sqlmap/lib/core/convert.py

#!/usr/bin/env python

"""
$Id$

Copyright (c) 2006-2012 sqlmap developers (http://www.sqlmap.org/)
See the file 'doc/COPYING' for copying permission
"""

try:
    import hashlib
except:
    import md5
    import sha

import binascii
import pickle
import re
import sys
import string
import struct
import urllib

from extra.safe2bin.safe2bin import safecharencode
from extra.safe2bin.safe2bin import safechardecode
from lib.core.data import conf
from lib.core.data import kb
from lib.core.data import logger
from lib.core.enums import PLACE
from lib.core.settings import UNICODE_ENCODING
from lib.core.settings import URLENCODE_CHAR_LIMIT
from lib.core.settings import URLENCODE_FAILSAFE_CHARS

def base64decode(value):
    return value.decode("base64")

def base64encode(value):
    return value.encode("base64")[:-1].replace("\n", "")

def base64pickle(value):
    return base64encode(pickle.dumps(value))

def base64unpickle(value):
    return pickle.loads(base64decode(value))

def hexdecode(value):
    value = value.lower()
    return (value[2:] if value.startswith("0x") else value).decode("hex")

def hexencode(value):
    return value.encode("hex")

def md5hash(value):
    if sys.modules.has_key('hashlib'):
        return hashlib.md5(value).hexdigest()
    else:
        return md5.new(value).hexdigest()

def orddecode(value):
    packedString = struct.pack("!"+"I" * len(value), *value)
    return "".join(chr(char) for char in struct.unpack("!"+"I"*(len(packedString)/4), packedString))

def ordencode(value):
    return tuple(ord(char) for char in value)

def sha1hash(value):
    if sys.modules.has_key('hashlib'):
        return hashlib.sha1(value).hexdigest()
    else:
        return sha.new(value).hexdigest()

def urldecode(value, encoding=None):
    result = None

    if value:
        try:
            # for cases like T%C3%BCrk%C3%A7e
            value = str(value)
        except ValueError:
            pass
        finally:
            result = urllib.unquote_plus(value)

    if isinstance(result, str):
        result = unicode(result, encoding or UNICODE_ENCODING, errors="replace")

    return result

def urlencode(value, safe="%&=", convall=False, limit=False):
    if conf.direct or PLACE.SOAP in conf.paramDict:
        return value

    count = 0
    result = None

    if value is None:
        return result

    if convall or safe is None:
        safe = ""

    # corner case when character % really needs to be
    # encoded (when not representing url encoded char)
    # except in cases when tampering scripts are used
    if all(map(lambda x: '%' in x, [safe, value])) and not kb.tamperFunctions:
        value = re.sub("%(?![0-9a-fA-F]{2})", "%25", value, re.DOTALL | re.IGNORECASE)

    while True:
        result = urllib.quote(utf8encode(value), safe)

        if limit and len(result) > URLENCODE_CHAR_LIMIT:
            if count >= len(URLENCODE_FAILSAFE_CHARS):
                break

            while count < len(URLENCODE_FAILSAFE_CHARS):
                safe += URLENCODE_FAILSAFE_CHARS[count]
                count += 1
                if safe[-1] in value:
                    break
        else:
            break

    return result

def unicodeencode(value, encoding=None):
    """
    Return 8-bit string representation of the supplied unicode value:

    >>> unicodeencode(u'test')
    'test'
    """

    retVal = value
    if isinstance(value, unicode):
        try:
            retVal = value.encode(encoding or UNICODE_ENCODING)
        except UnicodeEncodeError:
            retVal = value.encode(UNICODE_ENCODING, "replace")
    return retVal

def utf8encode(value):
    return unicodeencode(value, "utf-8")

def utf8decode(value):
    return value.decode("utf-8")

def htmlescape(value):
    _ = (('&', '&amp;'), ('<', '&lt;'), ('>', '&gt;'), ('"', '&quot;'), ("'", '&#39;'), (' ', '&nbsp;'))
    return reduce(lambda x, y: x.replace(y[0], y[1]), _, value)

def htmlunescape(value):
    retVal = value
    if value and isinstance(value, basestring):
        _ = (('&amp;', '&'), ('&lt;', '<'), ('&gt;', '>'), ('&quot;', '"'), ('&nbsp;', ' '))
        retVal = reduce(lambda x, y: x.replace(y[0], y[1]), _, retVal)
        retVal = re.sub('&#(\d+);', lambda x: unichr(int(x.group(1))), retVal)
    return retVal
After the storm, a restore.. 2008-10-15 19:38:22 +04:00			`#!/usr/bin/env python`

			`"""`
propsets.. 2008-10-15 19:56:32 +04:00			$Id$
After the storm, a restore.. 2008-10-15 19:38:22 +04:00
updating copyright date 2012-01-11 18:59:46 +04:00			`Copyright (c) 2006-2012 sqlmap developers (http://www.sqlmap.org/)`
sorry, cosmetics 2010-10-15 03:18:29 +04:00			`See the file 'doc/COPYING' for copying permission`
After the storm, a restore.. 2008-10-15 19:38:22 +04:00			`"""`

Avoiding md5/sha1 deprecated warning in Python >=2.6 2010-02-23 11:54:33 +03:00			`try:`
			`import hashlib`
			`except:`
			`import md5`
			`import sha`
Added resume functionality to -d and fixed logging with -d 2010-04-12 13:35:20 +04:00
minor fixes and refactoring regarding safecharencoding 2011-04-14 19:54:00 +04:00			`import binascii`
Added resume functionality to -d and fixed logging with -d 2010-04-12 13:35:20 +04:00			`import pickle`
fix for that @chunk bug 2011-04-10 20:46:33 +04:00			`import re`
Avoiding md5/sha1 deprecated warning in Python >=2.6 2010-02-23 11:54:33 +03:00			`import sys`
minor refactoring 2011-04-10 11:16:19 +04:00			`import string`
After the storm, a restore.. 2008-10-15 19:38:22 +04:00			`import struct`
			`import urllib`

some refactoring 2011-04-15 17:51:06 +04:00			`from extra.safe2bin.safe2bin import safecharencode`
			`from extra.safe2bin.safe2bin import safechardecode`
Major enhancement to directly connect to the dbms without passing via a sql injection: adapted code accordingly - see #158. This feature relies on python third-party libraries to be able to connect to the database. For the moment it has been implemented for MySQL (with python-mysqldb module) and PostgreSQL (with python-psycopg2 module). Minor layout adjustments. 2010-03-27 02:23:25 +03:00			`from lib.core.data import conf`
more general approach 2011-07-08 14:03:14 +04:00			`from lib.core.data import kb`
improvement of url encoding technique (implemented failsafe routine for shortening too long GET queries) 2011-03-09 12:36:56 +03:00			`from lib.core.data import logger`
SOAP refactoring 2011-04-18 01:39:00 +04:00			`from lib.core.enums import PLACE`
further update regarding last commit 2011-03-03 13:39:04 +03:00			`from lib.core.settings import UNICODE_ENCODING`
improvement of url encoding technique (implemented failsafe routine for shortening too long GET queries) 2011-03-09 12:36:56 +03:00			`from lib.core.settings import URLENCODE_CHAR_LIMIT`
			`from lib.core.settings import URLENCODE_FAILSAFE_CHARS`
Major enhancement to directly connect to the dbms without passing via a sql injection: adapted code accordingly - see #158. This feature relies on python third-party libraries to be able to connect to the database. For the moment it has been implemented for MySQL (with python-mysqldb module) and PostgreSQL (with python-psycopg2 module). Minor layout adjustments. 2010-03-27 02:23:25 +03:00
code review of modules in lib/core directory 2011-01-15 15:13:45 +03:00			`def base64decode(value):`
			`return value.decode("base64")`
After the storm, a restore.. 2008-10-15 19:38:22 +04:00
code review of modules in lib/core directory 2011-01-15 15:13:45 +03:00			`def base64encode(value):`
			`return value.encode("base64")[:-1].replace("\n", "")`
Added resume functionality to -d and fixed logging with -d 2010-04-12 13:35:20 +04:00
code review of modules in lib/core directory 2011-01-15 15:13:45 +03:00			`def base64pickle(value):`
			`return base64encode(pickle.dumps(value))`
Added resume functionality to -d and fixed logging with -d 2010-04-12 13:35:20 +04:00
code review of modules in lib/core directory 2011-01-15 15:13:45 +03:00			`def base64unpickle(value):`
			`return pickle.loads(base64decode(value))`
After the storm, a restore.. 2008-10-15 19:38:22 +04:00
code review of modules in lib/core directory 2011-01-15 15:13:45 +03:00			`def hexdecode(value):`
			`value = value.lower()`
some more refactoring 2011-12-21 23:40:42 +04:00			`return (value[2:] if value.startswith("0x") else value).decode("hex")`
removed all trailing spaces from blank lines 2010-11-03 13:08:27 +03:00
code review of modules in lib/core directory 2011-01-15 15:13:45 +03:00			`def hexencode(value):`
			`return value.encode("hex")`
After the storm, a restore.. 2008-10-15 19:38:22 +04:00
code review of modules in lib/core directory 2011-01-15 15:13:45 +03:00			`def md5hash(value):`
Avoiding md5/sha1 deprecated warning in Python >=2.6 2010-02-23 11:54:33 +03:00			`if sys.modules.has_key('hashlib'):`
code review of modules in lib/core directory 2011-01-15 15:13:45 +03:00			`return hashlib.md5(value).hexdigest()`
Avoiding md5/sha1 deprecated warning in Python >=2.6 2010-02-23 11:54:33 +03:00			`else:`
code review of modules in lib/core directory 2011-01-15 15:13:45 +03:00			`return md5.new(value).hexdigest()`
After the storm, a restore.. 2008-10-15 19:38:22 +04:00
code review of modules in lib/core directory 2011-01-15 15:13:45 +03:00			`def orddecode(value):`
			`packedString = struct.pack("!"+"I" * len(value), *value)`
minor optimization 2011-11-21 00:14:47 +04:00			`return "".join(chr(char) for char in struct.unpack("!"+"I"*(len(packedString)/4), packedString))`
After the storm, a restore.. 2008-10-15 19:38:22 +04:00
code review of modules in lib/core directory 2011-01-15 15:13:45 +03:00			`def ordencode(value):`
minor optimization 2011-11-21 00:14:47 +04:00			`return tuple(ord(char) for char in value)`
After the storm, a restore.. 2008-10-15 19:38:22 +04:00
code review of modules in lib/core directory 2011-01-15 15:13:45 +03:00			`def sha1hash(value):`
Avoiding md5/sha1 deprecated warning in Python >=2.6 2010-02-23 11:54:33 +03:00			`if sys.modules.has_key('hashlib'):`
code review of modules in lib/core directory 2011-01-15 15:13:45 +03:00			`return hashlib.sha1(value).hexdigest()`
Avoiding md5/sha1 deprecated warning in Python >=2.6 2010-02-23 11:54:33 +03:00			`else:`
code review of modules in lib/core directory 2011-01-15 15:13:45 +03:00			`return sha.new(value).hexdigest()`
After the storm, a restore.. 2008-10-15 19:38:22 +04:00
further update regarding last commit 2011-03-03 13:39:04 +03:00			`def urldecode(value, encoding=None):`
sqlmap 0.8-rc3: Merge from Miroslav Stampar's branch fixing a bug when verbosity > 2, another major bug with urlencoding/urldecoding of POST data and Cookies, adding --drop-set-cookie option, implementing support to automatically decode gzip and deflate HTTP responses, support for Google dork page result (--gpage) and a minor code cleanup. 2010-01-02 05:02:12 +03:00			`result = None`
fix for a google bug reported by Brandon E. 2010-10-01 12:03:39 +04:00
code review of modules in lib/core directory 2011-01-15 15:13:45 +03:00			`if value:`
bug fix for international encoded letters 2011-02-26 01:43:01 +03:00			`try:`
			`# for cases like T%C3%BCrk%C3%A7e`
			`value = str(value)`
			`except ValueError:`
further update regarding last commit 2011-03-03 13:39:04 +03:00			`pass`
			`finally:`
bug fix for international encoded letters 2011-02-26 01:43:01 +03:00			`result = urllib.unquote_plus(value)`
After the storm, a restore.. 2008-10-15 19:38:22 +04:00
further update regarding last commit 2011-03-03 13:39:04 +03:00			`if isinstance(result, str):`
removing xmlcharrefreplace error handler as it seems that it wasn't such a good idea at the end 2011-05-16 01:43:38 +04:00			`result = unicode(result, encoding or UNICODE_ENCODING, errors="replace")`
further update regarding last commit 2011-03-03 13:39:04 +03:00
sqlmap 0.8-rc3: Merge from Miroslav Stampar's branch fixing a bug when verbosity > 2, another major bug with urlencoding/urldecoding of POST data and Cookies, adding --drop-set-cookie option, implementing support to automatically decode gzip and deflate HTTP responses, support for Google dork page result (--gpage) and a minor code cleanup. 2010-01-02 05:02:12 +03:00			`return result`
After the storm, a restore.. 2008-10-15 19:38:22 +04:00
more general approach 2011-07-08 14:03:14 +04:00			`def urlencode(value, safe="%&=", convall=False, limit=False):`
SOAP refactoring 2011-04-18 01:39:00 +04:00			`if conf.direct or PLACE.SOAP in conf.paramDict:`
code review of modules in lib/core directory 2011-01-15 15:13:45 +03:00			`return value`
Major enhancement to directly connect to the dbms without passing via a sql injection: adapted code accordingly - see #158. This feature relies on python third-party libraries to be able to connect to the database. For the moment it has been implemented for MySQL (with python-mysqldb module) and PostgreSQL (with python-psycopg2 module). Minor layout adjustments. 2010-03-27 02:23:25 +03:00
this was bothering me for some time (POST and/or GET payloads needs to be urlencoded throughly) 2011-03-11 22:57:44 +03:00			`count = 0`
sqlmap 0.8-rc3: Merge from Miroslav Stampar's branch fixing a bug when verbosity > 2, another major bug with urlencoding/urldecoding of POST data and Cookies, adding --drop-set-cookie option, implementing support to automatically decode gzip and deflate HTTP responses, support for Google dork page result (--gpage) and a minor code cleanup. 2010-01-02 05:02:12 +03:00			`result = None`

code review of modules in lib/core directory 2011-01-15 15:13:45 +03:00			`if value is None:`
sqlmap 0.8-rc3: Merge from Miroslav Stampar's branch fixing a bug when verbosity > 2, another major bug with urlencoding/urldecoding of POST data and Cookies, adding --drop-set-cookie option, implementing support to automatically decode gzip and deflate HTTP responses, support for Google dork page result (--gpage) and a minor code cleanup. 2010-01-02 05:02:12 +03:00			`return result`
After the storm, a restore.. 2008-10-15 19:38:22 +04:00
this was bothering me for some time (POST and/or GET payloads needs to be urlencoded throughly) 2011-03-11 22:57:44 +03:00			`if convall or safe is None:`
			`safe = ""`

fix for that @chunk bug 2011-04-10 20:46:33 +04:00			`# corner case when character % really needs to be`
			`# encoded (when not representing url encoded char)`
more general approach 2011-07-08 14:03:14 +04:00			`# except in cases when tampering scripts are used`
			`if all(map(lambda x: '%' in x, [safe, value])) and not kb.tamperFunctions:`
fix for that @chunk bug 2011-04-10 20:46:33 +04:00			`value = re.sub("%(?![0-9a-fA-F]{2})", "%25", value, re.DOTALL \| re.IGNORECASE)`

this was bothering me for some time (POST and/or GET payloads needs to be urlencoded throughly) 2011-03-11 22:57:44 +03:00			`while True:`
			`result = urllib.quote(utf8encode(value), safe)`
improvement of url encoding technique (implemented failsafe routine for shortening too long GET queries) 2011-03-09 12:36:56 +03:00
this was bothering me for some time (POST and/or GET payloads needs to be urlencoded throughly) 2011-03-11 22:57:44 +03:00			`if limit and len(result) > URLENCODE_CHAR_LIMIT:`
			`if count >= len(URLENCODE_FAILSAFE_CHARS):`
improvement of url encoding technique (implemented failsafe routine for shortening too long GET queries) 2011-03-09 12:36:56 +03:00			`break`
sqlmap 0.8-rc3: Merge from Miroslav Stampar's branch fixing a bug when verbosity > 2, another major bug with urlencoding/urldecoding of POST data and Cookies, adding --drop-set-cookie option, implementing support to automatically decode gzip and deflate HTTP responses, support for Google dork page result (--gpage) and a minor code cleanup. 2010-01-02 05:02:12 +03:00
this was bothering me for some time (POST and/or GET payloads needs to be urlencoded throughly) 2011-03-11 22:57:44 +03:00			`while count < len(URLENCODE_FAILSAFE_CHARS):`
			`safe += URLENCODE_FAILSAFE_CHARS[count]`
			`count += 1`
			`if safe[-1] in value:`
			`break`
			`else:`
			`break`

sqlmap 0.8-rc3: Merge from Miroslav Stampar's branch fixing a bug when verbosity > 2, another major bug with urlencoding/urldecoding of POST data and Cookies, adding --drop-set-cookie option, implementing support to automatically decode gzip and deflate HTTP responses, support for Google dork page result (--gpage) and a minor code cleanup. 2010-01-02 05:02:12 +03:00			`return result`
Minor bug fix to correctly deal with unicode queries with -d 2010-05-28 15:32:10 +04:00
minor refactoring 2011-04-29 19:22:32 +04:00			`def unicodeencode(value, encoding=None):`
			`"""`
			`Return 8-bit string representation of the supplied unicode value:`

			`>>> unicodeencode(u'test')`
			`'test'`
			`"""`

			`retVal = value`
			`if isinstance(value, unicode):`
			`try:`
			`retVal = value.encode(encoding or UNICODE_ENCODING)`
			`except UnicodeEncodeError:`
removing xmlcharrefreplace error handler as it seems that it wasn't such a good idea at the end 2011-05-16 01:43:38 +04:00			`retVal = value.encode(UNICODE_ENCODING, "replace")`
minor refactoring 2011-04-29 19:22:32 +04:00			`return retVal`

code review of modules in lib/core directory 2011-01-15 15:13:45 +03:00			`def utf8encode(value):`
minor refactoring 2011-04-29 19:22:32 +04:00			`return unicodeencode(value, "utf-8")`
Minor bug fix to correctly deal with unicode queries with -d 2010-05-28 15:32:10 +04:00
code review of modules in lib/core directory 2011-01-15 15:13:45 +03:00			`def utf8decode(value):`
			`return value.decode("utf-8")`
fix for a google bug reported by Brandon E. 2010-10-01 12:03:39 +04:00
code review of modules in lib/core directory 2011-01-15 15:13:45 +03:00			`def htmlescape(value):`
some more refactoring 2011-12-21 23:40:42 +04:00			`_ = (('&', '&'), ('<', '<'), ('>', '>'), ('"', '"'), ("'", '''), (' ', ' '))`
			`return reduce(lambda x, y: x.replace(y[0], y[1]), _, value)`
fix for a google bug reported by Brandon E. 2010-10-01 12:03:39 +04:00
code review of modules in lib/core directory 2011-01-15 15:13:45 +03:00			`def htmlunescape(value):`
minor refactoring 2011-12-21 18:25:39 +04:00			`retVal = value`
			`if value and isinstance(value, basestring):`
some more refactoring 2011-12-21 23:40:42 +04:00			`_ = (('&', '&'), ('<', '<'), ('>', '>'), ('"', '"'), (' ', ' '))`
			`retVal = reduce(lambda x, y: x.replace(y[0], y[1]), _, retVal)`
			`retVal = re.sub('&#(\d+);', lambda x: unichr(int(x.group(1))), retVal)`
improved htmlunescape (great for localized html escape codes) 2011-04-15 01:36:13 +04:00			`return retVal`