-04-17 18:23:00 +04:00
|
|
|
paramDict = paramToDict(PLACE.COOKIE, conf.cookie)
|
2008-10-15 19:38:22 +04:00
|
|
|
|
2012-04-17 18:23:00 +04:00
|
|
|
if paramDict:
|
|
|
|
conf.paramDict[PLACE.COOKIE] = paramDict
|
|
|
|
testableParameters = True
|
2008-10-15 19:38:22 +04:00
|
|
|
|
2011-12-20 16:52:41 +04:00
|
|
|
# Perform checks on header values
|
2008-10-15 19:38:22 +04:00
|
|
|
if conf.httpHeaders:
|
|
|
|
for httpHeader, headerValue in conf.httpHeaders:
|
2012-03-16 15:18:18 +04:00
|
|
|
# Url encoding of the header values should be avoided
|
|
|
|
# Reference: http://stackoverflow.com/questions/5085904/is-ok-to-urlencode-the-value-in-headerlocation-value
|
|
|
|
|
2010-11-08 15:36:48 +03:00
|
|
|
if httpHeader == PLACE.UA:
|
2011-01-27 21:36:28 +03:00
|
|
|
conf.parameters[PLACE.UA] = urldecode(headerValue)
|
2008-10-15 19:38:22 +04:00
|
|
|
|
2011-11-21 00:14:47 +04:00
|
|
|
condition = any((not conf.testParameter, intersect(conf.testParameter, USER_AGENT_ALIASES)))
|
2008-10-15 19:38:22 +04:00
|
|
|
|
|
|
|
if condition:
|
2012-07-13 14:22:37 +04:00
|
|
|
conf.paramDict[PLACE.UA] = {PLACE.UA: headerValue}
|
2012-04-17 18:23:00 +04:00
|
|
|
testableParameters = True
|
2008-10-15 19:38:22 +04:00
|
|
|
|
2011-02-12 02:07:03 +03:00
|
|
|
elif httpHeader == PLACE.REFERER:
|
|
|
|
conf.parameters[PLACE.REFERER] = urldecode(headerValue)
|
|
|
|
|
2011-11-21 00:14:47 +04:00
|
|
|
condition = any((not conf.testParameter, intersect(conf.testParameter, REFERER_ALIASES)))
|
2011-02-12 02:07:03 +03:00
|
|
|
|
|
|
|
if condition:
|
2012-07-13 14:22:37 +04:00
|
|
|
conf.paramDict[PLACE.REFERER] = {PLACE.REFERER: headerValue}
|
2012-04-17 18:23:00 +04:00
|
|
|
testableParameters = True
|
2011-02-12 02:07:03 +03:00
|
|
|
|
2011-12-20 16:52:41 +04:00
|
|
|
elif httpHeader == PLACE.HOST:
|
|
|
|
conf.parameters[PLACE.HOST] = urldecode(headerValue)
|
|
|
|
|
|
|
|
condition = any((not conf.testParameter, intersect(conf.testParameter, HOST_ALIASES)))
|
|
|
|
|
|
|
|
if condition:
|
2012-07-13 14:22:37 +04:00
|
|
|
conf.paramDict[PLACE.HOST] = {PLACE.HOST: headerValue}
|
2012-04-17 18:23:00 +04:00
|
|
|
testableParameters = True
|
2011-12-20 16:52:41 +04:00
|
|
|
|
2008-10-15 19:38:22 +04:00
|
|
|
if not conf.parameters:
|
2011-04-30 17:20:05 +04:00
|
|
|
errMsg = "you did not provide any GET, POST and Cookie "
|
2011-12-20 16:52:41 +04:00
|
|
|
errMsg += "parameter, neither an User-Agent, Referer or Host header value"
|
2008-10-15 19:38:22 +04:00
|
|
|
raise sqlmapGenericException, errMsg
|
|
|
|
|
2012-04-17 18:23:00 +04:00
|
|
|
elif not testableParameters:
|
2011-04-30 17:20:05 +04:00
|
|
|
errMsg = "all testable parameters you provided are not present "
|
2008-10-15 19:38:22 +04:00
|
|
|
errMsg += "within the GET, POST and Cookie parameters"
|
|
|
|
raise sqlmapGenericException, errMsg
|
|
|
|
|
2011-09-26 17:01:43 +04:00
|
|
|
def __setHashDB():
|
|
|
|
"""
|
|
|
|
Check and set the HashDB SQLite file for query resume functionality.
|
|
|
|
"""
|
2011-11-22 12:39:13 +04:00
|
|
|
|
2011-09-26 17:01:43 +04:00
|
|
|
if not conf.hashDBFile:
|
2012-07-07 21:02:46 +04:00
|
|
|
conf.hashDBFile = "%s%ssession.sqlite" % (conf.outputPath, os.sep)
|
2011-09-26 17:01:43 +04:00
|
|
|
|
|
|
|
if os.path.exists(conf.hashDBFile):
|
|
|
|
if conf.flushSession:
|
|
|
|
try:
|
|
|
|
os.remove(conf.hashDBFile)
|
2012-07-07 21:02:46 +04:00
|
|
|
logger.info("flushing session file")
|
2011-09-26 17:01:43 +04:00
|
|
|
except OSError, msg:
|
2012-07-07 21:02:46 +04:00
|
|
|
errMsg = "unable to flush the session file (%s)" % msg
|
2011-09-26 17:01:43 +04:00
|
|
|
raise sqlmapFilePathException, errMsg
|
|
|
|
|
|
|
|
conf.hashDB = HashDB(conf.hashDBFile)
|
|
|
|
|
2011-11-22 12:39:13 +04:00
|
|
|
def __resumeHashDBValues():
|
|
|
|
"""
|
|
|
|
Resume stored data values from HashDB
|
|
|
|
"""
|
|
|
|
|
2012-03-13 02:55:57 +04:00
|
|
|
kb.absFilePaths = hashDBRetrieve(HASHDB_KEYS.KB_ABS_FILE_PATHS, True) or kb.absFilePaths
|
|
|
|
kb.chars = hashDBRetrieve(HASHDB_KEYS.KB_CHARS, True) or kb.chars
|
|
|
|
kb.dynamicMarkings = hashDBRetrieve(HASHDB_KEYS.KB_DYNAMIC_MARKINGS, True) or kb.dynamicMarkings
|
|
|
|
kb.brute.tables = hashDBRetrieve(HASHDB_KEYS.KB_BRUTE_TABLES, True) or kb.brute.tables
|
|
|
|
kb.brute.columns = hashDBRetrieve(HASHDB_KEYS.KB_BRUTE_COLUMNS, True) or kb.brute.columns
|
|
|
|
kb.xpCmdshellAvailable = hashDBRetrieve(HASHDB_KEYS.KB_XP_CMDSHELL_AVAILABLE) or kb.xpCmdshellAvailable
|
|
|
|
|
|
|
|
conf.tmpPath = conf.tmpPath or hashDBRetrieve(HASHDB_KEYS.CONF_TMP_PATH)
|
|
|
|
|
|
|
|
for injection in hashDBRetrieve(HASHDB_KEYS.KB_INJECTIONS, True) or []:
|
|
|
|
if injection.place in conf.paramDict and \
|
|
|
|
injection.parameter in conf.paramDict[injection.place]:
|
|
|
|
|
|
|
|
if not conf.tech or intersect(conf.tech, injection.data.keys()):
|
|
|
|
if intersect(conf.tech, injection.data.keys()):
|
|
|
|
injection.data = dict(filter(lambda (key, item): key in conf.tech, injection.data.items()))
|
|
|
|
|
|
|
|
if injection not in kb.injections:
|
|
|
|
kb.injections.append(injection)
|
2012-02-27 17:44:07 +04:00
|
|
|
|
2012-06-21 14:09:10 +04:00
|
|
|
__resumeDBMS()
|
|
|
|
__resumeOS()
|
|
|
|
|
|
|
|
def __resumeDBMS():
|
2008-10-15 19:38:22 +04:00
|
|
|
"""
|
2012-06-21 14:09:10 +04:00
|
|
|
Resume stored DBMS information from HashDB
|
2008-10-15 19:38:22 +04:00
|
|
|
"""
|
|
|
|
|
2012-06-21 14:09:10 +04:00
|
|
|
value = hashDBRetrieve(HASHDB_KEYS.DBMS)
|
2010-04-12 13:35:20 +04:00
|
|
|
|
2012-06-21 14:09:10 +04:00
|
|
|
if not value:
|
|
|
|
return
|
2010-11-03 13:08:27 +03:00
|
|
|
|
2012-06-21 14:09:10 +04:00
|
|
|
dbms = value.lower()
|
|
|
|
dbmsVersion = [UNKNOWN_DBMS_VERSION]
|
|
|
|
_ = "(%s)" % ("|".join([alias for alias in SUPPORTED_DBMS]))
|
|
|
|
_ = re.search("%s ([\d\.]+)" % _, dbms, re.I)
|
|
|
|
|
|
|
|
if _:
|
|
|
|
dbms = _.group(1).lower()
|
|
|
|
dbmsVersion = [_.group(2)]
|
|
|
|
|
|
|
|
if conf.dbms:
|
|
|
|
if conf.dbms.lower() != dbms:
|
|
|
|
message = "you provided '%s' as back-end DBMS, " % conf.dbms
|
|
|
|
message += "but from a past scan information on the target URL "
|
|
|
|
message += "sqlmap assumes the back-end DBMS is %s. " % dbms
|
|
|
|
message += "Do you really want to force the back-end "
|
|
|
|
message += "DBMS value? [y/N] "
|
|
|
|
test = readInput(message, default="N")
|
|
|
|
|
|
|
|
if not test or test[0] in ("n", "N"):
|
|
|
|
conf.dbms = None
|
|
|
|
Backend.setDbms(dbms)
|
|
|
|
Backend.setVersionList(dbmsVersion)
|
|
|
|
else:
|
|
|
|
infoMsg = "resuming back-end DBMS '%s' " % dbms
|
|
|
|
logger.info(infoMsg)
|
2010-11-03 13:08:27 +03:00
|
|
|
|
2012-06-21 14:09:10 +04:00
|
|
|
Backend.setDbms(dbms)
|
|
|
|
Backend.setVersionList(dbmsVersion)
|
2010-11-03 13:08:27 +03:00
|
|
|
|
2012-06-21 14:09:10 +04:00
|
|
|
def __resumeOS():
|
|
|
|
"""
|
|
|
|
Resume stored OS information from HashDB
|
|
|
|
"""
|
2010-04-12 13:35:20 +04:00
|
|
|
|
2012-06-21 14:09:10 +04:00
|
|
|
value = hashDBRetrieve(HASHDB_KEYS.OS)
|
2010-04-12 13:35:20 +04:00
|
|
|
|
2012-06-21 14:09:10 +04:00
|
|
|
if not value:
|
|
|
|
return
|
2010-11-03 13:08:27 +03:00
|
|
|
|
2012-06-21 14:09:10 +04:00
|
|
|
os = value
|
2010-11-03 13:08:27 +03:00
|
|
|
|
2012-06-21 14:09:10 +04:00
|
|
|
if os and os != 'None':
|
|
|
|
infoMsg = "resuming back-end DBMS operating system '%s' " % os
|
|
|
|
logger.info(infoMsg)
|
2010-05-11 17:36:30 +04:00
|
|
|
|
2012-06-21 14:09:10 +04:00
|
|
|
if conf.os and conf.os.lower() != os.lower():
|
|
|
|
message = "you provided '%s' as back-end DBMS operating " % conf.os
|
|
|
|
message += "system, but from a past scan information on the "
|
|
|
|
message += "target URL sqlmap assumes the back-end DBMS "
|
|
|
|
message += "operating system is %s. " % os
|
|
|
|
message += "Do you really want to force the back-end DBMS "
|
|
|
|
message += "OS value? [y/N] "
|
|
|
|
test = readInput(message, default="N")
|
2010-12-01 01:40:25 +03:00
|
|
|
|
2012-06-21 14:09:10 +04:00
|
|
|
if not test or test[0] in ("n", "N"):
|
|
|
|
conf.os = os
|
2010-03-04 16:01:18 +03:00
|
|
|
else:
|
2012-06-21 14:09:10 +04:00
|
|
|
conf.os = os
|
2008-10-15 19:38:22 +04:00
|
|
|
|
2012-06-21 14:09:10 +04:00
|
|
|
Backend.setOs(conf.os)
|
2008-10-15 19:38:22 +04:00
|
|
|
|
2011-05-16 02:21:38 +04:00
|
|
|
def __setResultsFile():
|
|
|
|
"""
|
2012-02-22 14:40:11 +04:00
|
|
|
Create results file for storing results of running in a
|
2011-05-16 02:21:38 +04:00
|
|
|
multiple target mode.
|
|
|
|
"""
|
|
|
|
|
|
|
|
if not conf.multipleTargets:
|
|
|
|
return
|
|
|
|
|
|
|
|
if not conf.resultsFP:
|
|
|
|
conf.resultsFilename = "%s%s%s" % (paths.SQLMAP_OUTPUT_PATH, os.sep, time.strftime(RESULTS_FILE_FORMAT).lower())
|
|
|
|
conf.resultsFP = codecs.open(conf.resultsFilename, "w+", UNICODE_ENCODING)
|
|
|
|
conf.resultsFP.writelines("Target url,Place,Parameter,Techniques%s" % os.linesep)
|
|
|
|
|
|
|
|
logger.info("using '%s' as results file" % conf.resultsFilename)
|
|
|
|
|
2012-06-05 02:30:12 +04:00
|
|
|
def __setAuthCred():
|
|
|
|
"""
|
|
|
|
Adds authentication credentials (if any) for current target to the password manager (used by connection handler).
|
|
|
|
"""
|
|
|
|
|
|
|
|
if kb.passwordMgr:
|
|
|
|
kb.passwordMgr.add_password(None, "%s://%s" % (conf.scheme, conf.hostname), conf.authUsername, conf.authPassword)
|
|
|
|
|
2008-10-15 19:38:22 +04:00
|
|
|
def __createFilesDir():
|
|
|
|
"""
|
|
|
|
Create the file directory.
|
|
|
|
"""
|
|
|
|
|
|
|
|
if not conf.rFile:
|
|
|
|
return
|
|
|
|
|
|
|
|
conf.filePath = paths.SQLMAP_FILES_PATH % conf.hostname
|
|
|
|
|
|
|
|
if not os.path.isdir(conf.filePath):
|
|
|
|
os.makedirs(conf.filePath, 0755)
|
|
|
|
|
|
|
|
def __createDumpDir():
|
|
|
|
"""
|
|
|
|
Create the dump directory.
|
|
|
|
"""
|
|
|
|
|
2010-06-02 15:01:41 +04:00
|
|
|
if not conf.dumpTable and not conf.dumpAll and not conf.search:
|
2008-10-15 19:38:22 +04:00
|
|
|
return
|
|
|
|
|
|
|
|
conf.dumpPath = paths.SQLMAP_DUMP_PATH % conf.hostname
|
|
|
|
|
|
|
|
if not os.path.isdir(conf.dumpPath):
|
|
|
|
os.makedirs(conf.dumpPath, 0755)
|
|
|
|
|
2010-05-28 20:43:04 +04:00
|
|
|
def __configureDumper():
|
2011-02-27 15:17:41 +03:00
|
|
|
if hasattr(conf, 'xmlFile') and conf.xmlFile:
|
2010-05-28 20:43:04 +04:00
|
|
|
conf.dumper = xmldumper
|
|
|
|
else:
|
|
|
|
conf.dumper = dumper
|
|
|
|
|
|
|
|
conf.dumper.setOutputFile()
|
|
|
|
|
2010-03-15 14:55:13 +03:00
|
|
|
def __createTargetDirs():
|
2009-09-26 03:03:45 +04:00
|
|
|
"""
|
|
|
|
Create the output directory.
|
|
|
|
"""
|
|
|
|
|
|
|
|
if not os.path.isdir(paths.SQLMAP_OUTPUT_PATH):
|
2010-12-09 00:16:18 +03:00
|
|
|
try:
|
|
|
|
os.makedirs(paths.SQLMAP_OUTPUT_PATH, 0755)
|
2010-12-09 12:24:20 +03:00
|
|
|
except OSError, msg:
|
2010-12-09 00:16:18 +03:00
|
|
|
tempDir = tempfile.mkdtemp(prefix='output')
|
2010-12-09 12:24:20 +03:00
|
|
|
warnMsg = "unable to create default root output directory "
|
|
|
|
warnMsg += "'%s' (%s). " % (paths.SQLMAP_OUTPUT_PATH, msg)
|
|
|
|
warnMsg += "using temporary directory '%s' instead" % tempDir
|
2010-12-09 00:16:18 +03:00
|
|
|
logger.warn(warnMsg)
|
|
|
|
|
|
|
|
paths.SQLMAP_OUTPUT_PATH = tempDir
|
|
|
|
|
|
|
|
conf.outputPath = "%s%s%s" % (paths.SQLMAP_OUTPUT_PATH, os.sep, conf.hostname)
|
2009-09-26 03:03:45 +04:00
|
|
|
|
|
|
|
if not os.path.isdir(conf.outputPath):
|
2010-12-09 00:16:18 +03:00
|
|
|
try:
|
|
|
|
os.makedirs(conf.outputPath, 0755)
|
2010-12-09 12:24:20 +03:00
|
|
|
except OSError, msg:
|
2010-12-09 00:16:18 +03:00
|
|
|
tempDir = tempfile.mkdtemp(prefix='output')
|
2010-12-09 12:24:20 +03:00
|
|
|
warnMsg = "unable to create output directory "
|
|
|
|
warnMsg += "'%s' (%s). " % (conf.outputPath, msg)
|
2010-12-09 00:16:18 +03:00
|
|
|
warnMsg += "using temporary directory '%s' instead" % tempDir
|
|
|
|
logger.warn(warnMsg)
|
|
|
|
|
|
|
|
conf.outputPath = tempDir
|
2009-09-26 03:03:45 +04:00
|
|
|
|
|
|
|
__createDumpDir()
|
|
|
|
__createFilesDir()
|
2010-05-28 20:43:04 +04:00
|
|
|
__configureDumper()
|
2009-09-26 03:03:45 +04:00
|
|
|
|
2011-01-02 13:37:32 +03:00
|
|
|
def __restoreCmdLineOptions():
|
|
|
|
"""
|
2012-02-22 14:40:11 +04:00
|
|
|
Restore command line options that could be possibly
|
2011-01-02 13:37:32 +03:00
|
|
|
changed during the testing of previous target.
|
|
|
|
"""
|
|
|
|
conf.regexp = cmdLineOptions.regexp
|
|
|
|
conf.string = cmdLineOptions.string
|
|
|
|
conf.textOnly = cmdLineOptions.textOnly
|
|
|
|
|
2008-10-15 19:38:22 +04:00
|
|
|
def initTargetEnv():
|
|
|
|
"""
|
|
|
|
Initialize target environment.
|
|
|
|
"""
|
|
|
|
|
2008-11-28 01:33:33 +03:00
|
|
|
if conf.multipleTargets:
|
2011-01-20 20:53:49 +03:00
|
|
|
if conf.sessionFP:
|
|
|
|
conf.sessionFP.close()
|
|
|
|
|
2011-09-26 00:36:32 +04:00
|
|
|
if conf.hashDB:
|
|
|
|
conf.hashDB.close()
|
|
|
|
|
2010-04-06 14:15:19 +04:00
|
|
|
if conf.cj:
|
2012-03-08 14:19:34 +04:00
|
|
|
resetCookieJar(conf.cj)
|
2010-04-06 14:15:19 +04:00
|
|
|
|
2011-04-30 17:20:05 +04:00
|
|
|
conf.paramDict = {}
|
|
|
|
conf.parameters = {}
|
2011-09-26 00:36:32 +04:00
|
|
|
conf.hashDBFile = None
|
2010-10-19 22:17:34 +04:00
|
|
|
|
2010-12-18 13:02:01 +03:00
|
|
|
__setKnowledgeBaseAttributes(False)
|
2011-01-02 13:37:32 +03:00
|
|
|
__restoreCmdLineOptions()
|
2010-12-18 13:02:01 +03:00
|
|
|
__setDBMS()
|
2008-11-28 01:33:33 +03:00
|
|
|
|
2010-03-15 14:33:34 +03:00
|
|
|
def setupTargetEnv():
|
2010-03-15 14:55:13 +03:00
|
|
|
__createTargetDirs()
|
2008-10-15 19:38:22 +04:00
|
|
|
__setRequestParams()
|
2011-09-26 17:01:43 +04:00
|
|
|
__setHashDB()
|
2011-11-22 12:39:13 +04:00
|
|
|
__resumeHashDBValues()
|
2011-05-16 02:21:38 +04:00
|
|
|
__setResultsFile()
|
2012-06-05 02:30:12 +04:00
|
|
|
__setAuthCred()
|