sqlmap/lib/core/session.py

#!/usr/bin/env python

"""
$Id$

Copyright (c) 2006-2010 sqlmap developers (http://sqlmap.sourceforge.net/)
See the file 'doc/COPYING' for copying permission
"""

import re

from lib.core.common import Backend
from lib.core.common import Format
from lib.core.common import dataToSessionFile
from lib.core.common import getFilteredPageContent
from lib.core.common import readInput
from lib.core.convert import base64pickle
from lib.core.convert import base64unpickle
from lib.core.data import conf
from lib.core.data import kb
from lib.core.data import logger
from lib.core.datatype import injectionDict
from lib.core.enums import PAYLOAD
from lib.core.enums import PLACE
from lib.core.settings import METADB_SUFFIX
from lib.core.settings import SUPPORTED_DBMS
from lib.core.settings import UNKNOWN_DBMS_VERSION

def safeFormatString(value):
    retVal = value
    if retVal:
        retVal = retVal.replace("[", "__LEFT_SQUARE_BRACKET__").replace("]", "__RIGHT_SQUARE_BRACKET__")
    return retVal

def unSafeFormatString(value):
    retVal = value
    if retVal:
        retVal = retVal.replace("__LEFT_SQUARE_BRACKET__", "[").replace("__RIGHT_SQUARE_BRACKET__", "]")
    return retVal

def setInjection(inj):
    """
    Save information retrieved about injection place and parameter in the
    session file.
    """

    condition = (
                  ( not kb.resumedQueries
                  or ( kb.resumedQueries.has_key(conf.url) and
                  not kb.resumedQueries[conf.url].has_key("Injection data")
                  ) )
                )

    if condition:
        dataToSessionFile("[%s][%s][%s][Injection data][%s]\n" % (conf.url, inj.place, safeFormatString(conf.parameters[inj.place]), base64pickle(inj)))

def setDynamicMarkings(markings):
    """
    Save information retrieved about dynamic markings to the
    session file.
    """

    condition = (
                  ( not kb.resumedQueries
                  or ( kb.resumedQueries.has_key(conf.url) and
                  not kb.resumedQueries[conf.url].has_key("Dynamic markings")
                  ) )
                )

    if condition:
        dataToSessionFile("[%s][%s][%s][Dynamic markings][%s]\n" % (conf.url, None, None, base64pickle(markings)))

def setDbms(dbms):
    """
    @param dbms: database management system to be set into the knowledge
    base as fingerprint.
    @type dbms: C{str}
    """
    condition = (
                  not kb.resumedQueries
                  or ( kb.resumedQueries.has_key(conf.url) and
                  not kb.resumedQueries[conf.url].has_key("DBMS") )
                )

    if condition:
        dataToSessionFile("[%s][%s][%s][DBMS][%s]\n" % (conf.url, kb.injection.place, safeFormatString(conf.parameters[kb.injection.place]), safeFormatString(dbms)))

    firstRegExp = "(%s)" % ("|".join([alias for alias in SUPPORTED_DBMS]))
    dbmsRegExp = re.search("^%s" % firstRegExp, dbms, re.I)

    if dbmsRegExp:
        dbms = dbmsRegExp.group(1)

    Backend.setDbms(dbms)

    logger.info("the back-end DBMS is %s" % Backend.getDbms())

def setOs():
    """
    Example of kb.bannerFp dictionary:

    {
      'sp': set(['Service Pack 4']),
      'dbmsVersion': '8.00.194',
      'dbmsServicePack': '0',
      'distrib': set(['2000']),
      'dbmsRelease': '2000',
      'type': set(['Windows'])
    }
    """

    infoMsg   = ""
    condition = (
                  not kb.resumedQueries
                  or ( kb.resumedQueries.has_key(conf.url) and
                  not kb.resumedQueries[conf.url].has_key("OS") )
                )

    if not kb.bannerFp:
        return

    if "type" in kb.bannerFp:
        kb.os = Format.humanize(kb.bannerFp["type"])
        infoMsg = "the back-end DBMS operating system is %s" % kb.os

    if "distrib" in kb.bannerFp:
        kb.osVersion = Format.humanize(kb.bannerFp["distrib"])
        infoMsg += " %s" % kb.osVersion

    if "sp" in kb.bannerFp:
        kb.osSP = int(Format.humanize(kb.bannerFp["sp"]).replace("Service Pack ", ""))

    elif "sp" not in kb.bannerFp and kb.os == "Windows":
        kb.osSP = 0

    if kb.os and kb.osVersion and kb.osSP:
        infoMsg += " Service Pack %d" % kb.osSP

    if infoMsg:
        logger.info(infoMsg)

    if condition:
        dataToSessionFile("[%s][%s][%s][OS][%s]\n" % (conf.url, kb.injection.place, safeFormatString(conf.parameters[kb.injection.place]), safeFormatString(kb.os)))

def setRemoteTempPath():
    condition = (
                  not kb.resumedQueries or ( kb.resumedQueries.has_key(conf.url) and
                  not kb.resumedQueries[conf.url].has_key("Remote temp path") )
                )

    if condition:
        dataToSessionFile("[%s][%s][%s][Remote temp path][%s]\n" % (conf.url, kb.injection.place, safeFormatString(conf.parameters[kb.injection.place]), safeFormatString(conf.tmpPath)))

def resumeConfKb(expression, url, value):
    if expression == "Injection data" and url == conf.url:
        injection = base64unpickle(value[:-1])
        logMsg = "resuming injection data from session file"
        logger.info(logMsg)

        if injection.place in conf.paramDict and\
          injection.parameter in conf.paramDict[injection.place]:
            kb.injections.append(injection)
        else:
            warnMsg = "there is an injection in %s parameter '%s' " % (injection.place, injection.parameter)
            warnMsg += "but you did not provided it this time"
            logger.warn(warnMsg)

    elif expression == "Dynamic markings" and url == conf.url:
        kb.dynamicMarkings = base64unpickle(value[:-1])
        logMsg = "resuming dynamic markings from session file"
        logger.info(logMsg)

    elif expression == "DBMS" and url == conf.url:
        dbms        = unSafeFormatString(value[:-1])
        dbms        = dbms.lower()
        dbmsVersion = [UNKNOWN_DBMS_VERSION]

        logMsg = "resuming back-end DBMS '%s' " % dbms
        logMsg += "from session file"
        logger.info(logMsg)

        firstRegExp = "(%s)" % ("|".join([alias for alias in SUPPORTED_DBMS]))
        dbmsRegExp = re.search("%s ([\d\.]+)" % firstRegExp, dbms)

        if dbmsRegExp:
            dbms        = dbmsRegExp.group(1)
            dbmsVersion = [ dbmsRegExp.group(2) ]

        if conf.dbms and conf.dbms.lower() != dbms:
            message  = "you provided '%s' as back-end DBMS, " % conf.dbms
            message += "but from a past scan information on the target URL "
            message += "sqlmap assumes the back-end DBMS is %s. " % dbms
            message += "Do you really want to force the back-end "
            message += "DBMS value? [y/N] "
            test = readInput(message, default="N")

            if not test or test[0] in ("n", "N"):
                Backend.setDbms(dbms)
                Backend.setVersionList(dbmsVersion)
        else:
            Backend.setDbms(dbms)
            Backend.setVersionList(dbmsVersion)

    elif expression == "OS" and url == conf.url:
        os = unSafeFormatString(value[:-1])

        if os and os != 'None':
            logMsg = "resuming back-end DBMS operating system '%s' " % os
            logMsg += "from session file"
            logger.info(logMsg)

            if conf.os and conf.os.lower() != os.lower():
                message  = "you provided '%s' as back-end DBMS operating " % conf.os
                message += "system, but from a past scan information on the "
                message += "target URL sqlmap assumes the back-end DBMS "
                message += "operating system is %s. " % os
                message += "Do you really want to force the back-end DBMS "
                message += "OS value? [y/N] "
                test = readInput(message, default="N")

                if not test or test[0] in ("n", "N"):
                    conf.os = os
            else:
                conf.os = os

    elif expression == "Remote temp path" and url == conf.url:
        conf.tmpPath = unSafeFormatString(value[:-1])

        logMsg = "resuming remote absolute path of temporary "
        logMsg += "files directory '%s' from session file" % conf.tmpPath
        logger.info(logMsg)

    elif expression == "TABLE_EXISTS" and url == conf.url:
        table = unSafeFormatString(value[:-1])

        if '.' in table:
            db, table = table.split('.')
        else:
            db = "%s%s" % (Backend.getIdentifiedDbms(), METADB_SUFFIX)

        logMsg = "resuming brute forced table name "
        logMsg += "'%s' from session file" % table
        logger.info(logMsg)

        kb.brute.tables.append((db, table))

    elif expression == "COLUMN_EXISTS" and url == conf.url:
        table, column = unSafeFormatString(value[:-1]).split('..')
        colName, colType = column.split(' ')

        if '.' in table:
            db, table = table.split('.')
        else:
            db = "%s%s" % (Backend.getIdentifiedDbms(), METADB_SUFFIX)

        logMsg = "resuming brute forced column name "
        logMsg += "'%s' for table '%s' from session file" % (colName, table)
        logger.info(logMsg)

        kb.brute.columns.append((db, table, colName, colType))
After the storm, a restore.. 2008-10-15 19:38:22 +04:00			`#!/usr/bin/env python`

			`"""`
propsets.. 2008-10-15 19:56:32 +04:00			$Id$
After the storm, a restore.. 2008-10-15 19:38:22 +04:00
large commit with copyright header modifications 2010-10-14 18:41:14 +04:00			`Copyright (c) 2006-2010 sqlmap developers (http://sqlmap.sourceforge.net/)`
sorry, cosmetics 2010-10-15 03:18:29 +04:00			`See the file 'doc/COPYING' for copying permission`
After the storm, a restore.. 2008-10-15 19:38:22 +04:00			`"""`

			`import re`

refactoring (class names should always be Capital cased) 2011-01-28 19:36:09 +03:00			`from lib.core.common import Backend`
			`from lib.core.common import Format`
After the storm, a restore.. 2008-10-15 19:38:22 +04:00			`from lib.core.common import dataToSessionFile`
minor update 2011-01-06 11:54:50 +03:00			`from lib.core.common import getFilteredPageContent`
After the storm, a restore.. 2008-10-15 19:38:22 +04:00			`from lib.core.common import readInput`
Added tag <epayload> to the payloads.xml's <test> tag to define which payload to use when exploiting the test type. Removed some useless tests. Moved <error> from queries.xml to payloads.xml as it makes more sense. Beeps at sql inj found only if --beep is provided. Minor fix in order to be able to pickle advancedDict() objects. Minor code refactoring. Removed useless folders. 2010-12-01 20:09:52 +03:00			`from lib.core.convert import base64pickle`
			`from lib.core.convert import base64unpickle`
After the storm, a restore.. 2008-10-15 19:38:22 +04:00			`from lib.core.data import conf`
			`from lib.core.data import kb`
			`from lib.core.data import logger`
Proper saving and resuming when more than a parameter are injectable. Minor bug fix to --stacked-test Minor code refactoring. 2010-11-29 04:04:42 +03:00			`from lib.core.datatype import injectionDict`
Rewrite from scratch the detection engine. Now it performs checks defined in payload.xml. User can specify its own. All (hopefully) functionalities should still be working. Added two switches, --level and --risk to specify which injection tests and boundaries to use. The main advantage now is that sqlmap is able to identify initially which injection types are present so for instance if boolean-based blind is not supported, but error-based is, sqlmap will keep going and work! 2010-11-28 21:10:54 +03:00			`from lib.core.enums import PAYLOAD`
further refactoring (all enumerations are now put into enums.py) 2010-11-08 12:20:02 +03:00			`from lib.core.enums import PLACE`
resume of brute forced data is now available 2010-12-27 17:17:20 +03:00			`from lib.core.settings import METADB_SUFFIX`
fix for proper Firebird resume of version 2011-01-24 14:04:32 +03:00			`from lib.core.settings import SUPPORTED_DBMS`
code refactoring (added UNKNOWN_DBMS_VERSION instead of "Unknown") 2010-12-18 00:29:09 +03:00			`from lib.core.settings import UNKNOWN_DBMS_VERSION`
After the storm, a restore.. 2008-10-15 19:38:22 +04:00
bug fix (reported by james@ev6.net) 2010-10-11 00:51:11 +04:00			`def safeFormatString(value):`
			`retVal = value`
			`if retVal:`
			`retVal = retVal.replace("[", "__LEFT_SQUARE_BRACKET__").replace("]", "__RIGHT_SQUARE_BRACKET__")`
			`return retVal`

			`def unSafeFormatString(value):`
			`retVal = value`
			`if retVal:`
			`retVal = retVal.replace("__LEFT_SQUARE_BRACKET__", "[").replace("__RIGHT_SQUARE_BRACKET__", "]")`
			`return retVal`

Rewrite from scratch the detection engine. Now it performs checks defined in payload.xml. User can specify its own. All (hopefully) functionalities should still be working. Added two switches, --level and --risk to specify which injection tests and boundaries to use. The main advantage now is that sqlmap is able to identify initially which injection types are present so for instance if boolean-based blind is not supported, but error-based is, sqlmap will keep going and work! 2010-11-28 21:10:54 +03:00			`def setInjection(inj):`
After the storm, a restore.. 2008-10-15 19:38:22 +04:00			`"""`
			`Save information retrieved about injection place and parameter in the`
			`session file.`
			`"""`

			`condition = (`
Rewrite from scratch the detection engine. Now it performs checks defined in payload.xml. User can specify its own. All (hopefully) functionalities should still be working. Added two switches, --level and --risk to specify which injection tests and boundaries to use. The main advantage now is that sqlmap is able to identify initially which injection types are present so for instance if boolean-based blind is not supported, but error-based is, sqlmap will keep going and work! 2010-11-28 21:10:54 +03:00			`( not kb.resumedQueries`
After the storm, a restore.. 2008-10-15 19:38:22 +04:00			`or ( kb.resumedQueries.has_key(conf.url) and`
Added tag <epayload> to the payloads.xml's <test> tag to define which payload to use when exploiting the test type. Removed some useless tests. Moved <error> from queries.xml to payloads.xml as it makes more sense. Beeps at sql inj found only if --beep is provided. Minor fix in order to be able to pickle advancedDict() objects. Minor code refactoring. Removed useless folders. 2010-12-01 20:09:52 +03:00			`not kb.resumedQueries[conf.url].has_key("Injection data")`
			`) )`
After the storm, a restore.. 2008-10-15 19:38:22 +04:00			`)`

			`if condition:`
Added tag <epayload> to the payloads.xml's <test> tag to define which payload to use when exploiting the test type. Removed some useless tests. Moved <error> from queries.xml to payloads.xml as it makes more sense. Beeps at sql inj found only if --beep is provided. Minor fix in order to be able to pickle advancedDict() objects. Minor code refactoring. Removed useless folders. 2010-12-01 20:09:52 +03:00			`dataToSessionFile("[%s][%s][%s][Injection data][%s]\n" % (conf.url, inj.place, safeFormatString(conf.parameters[inj.place]), base64pickle(inj)))`
Proper saving and resuming when more than a parameter are injectable. Minor bug fix to --stacked-test Minor code refactoring. 2010-11-29 04:04:42 +03:00
bug fix (dynamic markings were not restored in program rerun which potentially led to no data retrieved) 2010-12-29 22:48:19 +03:00			`def setDynamicMarkings(markings):`
			`"""`
			`Save information retrieved about dynamic markings to the`
			`session file.`
			`"""`

			`condition = (`
			`( not kb.resumedQueries`
			`or ( kb.resumedQueries.has_key(conf.url) and`
			`not kb.resumedQueries[conf.url].has_key("Dynamic markings")`
			`) )`
			`)`

			`if condition:`
			`dataToSessionFile("[%s][%s][%s][Dynamic markings][%s]\n" % (conf.url, None, None, base64pickle(markings)))`

After the storm, a restore.. 2008-10-15 19:38:22 +04:00			`def setDbms(dbms):`
			`"""`
			`@param dbms: database management system to be set into the knowledge`
			`base as fingerprint.`
			`@type dbms: C{str}`
			`"""`
			`condition = (`
Implemented a better way to deal with % characters in parameters' value. Minor code restyle. 2008-10-16 19:31:02 +04:00			`not kb.resumedQueries`
After the storm, a restore.. 2008-10-15 19:38:22 +04:00			`or ( kb.resumedQueries.has_key(conf.url) and`
Implemented a better way to deal with % characters in parameters' value. Minor code restyle. 2008-10-16 19:31:02 +04:00			`not kb.resumedQueries[conf.url].has_key("DBMS") )`
After the storm, a restore.. 2008-10-15 19:38:22 +04:00			`)`

			`if condition:`
Rewrite from scratch the detection engine. Now it performs checks defined in payload.xml. User can specify its own. All (hopefully) functionalities should still be working. Added two switches, --level and --risk to specify which injection tests and boundaries to use. The main advantage now is that sqlmap is able to identify initially which injection types are present so for instance if boolean-based blind is not supported, but error-based is, sqlmap will keep going and work! 2010-11-28 21:10:54 +03:00			`dataToSessionFile("[%s][%s][%s][DBMS][%s]\n" % (conf.url, kb.injection.place, safeFormatString(conf.parameters[kb.injection.place]), safeFormatString(dbms)))`
After the storm, a restore.. 2008-10-15 19:38:22 +04:00
fix for proper Firebird resume of version 2011-01-24 14:04:32 +03:00			`firstRegExp = "(%s)" % ("\|".join([alias for alias in SUPPORTED_DBMS]))`
After the storm, a restore.. 2008-10-15 19:38:22 +04:00			`dbmsRegExp = re.search("^%s" % firstRegExp, dbms, re.I)`

			`if dbmsRegExp:`
			`dbms = dbmsRegExp.group(1)`

refactoring (class names should always be Capital cased) 2011-01-28 19:36:09 +03:00			`Backend.setDbms(dbms)`
After the storm, a restore.. 2008-10-15 19:38:22 +04:00
refactoring (class names should always be Capital cased) 2011-01-28 19:36:09 +03:00			`logger.info("the back-end DBMS is %s" % Backend.getDbms())`
Minor adjustments 2008-12-31 00:24:01 +03:00
Updated to sqlmap 0.7 release candidate 1 2009-04-22 15:48:07 +04:00			`def setOs():`
			`"""`
			`Example of kb.bannerFp dictionary:`

			`{`
			`'sp': set(['Service Pack 4']),`
			`'dbmsVersion': '8.00.194',`
			`'dbmsServicePack': '0',`
			`'distrib': set(['2000']),`
			`'dbmsRelease': '2000',`
			`'type': set(['Windows'])`
			`}`
			`"""`

			`infoMsg = ""`
			`condition = (`
			`not kb.resumedQueries`
			`or ( kb.resumedQueries.has_key(conf.url) and`
			`not kb.resumedQueries[conf.url].has_key("OS") )`
			`)`

			`if not kb.bannerFp:`
			`return`

			`if "type" in kb.bannerFp:`
refactoring (class names should always be Capital cased) 2011-01-28 19:36:09 +03:00			`kb.os = Format.humanize(kb.bannerFp["type"])`
Updated to sqlmap 0.7 release candidate 1 2009-04-22 15:48:07 +04:00			`infoMsg = "the back-end DBMS operating system is %s" % kb.os`

			`if "distrib" in kb.bannerFp:`
refactoring (class names should always be Capital cased) 2011-01-28 19:36:09 +03:00			`kb.osVersion = Format.humanize(kb.bannerFp["distrib"])`
Major code refactoring - centralized all kb.dbms* info for both retrieval and set. 2011-01-20 02:06:15 +03:00			`infoMsg += " %s" % kb.osVersion`
Updated to sqlmap 0.7 release candidate 1 2009-04-22 15:48:07 +04:00
			`if "sp" in kb.bannerFp:`
refactoring (class names should always be Capital cased) 2011-01-28 19:36:09 +03:00			`kb.osSP = int(Format.humanize(kb.bannerFp["sp"]).replace("Service Pack ", ""))`
Updated to sqlmap 0.7 release candidate 1 2009-04-22 15:48:07 +04:00
			`elif "sp" not in kb.bannerFp and kb.os == "Windows":`
			`kb.osSP = 0`

Fixed two minor bugs with PostgreSQL reported by Sven Klemm, thanks! 2009-07-29 14:44:24 +04:00			`if kb.os and kb.osVersion and kb.osSP:`
Updated to sqlmap 0.7 release candidate 1 2009-04-22 15:48:07 +04:00			`infoMsg += " Service Pack %d" % kb.osSP`

			`if infoMsg:`
			`logger.info(infoMsg)`

			`if condition:`
Rewrite from scratch the detection engine. Now it performs checks defined in payload.xml. User can specify its own. All (hopefully) functionalities should still be working. Added two switches, --level and --risk to specify which injection tests and boundaries to use. The main advantage now is that sqlmap is able to identify initially which injection types are present so for instance if boolean-based blind is not supported, but error-based is, sqlmap will keep going and work! 2010-11-28 21:10:54 +03:00			`dataToSessionFile("[%s][%s][%s][OS][%s]\n" % (conf.url, kb.injection.place, safeFormatString(conf.parameters[kb.injection.place]), safeFormatString(kb.os)))`
Updated to sqlmap 0.7 release candidate 1 2009-04-22 15:48:07 +04:00
			`def setRemoteTempPath():`
			`condition = (`
			`not kb.resumedQueries or ( kb.resumedQueries.has_key(conf.url) and`
			`not kb.resumedQueries[conf.url].has_key("Remote temp path") )`
			`)`

			`if condition:`
Rewrite from scratch the detection engine. Now it performs checks defined in payload.xml. User can specify its own. All (hopefully) functionalities should still be working. Added two switches, --level and --risk to specify which injection tests and boundaries to use. The main advantage now is that sqlmap is able to identify initially which injection types are present so for instance if boolean-based blind is not supported, but error-based is, sqlmap will keep going and work! 2010-11-28 21:10:54 +03:00			`dataToSessionFile("[%s][%s][%s][Remote temp path][%s]\n" % (conf.url, kb.injection.place, safeFormatString(conf.parameters[kb.injection.place]), safeFormatString(conf.tmpPath)))`
Updated to sqlmap 0.7 release candidate 1 2009-04-22 15:48:07 +04:00
After the storm, a restore.. 2008-10-15 19:38:22 +04:00			`def resumeConfKb(expression, url, value):`
More code cleanup 2011-01-16 02:11:36 +03:00			`if expression == "Injection data" and url == conf.url:`
Added tag <epayload> to the payloads.xml's <test> tag to define which payload to use when exploiting the test type. Removed some useless tests. Moved <error> from queries.xml to payloads.xml as it makes more sense. Beeps at sql inj found only if --beep is provided. Minor fix in order to be able to pickle advancedDict() objects. Minor code refactoring. Removed useless folders. 2010-12-01 20:09:52 +03:00			`injection = base64unpickle(value[:-1])`
Code cleanup and minor refactoring 2010-12-03 13:51:27 +03:00			`logMsg = "resuming injection data from session file"`
Proper saving and resuming when more than a parameter are injectable. Minor bug fix to --stacked-test Minor code refactoring. 2010-11-29 04:04:42 +03:00			`logger.info(logMsg)`

minor bug fix 2010-12-22 01:35:44 +03:00			`if injection.place in conf.paramDict and\`
			`injection.parameter in conf.paramDict[injection.place]:`
fix for a bug reported by ToR (origValue = paramDict[kb.injection.parameter] -> KeyError in resume with missing injection parameter) 2010-12-07 13:57:32 +03:00			`kb.injections.append(injection)`
			`else:`
			`warnMsg = "there is an injection in %s parameter '%s' " % (injection.place, injection.parameter)`
			`warnMsg += "but you did not provided it this time"`
			`logger.warn(warnMsg)`

bug fix (dynamic markings were not restored in program rerun which potentially led to no data retrieved) 2010-12-29 22:48:19 +03:00			`elif expression == "Dynamic markings" and url == conf.url:`
			`kb.dynamicMarkings = base64unpickle(value[:-1])`
			`logMsg = "resuming dynamic markings from session file"`
			`logger.info(logMsg)`

After the storm, a restore.. 2008-10-15 19:38:22 +04:00			`elif expression == "DBMS" and url == conf.url:`
bug fix (reported by james@ev6.net) 2010-10-11 00:51:11 +04:00			`dbms = unSafeFormatString(value[:-1])`
Minor bug fix to --dbms, updated user's manual 2009-07-09 15:05:24 +04:00			`dbms = dbms.lower()`
code refactoring (added UNKNOWN_DBMS_VERSION instead of "Unknown") 2010-12-18 00:29:09 +03:00			`dbmsVersion = [UNKNOWN_DBMS_VERSION]`
After the storm, a restore.. 2008-10-15 19:38:22 +04:00
Proper saving and resuming when more than a parameter are injectable. Minor bug fix to --stacked-test Minor code refactoring. 2010-11-29 04:04:42 +03:00			`logMsg = "resuming back-end DBMS '%s' " % dbms`
After the storm, a restore.. 2008-10-15 19:38:22 +04:00			`logMsg += "from session file"`
			`logger.info(logMsg)`

fix for proper Firebird resume of version 2011-01-24 14:04:32 +03:00			`firstRegExp = "(%s)" % ("\|".join([alias for alias in SUPPORTED_DBMS]))`
After the storm, a restore.. 2008-10-15 19:38:22 +04:00			`dbmsRegExp = re.search("%s ([\d\.]+)" % firstRegExp, dbms)`

			`if dbmsRegExp:`
Minor bug fix to --dbms, updated user's manual 2009-07-09 15:05:24 +04:00			`dbms = dbmsRegExp.group(1)`
			`dbmsVersion = [ dbmsRegExp.group(2) ]`
After the storm, a restore.. 2008-10-15 19:38:22 +04:00
			`if conf.dbms and conf.dbms.lower() != dbms:`
			`message = "you provided '%s' as back-end DBMS, " % conf.dbms`
			`message += "but from a past scan information on the target URL "`
			`message += "sqlmap assumes the back-end DBMS is %s. " % dbms`
			`message += "Do you really want to force the back-end "`
			`message += "DBMS value? [y/N] "`
			`test = readInput(message, default="N")`

			`if not test or test[0] in ("n", "N"):`
refactoring (class names should always be Capital cased) 2011-01-28 19:36:09 +03:00			`Backend.setDbms(dbms)`
			`Backend.setVersionList(dbmsVersion)`
After the storm, a restore.. 2008-10-15 19:38:22 +04:00			`else:`
refactoring (class names should always be Capital cased) 2011-01-28 19:36:09 +03:00			`Backend.setDbms(dbms)`
			`Backend.setVersionList(dbmsVersion)`
After the storm, a restore.. 2008-10-15 19:38:22 +04:00
Updated to sqlmap 0.7 release candidate 1 2009-04-22 15:48:07 +04:00			`elif expression == "OS" and url == conf.url:`
bug fix (reported by james@ev6.net) 2010-10-11 00:51:11 +04:00			`os = unSafeFormatString(value[:-1])`
Updated to sqlmap 0.7 release candidate 1 2009-04-22 15:48:07 +04:00
another fix (OS was set to None at all previous sessions if there was no explicit OS testing done) 2011-01-02 11:08:38 +03:00			`if os and os != 'None':`
			`logMsg = "resuming back-end DBMS operating system '%s' " % os`
			`logMsg += "from session file"`
			`logger.info(logMsg)`

			`if conf.os and conf.os.lower() != os.lower():`
			`message = "you provided '%s' as back-end DBMS operating " % conf.os`
			`message += "system, but from a past scan information on the "`
			`message += "target URL sqlmap assumes the back-end DBMS "`
			`message += "operating system is %s. " % os`
			`message += "Do you really want to force the back-end DBMS "`
			`message += "OS value? [y/N] "`
			`test = readInput(message, default="N")`

			`if not test or test[0] in ("n", "N"):`
			`conf.os = os`
			`else:`
Updated to sqlmap 0.7 release candidate 1 2009-04-22 15:48:07 +04:00			`conf.os = os`

More code cleanup 2011-01-16 02:11:36 +03:00			`elif expression == "Remote temp path" and url == conf.url:`
			`conf.tmpPath = unSafeFormatString(value[:-1])`

			`logMsg = "resuming remote absolute path of temporary "`
			`logMsg += "files directory '%s' from session file" % conf.tmpPath`
			`logger.info(logMsg)`

resume of brute forced data is now available 2010-12-27 17:17:20 +03:00			`elif expression == "TABLE_EXISTS" and url == conf.url:`
			`table = unSafeFormatString(value[:-1])`

			`if '.' in table:`
			`db, table = table.split('.')`
			`else:`
refactoring (class names should always be Capital cased) 2011-01-28 19:36:09 +03:00			`db = "%s%s" % (Backend.getIdentifiedDbms(), METADB_SUFFIX)`
resume of brute forced data is now available 2010-12-27 17:17:20 +03:00
			`logMsg = "resuming brute forced table name "`
			`logMsg += "'%s' from session file" % table`
			`logger.info(logMsg)`

			`kb.brute.tables.append((db, table))`

			`elif expression == "COLUMN_EXISTS" and url == conf.url:`
			`table, column = unSafeFormatString(value[:-1]).split('..')`
			`colName, colType = column.split(' ')`

			`if '.' in table:`
			`db, table = table.split('.')`
			`else:`
refactoring (class names should always be Capital cased) 2011-01-28 19:36:09 +03:00			`db = "%s%s" % (Backend.getIdentifiedDbms(), METADB_SUFFIX)`
resume of brute forced data is now available 2010-12-27 17:17:20 +03:00
			`logMsg = "resuming brute forced column name "`
			`logMsg += "'%s' for table '%s' from session file" % (colName, table)`
			`logger.info(logMsg)`

			`kb.brute.columns.append((db, table, colName, colType))`