sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-11-22 17:46:37 +03:00
Code Issues Packages Projects Releases Wiki Activity
8b14a9eaa7
sqlmap/lib/controller/controller.py

484 lines
19 KiB
Python
Raw Normal View History

After the storm, a restore..
2008-10-15 19:38:22 +04:00
#!/usr/bin/env python
"""
propsets..
2008-10-15 19:56:32 +04:00
$Id$
After the storm, a restore..
2008-10-15 19:38:22 +04:00
large commit with copyright header modifications
2010-10-14 18:41:14 +04:00
Copyright (c) 2006-2010 sqlmap developers (http://sqlmap.sourceforge.net/)
sorry, cosmetics
2010-10-15 03:18:29 +04:00
See the file 'doc/COPYING' for copying permission
After the storm, a restore..
2008-10-15 19:38:22 +04:00
"""
fix for that duplicates
2010-10-15 04:34:16 +04:00
import re
After the storm, a restore..
2008-10-15 19:38:22 +04:00
from lib.controller.action import action
from lib.controller.checks import checkSqlInjection
from lib.controller.checks import checkDynParam
from lib.controller.checks import checkStability
from lib.controller.checks import checkString
Minor adjustments and minor bug fixes. Documentation almost complete for sqlmap 0.6.3.
2008-12-12 22:06:31 +03:00
from lib.controller.checks import checkRegexp
After the storm, a restore..
2008-10-15 19:38:22 +04:00
from lib.controller.checks import checkConnection
added null connection check
2010-09-16 12:43:10 +04:00
from lib.controller.checks import checkNullConnection
added one new quick check for multiple target(s) mode
2011-01-03 11:32:06 +03:00
from lib.controller.checks import heuristicCheckSqlInjection
from lib.controller.checks import simpletonCheckSqlInjection
Rewrite from scratch the detection engine. Now it performs checks defined in payload.xml. User can specify its own. All (hopefully) functionalities should still be working. Added two switches, --level and --risk to specify which injection tests and boundaries to use. The main advantage now is that sqlmap is able to identify initially which injection types are present so for instance if boolean-based blind is not supported, but error-based is, sqlmap will keep going and work!
2010-11-28 21:10:54 +03:00
from lib.core.agent import agent
improvement for --forms with empty fields
2011-03-29 02:48:00 +04:00
from lib.core.common import extractRegexResult
cosmetics
2011-01-14 19:12:44 +03:00
from lib.core.common import getFilteredPageContent
more unicode refactoring
2010-06-02 16:45:40 +04:00
from lib.core.common import getUnicode
update regarding explicit testing of ua and referer when using -p
2011-02-14 00:58:48 +03:00
from lib.core.common import intersect
After the storm, a restore..
2008-10-15 19:38:22 +04:00
from lib.core.common import paramToDict
Minor bug fix
2010-03-05 18:25:53 +03:00
from lib.core.common import parseTargetUrl
improvement for --forms with empty fields
2011-03-29 02:48:00 +04:00
from lib.core.common import randomStr
After the storm, a restore..
2008-10-15 19:38:22 +04:00
from lib.core.common import readInput
added support for displaying HTTP error codes (particularly interesting ones are 403 and 406 which screw up data retrieval and DBMS fingerprinting badly)
2011-01-02 10:37:47 +03:00
from lib.core.common import showHttpErrorCodes
further update regarding last commit
2011-03-03 13:39:04 +03:00
from lib.core.convert import urlencode
from lib.core.convert import urldecode
After the storm, a restore..
2008-10-15 19:38:22 +04:00
from lib.core.data import conf
from lib.core.data import kb
from lib.core.data import logger
further enum refactoring
2010-11-08 12:44:32 +03:00
from lib.core.enums import HTTPMETHOD
Rewrite from scratch the detection engine. Now it performs checks defined in payload.xml. User can specify its own. All (hopefully) functionalities should still be working. Added two switches, --level and --risk to specify which injection tests and boundaries to use. The main advantage now is that sqlmap is able to identify initially which injection types are present so for instance if boolean-based blind is not supported, but error-based is, sqlmap will keep going and work!
2010-11-28 21:10:54 +03:00
from lib.core.enums import PAYLOAD
further enum refactoring
2010-11-08 12:44:32 +03:00
from lib.core.enums import PLACE
Fixes #177 - Don't exit at exception if in "multiple targets" mode (-l or -g)
2010-03-16 15:14:02 +03:00
from lib.core.exception import exceptionsTuple
After the storm, a restore..
2008-10-15 19:38:22 +04:00
from lib.core.exception import sqlmapNotVulnerableException
added some user interaction when page is dynamic
2010-10-12 19:49:04 +04:00
from lib.core.exception import sqlmapSilentQuitException
Rewrite from scratch the detection engine. Now it performs checks defined in payload.xml. User can specify its own. All (hopefully) functionalities should still be working. Added two switches, --level and --risk to specify which injection tests and boundaries to use. The main advantage now is that sqlmap is able to identify initially which injection types are present so for instance if boolean-based blind is not supported, but error-based is, sqlmap will keep going and work!
2010-11-28 21:10:54 +03:00
from lib.core.exception import sqlmapValueException
some update
2010-09-30 23:45:23 +04:00
from lib.core.exception import sqlmapUserQuitException
After the storm, a restore..
2008-10-15 19:38:22 +04:00
from lib.core.session import setInjection
improvement for --forms with empty fields
2011-03-29 02:48:00 +04:00
from lib.core.settings import EMPTY_FORM_FIELDS_REGEX
update regarding explicit testing of ua and referer when using -p
2011-02-14 00:58:48 +03:00
from lib.core.settings import REFERER_ALIASES
from lib.core.settings import USER_AGENT_ALIASES
minor cosmetic update
2010-03-15 14:55:13 +03:00
from lib.core.target import initTargetEnv
from lib.core.target import setupTargetEnv
removed some problematic user agents (google won't work with them) and added page rank next to tested item in multi target mode
2011-01-02 11:43:38 +03:00
from extra.pagerank.pagerank import get_pagerank
After the storm, a restore..
2008-10-15 19:38:22 +04:00
Rewrite from scratch the detection engine. Now it performs checks defined in payload.xml. User can specify its own. All (hopefully) functionalities should still be working. Added two switches, --level and --risk to specify which injection tests and boundaries to use. The main advantage now is that sqlmap is able to identify initially which injection types are present so for instance if boolean-based blind is not supported, but error-based is, sqlmap will keep going and work!
2010-11-28 21:10:54 +03:00
def __selectInjection():
After the storm, a restore..
2008-10-15 19:38:22 +04:00
"""
Selection function for injection place, parameters and type.
"""
Rewrite from scratch the detection engine. Now it performs checks defined in payload.xml. User can specify its own. All (hopefully) functionalities should still be working. Added two switches, --level and --risk to specify which injection tests and boundaries to use. The main advantage now is that sqlmap is able to identify initially which injection types are present so for instance if boolean-based blind is not supported, but error-based is, sqlmap will keep going and work!
2010-11-28 21:10:54 +03:00
points = []
After the storm, a restore..
2008-10-15 19:38:22 +04:00
Rewrite from scratch the detection engine. Now it performs checks defined in payload.xml. User can specify its own. All (hopefully) functionalities should still be working. Added two switches, --level and --risk to specify which injection tests and boundaries to use. The main advantage now is that sqlmap is able to identify initially which injection types are present so for instance if boolean-based blind is not supported, but error-based is, sqlmap will keep going and work!
2010-11-28 21:10:54 +03:00
for i in xrange(0, len(kb.injections)):
place = kb.injections[i].place
parameter = kb.injections[i].parameter
ptype = kb.injections[i].ptype
After the storm, a restore..
2008-10-15 19:38:22 +04:00
Rewrite from scratch the detection engine. Now it performs checks defined in payload.xml. User can specify its own. All (hopefully) functionalities should still be working. Added two switches, --level and --risk to specify which injection tests and boundaries to use. The main advantage now is that sqlmap is able to identify initially which injection types are present so for instance if boolean-based blind is not supported, but error-based is, sqlmap will keep going and work!
2010-11-28 21:10:54 +03:00
point = (place, parameter, ptype)
After the storm, a restore..
2008-10-15 19:38:22 +04:00
Rewrite from scratch the detection engine. Now it performs checks defined in payload.xml. User can specify its own. All (hopefully) functionalities should still be working. Added two switches, --level and --risk to specify which injection tests and boundaries to use. The main advantage now is that sqlmap is able to identify initially which injection types are present so for instance if boolean-based blind is not supported, but error-based is, sqlmap will keep going and work!
2010-11-28 21:10:54 +03:00
if point not in points:
points.append(point)
After the storm, a restore..
2008-10-15 19:38:22 +04:00
Rewrite from scratch the detection engine. Now it performs checks defined in payload.xml. User can specify its own. All (hopefully) functionalities should still be working. Added two switches, --level and --risk to specify which injection tests and boundaries to use. The main advantage now is that sqlmap is able to identify initially which injection types are present so for instance if boolean-based blind is not supported, but error-based is, sqlmap will keep going and work!
2010-11-28 21:10:54 +03:00
if len(points) == 1:
kb.injection = kb.injections[0]
cosmeticados
2010-11-30 17:48:13 +03:00
Rewrite from scratch the detection engine. Now it performs checks defined in payload.xml. User can specify its own. All (hopefully) functionalities should still be working. Added two switches, --level and --risk to specify which injection tests and boundaries to use. The main advantage now is that sqlmap is able to identify initially which injection types are present so for instance if boolean-based blind is not supported, but error-based is, sqlmap will keep going and work!
2010-11-28 21:10:54 +03:00
elif len(points) > 1:
message = "there were multiple injection points, please select "
message += "the one to use for following injections:\n"
After the storm, a restore..
2008-10-15 19:38:22 +04:00
Rewrite from scratch the detection engine. Now it performs checks defined in payload.xml. User can specify its own. All (hopefully) functionalities should still be working. Added two switches, --level and --risk to specify which injection tests and boundaries to use. The main advantage now is that sqlmap is able to identify initially which injection types are present so for instance if boolean-based blind is not supported, but error-based is, sqlmap will keep going and work!
2010-11-28 21:10:54 +03:00
points = []
After the storm, a restore..
2008-10-15 19:38:22 +04:00
Rewrite from scratch the detection engine. Now it performs checks defined in payload.xml. User can specify its own. All (hopefully) functionalities should still be working. Added two switches, --level and --risk to specify which injection tests and boundaries to use. The main advantage now is that sqlmap is able to identify initially which injection types are present so for instance if boolean-based blind is not supported, but error-based is, sqlmap will keep going and work!
2010-11-28 21:10:54 +03:00
for i in xrange(0, len(kb.injections)):
place = kb.injections[i].place
parameter = kb.injections[i].parameter
ptype = kb.injections[i].ptype
point = (place, parameter, ptype)
After the storm, a restore..
2008-10-15 19:38:22 +04:00
Rewrite from scratch the detection engine. Now it performs checks defined in payload.xml. User can specify its own. All (hopefully) functionalities should still be working. Added two switches, --level and --risk to specify which injection tests and boundaries to use. The main advantage now is that sqlmap is able to identify initially which injection types are present so for instance if boolean-based blind is not supported, but error-based is, sqlmap will keep going and work!
2010-11-28 21:10:54 +03:00
if point not in points:
points.append(point)
Proper saving and resuming when more than a parameter are injectable. Minor bug fix to --stacked-test Minor code refactoring.
2010-11-29 04:04:42 +03:00
ptype = PAYLOAD.PARAMETER[ptype] if isinstance(ptype, int) else ptype
After the storm, a restore..
2008-10-15 19:38:22 +04:00
Rewrite from scratch the detection engine. Now it performs checks defined in payload.xml. User can specify its own. All (hopefully) functionalities should still be working. Added two switches, --level and --risk to specify which injection tests and boundaries to use. The main advantage now is that sqlmap is able to identify initially which injection types are present so for instance if boolean-based blind is not supported, but error-based is, sqlmap will keep going and work!
2010-11-28 21:10:54 +03:00
message += "[%d] place: %s, parameter: " % (i, place)
Proper saving and resuming when more than a parameter are injectable. Minor bug fix to --stacked-test Minor code refactoring.
2010-11-29 04:04:42 +03:00
message += "%s, type: %s" % (parameter, ptype)
After the storm, a restore..
2008-10-15 19:38:22 +04:00
Rewrite from scratch the detection engine. Now it performs checks defined in payload.xml. User can specify its own. All (hopefully) functionalities should still be working. Added two switches, --level and --risk to specify which injection tests and boundaries to use. The main advantage now is that sqlmap is able to identify initially which injection types are present so for instance if boolean-based blind is not supported, but error-based is, sqlmap will keep going and work!
2010-11-28 21:10:54 +03:00
if i == 0:
message += " (default)"
After the storm, a restore..
2008-10-15 19:38:22 +04:00
Rewrite from scratch the detection engine. Now it performs checks defined in payload.xml. User can specify its own. All (hopefully) functionalities should still be working. Added two switches, --level and --risk to specify which injection tests and boundaries to use. The main advantage now is that sqlmap is able to identify initially which injection types are present so for instance if boolean-based blind is not supported, but error-based is, sqlmap will keep going and work!
2010-11-28 21:10:54 +03:00
message += "\n"
message += "[q] Quit"
select = readInput(message, default="0")
if select.isdigit() and int(select) < len(kb.injections) and int(select) >= 0:
index = int(select)
elif select[0] in ( "Q", "q" ):
raise sqlmapUserQuitException
else:
errMsg = "invalid choice"
Minor fix
2010-11-29 02:33:51 +03:00
raise sqlmapValueException, errMsg
Rewrite from scratch the detection engine. Now it performs checks defined in payload.xml. User can specify its own. All (hopefully) functionalities should still be working. Added two switches, --level and --risk to specify which injection tests and boundaries to use. The main advantage now is that sqlmap is able to identify initially which injection types are present so for instance if boolean-based blind is not supported, but error-based is, sqlmap will keep going and work!
2010-11-28 21:10:54 +03:00
kb.injection = kb.injections[index]
def __formatInjection(inj):
Prioritize DBMS fingerprint based on DBMS (<dbms>) identified during the detection phase. Minor bug fix to properly handle the case that no injections are found. Nicer display of injection vulnerabilities detected. Minor code refactoring.
2010-11-29 00:27:47 +03:00
data = "Place: %s\n" % inj.place
data += "Parameter: %s\n" % inj.parameter
Rewrite from scratch the detection engine. Now it performs checks defined in payload.xml. User can specify its own. All (hopefully) functionalities should still be working. Added two switches, --level and --risk to specify which injection tests and boundaries to use. The main advantage now is that sqlmap is able to identify initially which injection types are present so for instance if boolean-based blind is not supported, but error-based is, sqlmap will keep going and work!
2010-11-28 21:10:54 +03:00
for stype, sdata in inj.data.items():
Minor layout adjustment
2010-12-03 19:11:35 +03:00
data += " Type: %s\n" % PAYLOAD.SQLINJECTION[stype]
Added tag <epayload> to the payloads.xml's <test> tag to define which payload to use when exploiting the test type. Removed some useless tests. Moved <error> from queries.xml to payloads.xml as it makes more sense. Beeps at sql inj found only if --beep is provided. Minor fix in order to be able to pickle advancedDict() objects. Minor code refactoring. Removed useless folders.
2010-12-01 20:09:52 +03:00
data += " Title: %s\n" % sdata.title
data += " Payload: %s\n\n" % sdata.payload
Rewrite from scratch the detection engine. Now it performs checks defined in payload.xml. User can specify its own. All (hopefully) functionalities should still be working. Added two switches, --level and --risk to specify which injection tests and boundaries to use. The main advantage now is that sqlmap is able to identify initially which injection types are present so for instance if boolean-based blind is not supported, but error-based is, sqlmap will keep going and work!
2010-11-28 21:10:54 +03:00
Prioritize DBMS fingerprint based on DBMS (<dbms>) identified during the detection phase. Minor bug fix to properly handle the case that no injections are found. Nicer display of injection vulnerabilities detected. Minor code refactoring.
2010-11-29 00:27:47 +03:00
return data
Rewrite from scratch the detection engine. Now it performs checks defined in payload.xml. User can specify its own. All (hopefully) functionalities should still be working. Added two switches, --level and --risk to specify which injection tests and boundaries to use. The main advantage now is that sqlmap is able to identify initially which injection types are present so for instance if boolean-based blind is not supported, but error-based is, sqlmap will keep going and work!
2010-11-28 21:10:54 +03:00
def __showInjections():
First big commit to move UNION query tests to detection phase - there are some improvements and tuning to do yet though. Major refactoring to Agent.payload() method. Minor bug fixes, some code refactoring and a lot of core adjustments here and there. Added more checks for injection in GROUP BY and ORDER BY.
2011-01-12 01:18:47 +03:00
header = "sqlmap identified the following injection points with "
header += "a total of %d HTTP(s) requests" % kb.testQueryCount
Prioritize DBMS fingerprint based on DBMS (<dbms>) identified during the detection phase. Minor bug fix to properly handle the case that no injections are found. Nicer display of injection vulnerabilities detected. Minor code refactoring.
2010-11-29 00:27:47 +03:00
data = ""
Rewrite from scratch the detection engine. Now it performs checks defined in payload.xml. User can specify its own. All (hopefully) functionalities should still be working. Added two switches, --level and --risk to specify which injection tests and boundaries to use. The main advantage now is that sqlmap is able to identify initially which injection types are present so for instance if boolean-based blind is not supported, but error-based is, sqlmap will keep going and work!
2010-11-28 21:10:54 +03:00
for inj in kb.injections:
Prioritize DBMS fingerprint based on DBMS (<dbms>) identified during the detection phase. Minor bug fix to properly handle the case that no injections are found. Nicer display of injection vulnerabilities detected. Minor code refactoring.
2010-11-29 00:27:47 +03:00
data += __formatInjection(inj)
cosmeticados
2010-11-30 17:48:13 +03:00
data = data.rstrip("\n")
fix for a bug reported by ragos@joker.ms (AttributeError: 'NoneType' object has no attribute 'write')
2011-01-01 15:23:02 +03:00
conf.dumper.technic(header, data)
After the storm, a restore..
2008-10-15 19:38:22 +04:00
Got rid of unreliable 'ORDER BY' technique to detect UNION query SQL injection, consequently switch --union-tech has gone now. Minor code refactoring too.
2010-11-29 20:18:38 +03:00
def __saveToSessionFile():
for inj in kb.injections:
Now, if the back-end dbms type has been identified by the detection engine, skips the fingerprint phase. Major code refactoring and commenting to detection engine. Ask user whether or not to proceed to test remaining parameters after an injection point has been identified. Restore beep at SQL injection find. Avoid reuse of same variable in DBMS handler code. Minor adjustment of payloads XML file.
2010-12-01 01:40:25 +03:00
if inj.place is None or inj.parameter is None:
continue
Got rid of unreliable 'ORDER BY' technique to detect UNION query SQL injection, consequently switch --union-tech has gone now. Minor code refactoring too.
2010-11-29 20:18:38 +03:00
setInjection(inj)
After the storm, a restore..
2008-10-15 19:38:22 +04:00
def start():
"""
This function calls a function that performs checks on both URL
stability and all GET, POST, Cookie and User-Agent parameters to
check if they are dynamic and SQL injection affected
"""
Fixes #177 - Don't exit at exception if in "multiple targets" mode (-l or -g)
2010-03-16 15:14:02 +03:00
if not conf.start:
update
2010-09-26 18:56:55 +04:00
return False
Fixes #177 - Don't exit at exception if in "multiple targets" mode (-l or -g)
2010-03-16 15:14:02 +03:00
Major enhancement to directly connect to the dbms without passing via a sql injection: adapted code accordingly - see #158. This feature relies on python third-party libraries to be able to connect to the database. For the moment it has been implemented for MySQL (with python-mysqldb module) and PostgreSQL (with python-psycopg2 module). Minor layout adjustments.
2010-03-27 02:23:25 +03:00
if conf.direct:
initTargetEnv()
setupTargetEnv()
action()
update
2010-09-26 18:56:55 +04:00
return True
Major enhancement to directly connect to the dbms without passing via a sql injection: adapted code accordingly - see #158. This feature relies on python third-party libraries to be able to connect to the database. For the moment it has been implemented for MySQL (with python-mysqldb module) and PostgreSQL (with python-psycopg2 module). Minor layout adjustments.
2010-03-27 02:23:25 +03:00
update (--forms acts now more like -g switch)
2010-11-15 14:34:57 +03:00
if conf.url and not conf.forms:
kb.targetUrls.add(( conf.url, conf.method, conf.data, conf.cookie ))
After the storm, a restore..
2008-10-15 19:38:22 +04:00
if conf.configFile and not kb.targetUrls:
errMsg = "you did not edit the configuration file properly, set "
Adapted the code to support a list of targets from a text file (Burp log file) or from a directory (WebScarab conversations folder) with command line option -l.
2008-11-20 20:56:09 +03:00
errMsg += "the target url, list of targets or google dork"
After the storm, a restore..
2008-10-15 19:38:22 +04:00
logger.error(errMsg)
update
2010-09-26 18:56:55 +04:00
return False
After the storm, a restore..
2008-10-15 19:38:22 +04:00
Completed support to get the list of targets from WebScarab/Burp proxies log file and updated the documentation
2008-11-28 01:33:33 +03:00
if kb.targetUrls and len(kb.targetUrls) > 1:
infoMsg = "sqlmap got a total of %d targets" % len(kb.targetUrls)
logger.info(infoMsg)
Major enhancement to directly connect to the dbms without passing via a sql injection: adapted code accordingly - see #158. This feature relies on python third-party libraries to be able to connect to the database. For the moment it has been implemented for MySQL (with python-mysqldb module) and PostgreSQL (with python-psycopg2 module). Minor layout adjustments.
2010-03-27 02:23:25 +03:00
hostCount = 0
cookieStr = ""
setCookieAsInjectable = True
After the storm, a restore..
2008-10-15 19:38:22 +04:00
Completed support to get the list of targets from WebScarab/Burp proxies log file and updated the documentation
2008-11-28 01:33:33 +03:00
for targetUrl, targetMethod, targetData, targetCookie in kb.targetUrls:
Fixes #177 - Don't exit at exception if in "multiple targets" mode (-l or -g)
2010-03-16 15:14:02 +03:00
try:
conf.url = targetUrl
conf.method = targetMethod
conf.data = targetData
conf.cookie = targetCookie
fix for skipping non-GET urls
2010-10-15 13:54:29 +04:00
fix for that duplicates
2010-10-15 04:34:16 +04:00
initTargetEnv()
parseTargetUrl()
fix for skipping non-GET urls
2010-10-15 13:54:29 +04:00
fix for that duplicates
2010-10-15 04:34:16 +04:00
testSqlInj = False
further enum refactoring
2010-11-08 12:44:32 +03:00
if PLACE.GET in conf.parameters:
for parameter in re.findall(r"([^=]+)=[^&]+&?", conf.parameters[PLACE.GET]):
paramKey = (conf.hostname, conf.path, PLACE.GET, parameter)
fix for that duplicates
2010-10-15 04:34:16 +04:00
if paramKey not in kb.testedParams:
testSqlInj = True
break
fix for skipping non-GET urls
2010-10-15 13:54:29 +04:00
else:
paramKey = (conf.hostname, conf.path, None, None)
if paramKey not in kb.testedParams:
testSqlInj = True
bug fix of re-introduced bug (in multiple target mode sites with similar URI weren't skipped)
2010-12-23 14:28:13 +03:00
testSqlInj &= (conf.hostname, conf.path, None, None) not in kb.testedParams
Code refactoring and cosmetics
2011-01-07 18:41:09 +03:00
fix for that duplicates
2010-10-15 04:34:16 +04:00
if not testSqlInj:
infoMsg = "skipping '%s'" % targetUrl
logger.info(infoMsg)
continue
Fixes #177 - Don't exit at exception if in "multiple targets" mode (-l or -g)
2010-03-16 15:14:02 +03:00
if conf.multipleTargets:
hostCount += 1
cosmetics regarding --forms
2010-11-15 14:50:33 +03:00
if conf.forms:
Minor bug fix for --forms
2010-11-29 15:46:18 +03:00
message = "[#%d] form:\n%s %s" % (hostCount, conf.method or HTTPMETHOD.GET, targetUrl)
cosmetics regarding --forms
2010-11-15 14:50:33 +03:00
else:
implementing a --page-rank switch as requested by l0rda@l0rda.biz
2011-03-23 14:57:57 +03:00
message = "url %d:\n%s %s%s" % (hostCount, conf.method or HTTPMETHOD.GET, targetUrl, " (PageRank: %s)" % get_pagerank(targetUrl) if conf.googleDork and conf.pageRank else "")
Completed support to get the list of targets from WebScarab/Burp proxies log file and updated the documentation
2008-11-28 01:33:33 +03:00
Fixes #177 - Don't exit at exception if in "multiple targets" mode (-l or -g)
2010-03-16 15:14:02 +03:00
if conf.cookie:
message += "\nCookie: %s" % conf.cookie
Completed support to get the list of targets from WebScarab/Burp proxies log file and updated the documentation
2008-11-28 01:33:33 +03:00
Fixes #177 - Don't exit at exception if in "multiple targets" mode (-l or -g)
2010-03-16 15:14:02 +03:00
if conf.data:
further update regarding last commit
2011-03-03 13:39:04 +03:00
message += "\nPOST data: %s" % urlencode(conf.data) if conf.data else ""
update (--forms acts now more like -g switch)
2010-11-15 14:34:57 +03:00
if conf.forms:
if conf.method == HTTPMETHOD.GET and targetUrl.find("?") == -1:
continue
message += "\ndo you want to test this form? [Y/n/q] "
test = readInput(message, default="Y")
if not test or test[0] in ("y", "Y"):
if conf.method == HTTPMETHOD.POST:
minor update related to the last commit
2011-04-02 02:19:42 +04:00
message = "Edit POST data [default: %s]%s: " % (urlencode(conf.data) if conf.data else "None", " (Warning: blank fields detected)" if conf.data and extractRegexResult(EMPTY_FORM_FIELDS_REGEX, conf.data) else "")
improvement for --forms with empty fields
2011-03-29 02:48:00 +04:00
conf.data = readInput(message, default=conf.data)
if extractRegexResult(EMPTY_FORM_FIELDS_REGEX, conf.data):
message = "do you want to fill blank fields with random values? [Y/n] "
test = readInput(message, default="Y")
if not test or test[0] in ("y", "Y"):
while extractRegexResult(EMPTY_FORM_FIELDS_REGEX, conf.data):
item = extractRegexResult(EMPTY_FORM_FIELDS_REGEX, conf.data)
if item[-1] == '&':
conf.data = conf.data.replace(item, "%s%s&" % (item[:-1], randomStr()))
else:
conf.data = conf.data.replace(item, "%s%s" % (item, randomStr()))
conf.data = urldecode(conf.data)
update (--forms acts now more like -g switch)
2010-11-15 14:34:57 +03:00
elif conf.method == HTTPMETHOD.GET:
if conf.url.find("?") > -1:
firstPart = conf.url[:conf.url.find("?")]
secondPart = conf.url[conf.url.find("?")+1:]
message = "Edit GET data [default: %s]: " % secondPart
test = readInput(message, default=secondPart)
conf.url = "%s?%s" % (firstPart, test)
elif test[0] in ("n", "N"):
continue
elif test[0] in ("q", "Q"):
break
After the storm, a restore..
2008-10-15 19:38:22 +04:00
update
2010-12-23 17:06:22 +03:00
elif conf.realTest:
more minor updates
2010-12-20 13:48:53 +03:00
logger.info(message)
else:
update (--forms acts now more like -g switch)
2010-11-15 14:34:57 +03:00
message += "\ndo you want to test this url? [Y/n/q]"
test = readInput(message, default="Y")
Completed support to get the list of targets from WebScarab/Burp proxies log file and updated the documentation
2008-11-28 01:33:33 +03:00
update (--forms acts now more like -g switch)
2010-11-15 14:34:57 +03:00
if not test or test[0] in ("y", "Y"):
pass
elif test[0] in ("n", "N"):
continue
elif test[0] in ("q", "Q"):
break
After the storm, a restore..
2008-10-15 19:38:22 +04:00
update (--forms acts now more like -g switch)
2010-11-15 14:34:57 +03:00
logMsg = "testing url %s" % targetUrl
logger.info(logMsg)
Fixes #172 - also cookies are parsed from burp/webscarab logs (-l) and request file (-r) now
2010-03-16 18:21:42 +03:00
Fixes #177 - Don't exit at exception if in "multiple targets" mode (-l or -g)
2010-03-16 15:14:02 +03:00
setupTargetEnv()
added response time kb attribute
2010-12-03 16:19:34 +03:00
if not checkConnection(suppressOutput=conf.forms) or not checkString() or not checkRegexp():
After the storm, a restore..
2008-10-15 19:38:22 +04:00
continue
Split character for tamper scripts (--tamper option) is now comma, not semi-colon. Minor enhancement
2010-10-17 01:52:16 +04:00
if conf.nullConnection:
added --null-connection as an experimental option
2010-09-16 14:01:33 +04:00
checkNullConnection()
added null connection check
2010-09-16 12:43:10 +04:00
changes regarding Feature #160
2010-09-26 18:02:13 +04:00
if not conf.dropSetCookie and conf.cj:
Fixes #177 - Don't exit at exception if in "multiple targets" mode (-l or -g)
2010-03-16 15:14:02 +03:00
for _, cookie in enumerate(conf.cj):
more unicode refactoring
2010-06-02 16:45:40 +04:00
cookie = getUnicode(cookie)
Fixes #177 - Don't exit at exception if in "multiple targets" mode (-l or -g)
2010-03-16 15:14:02 +03:00
index = cookie.index(" for ")
Fixes #172 - also cookies are parsed from burp/webscarab logs (-l) and request file (-r) now
2010-03-16 18:21:42 +03:00
Fixes #177 - Don't exit at exception if in "multiple targets" mode (-l or -g)
2010-03-16 15:14:02 +03:00
cookieStr += "%s;" % cookie[8:index]
After the storm, a restore..
2008-10-15 19:38:22 +04:00
Fixes #177 - Don't exit at exception if in "multiple targets" mode (-l or -g)
2010-03-16 15:14:02 +03:00
if cookieStr:
cookieStr = cookieStr[:-1]
Fixes #172 - also cookies are parsed from burp/webscarab logs (-l) and request file (-r) now
2010-03-16 18:21:42 +03:00
further enum refactoring
2010-11-08 12:44:32 +03:00
if PLACE.COOKIE in conf.parameters:
Fixes #177 - Don't exit at exception if in "multiple targets" mode (-l or -g)
2010-03-16 15:14:02 +03:00
message = "you provided an HTTP Cookie header value. "
message += "The target url provided its own Cookie within "
message += "the HTTP Set-Cookie header. Do you want to "
message += "continue using the HTTP Cookie values that "
message += "you provided? [Y/n] "
test = readInput(message, default="Y")
Fixes #172 - also cookies are parsed from burp/webscarab logs (-l) and request file (-r) now
2010-03-16 18:21:42 +03:00
Fixes #177 - Don't exit at exception if in "multiple targets" mode (-l or -g)
2010-03-16 15:14:02 +03:00
if not test or test[0] in ("y", "Y"):
setCookieAsInjectable = False
Fixes #172 - also cookies are parsed from burp/webscarab logs (-l) and request file (-r) now
2010-03-16 18:21:42 +03:00
Fixes #177 - Don't exit at exception if in "multiple targets" mode (-l or -g)
2010-03-16 15:14:02 +03:00
if setCookieAsInjectable:
revert of some HTTP headers handling
2010-11-08 16:26:45 +03:00
conf.httpHeaders.append(("Cookie", cookieStr))
further enum refactoring
2010-11-08 12:44:32 +03:00
conf.parameters[PLACE.COOKIE] = cookieStr
__paramDict = paramToDict(PLACE.COOKIE, cookieStr)
Fixes #172 - also cookies are parsed from burp/webscarab logs (-l) and request file (-r) now
2010-03-16 18:21:42 +03:00
Fixes #177 - Don't exit at exception if in "multiple targets" mode (-l or -g)
2010-03-16 15:14:02 +03:00
if __paramDict:
further enum refactoring
2010-11-08 12:44:32 +03:00
conf.paramDict[PLACE.COOKIE] = __paramDict
Code cleanup
2010-03-21 03:39:44 +03:00
# TODO: consider the following line in __setRequestParams()
code review part 3
2011-01-15 16:15:10 +03:00
# __testableParameters = True
After the storm, a restore..
2008-10-15 19:38:22 +04:00
Added tag <epayload> to the payloads.xml's <test> tag to define which payload to use when exploiting the test type. Removed some useless tests. Moved <error> from queries.xml to payloads.xml as it makes more sense. Beeps at sql inj found only if --beep is provided. Minor fix in order to be able to pickle advancedDict() objects. Minor code refactoring. Removed useless folders.
2010-12-01 20:09:52 +03:00
if (len(kb.injections) == 0 or (len(kb.injections) == 1 and kb.injections[0].place is None)) \
and (kb.injection.place is None or kb.injection.parameter is None):
removing obsolete switches (--threshold, --excl-reg, --excl-str)
2011-02-03 18:55:19 +03:00
if not conf.string and not conf.regexp:
Fixes #177 - Don't exit at exception if in "multiple targets" mode (-l or -g)
2010-03-16 15:14:02 +03:00
# NOTE: this is not needed anymore, leaving only to display
# a warning message to the user in case the page is not stable
checkStability()
Updated to sqlmap 0.7 release candidate 1
2009-04-22 15:48:07 +04:00
minor optimization
2010-11-08 02:37:15 +03:00
# Do a little prioritization reorder of a testable parameter list
parameters = conf.parameters.keys()
More replacements for refactoring. Minor layout adjustments. Alignment of conffile/optiondict/cmdline parameters.
2010-11-08 15:36:48 +03:00
minor update regarding testing of GET parameters if --data and/or --forms is used
2011-03-28 20:14:08 +04:00
# Order of testing list (last to first)
fix for a bug reported by m4l1c3 (object of type 'NoneType' has no len()) and minor update
2011-03-29 10:25:17 +04:00
orderList = (PLACE.URI, PLACE.GET, PLACE.POST)
minor update regarding testing of GET parameters if --data and/or --forms is used
2011-03-28 20:14:08 +04:00
for place in orderList:
minor optimization
2010-11-08 02:37:15 +03:00
if place in parameters:
parameters.remove(place)
parameters.insert(0, place)
Now, if the back-end dbms type has been identified by the detection engine, skips the fingerprint phase. Major code refactoring and commenting to detection engine. Ask user whether or not to proceed to test remaining parameters after an injection point has been identified. Restore beep at SQL injection find. Avoid reuse of same variable in DBMS handler code. Minor adjustment of payloads XML file.
2010-12-01 01:40:25 +03:00
proceed = True
minor optimization
2010-11-08 02:37:15 +03:00
for place in parameters:
Minor adjustment so that User-Agent and Referer headers are tests only when --level >= 3 and Cookie is tested only when --level >= 2
2011-02-14 00:08:42 +03:00
# Test User-Agent and Referer headers only if
# --level >= 3
minor cosmetics and one minor fix (|= is a nono with None)
2011-03-29 10:38:19 +04:00
skip = (place == PLACE.UA and conf.level < 3)
skip |= (place == PLACE.REFERER and conf.level < 3)
Minor adjustment so that User-Agent and Referer headers are tests only when --level >= 3 and Cookie is tested only when --level >= 2
2011-02-14 00:08:42 +03:00
# Test Cookie header only if --level >= 2
minor cosmetics and one minor fix (|= is a nono with None)
2011-03-29 10:38:19 +04:00
skip |= (place == PLACE.COOKIE and conf.level < 2)
Apply --level also to User-Agent (level >= 4) and Cookie (level >= 3). GET and POST parameters are always tested.
2010-11-29 19:33:20 +03:00
minor cosmetics and one minor fix (|= is a nono with None)
2011-03-29 10:38:19 +04:00
skip &= not (place == PLACE.UA and intersect(USER_AGENT_ALIASES, conf.testParameter))
skip &= not (place == PLACE.REFERER and intersect(REFERER_ALIASES, conf.testParameter))
update regarding explicit testing of ua and referer when using -p
2011-02-14 00:58:48 +03:00
minor cosmetics and one minor fix (|= is a nono with None)
2011-03-29 10:38:19 +04:00
if skip:
Apply --level also to User-Agent (level >= 4) and Cookie (level >= 3). GET and POST parameters are always tested.
2010-11-29 19:33:20 +03:00
continue
Fixes #177 - Don't exit at exception if in "multiple targets" mode (-l or -g)
2010-03-16 15:14:02 +03:00
if not conf.paramDict.has_key(place):
continue
Updated to sqlmap 0.7 release candidate 1
2009-04-22 15:48:07 +04:00
Fixes #177 - Don't exit at exception if in "multiple targets" mode (-l or -g)
2010-03-16 15:14:02 +03:00
paramDict = conf.paramDict[place]
for parameter, value in paramDict.items():
bug fix for Ctrl+C
2010-12-31 18:00:19 +03:00
if not proceed:
break
Fixes #177 - Don't exit at exception if in "multiple targets" mode (-l or -g)
2010-03-16 15:14:02 +03:00
testSqlInj = True
Rewrite from scratch the detection engine. Now it performs checks defined in payload.xml. User can specify its own. All (hopefully) functionalities should still be working. Added two switches, --level and --risk to specify which injection tests and boundaries to use. The main advantage now is that sqlmap is able to identify initially which injection types are present so for instance if boolean-based blind is not supported, but error-based is, sqlmap will keep going and work!
2010-11-28 21:10:54 +03:00
fix for that duplicates
2010-10-15 04:34:16 +04:00
paramKey = (conf.hostname, conf.path, place, parameter)
Fixes #177 - Don't exit at exception if in "multiple targets" mode (-l or -g)
2010-03-16 15:14:02 +03:00
fix for Feature #187 (Skip duplicates parameters in -g)
2010-07-30 00:01:04 +04:00
if paramKey in kb.testedParams:
testSqlInj = False
fix for that duplicates
2010-10-15 04:34:16 +04:00
infoMsg = "skipping previously processed %s parameter '%s'" % (place, parameter)
logger.info(infoMsg)
Fixes #177 - Don't exit at exception if in "multiple targets" mode (-l or -g)
2010-03-16 15:14:02 +03:00
# Avoid dinamicity test if the user provided the
# parameter manually
minor update
2011-01-02 01:43:15 +03:00
elif parameter in conf.testParameter or conf.realTest:
Fixes #177 - Don't exit at exception if in "multiple targets" mode (-l or -g)
2010-03-16 15:14:02 +03:00
pass
fix for that duplicates
2010-10-15 04:34:16 +04:00
Fixes #177 - Don't exit at exception if in "multiple targets" mode (-l or -g)
2010-03-16 15:14:02 +03:00
elif not checkDynParam(place, parameter, value):
warnMsg = "%s parameter '%s' is not dynamic" % (place, parameter)
logger.warn(warnMsg)
fix for that duplicates
2010-10-15 04:34:16 +04:00
Fixes #177 - Don't exit at exception if in "multiple targets" mode (-l or -g)
2010-03-16 15:14:02 +03:00
else:
logMsg = "%s parameter '%s' is dynamic" % (place, parameter)
After the storm, a restore..
2008-10-15 19:38:22 +04:00
logger.info(logMsg)
fix for Feature #187 (Skip duplicates parameters in -g)
2010-07-30 00:01:04 +04:00
kb.testedParams.add(paramKey)
Fixes #177 - Don't exit at exception if in "multiple targets" mode (-l or -g)
2010-03-16 15:14:02 +03:00
if testSqlInj:
code review part 3
2011-01-15 16:15:10 +03:00
check = heuristicCheckSqlInjection(place, parameter)
added one new quick check for multiple target(s) mode
2011-01-03 11:32:06 +03:00
if not check and conf.realTest and\
not simpletonCheckSqlInjection(place, parameter, value):
kids, don't use this at home
2010-12-20 13:13:14 +03:00
continue
fix for that duplicates
2010-10-15 04:34:16 +04:00
First big commit to move UNION query tests to detection phase - there are some improvements and tuning to do yet though. Major refactoring to Agent.payload() method. Minor bug fixes, some code refactoring and a lot of core adjustments here and there. Added more checks for injection in GROUP BY and ORDER BY.
2011-01-12 01:18:47 +03:00
logMsg = "testing sql injection on %s " % place
Rewrite from scratch the detection engine. Now it performs checks defined in payload.xml. User can specify its own. All (hopefully) functionalities should still be working. Added two switches, --level and --risk to specify which injection tests and boundaries to use. The main advantage now is that sqlmap is able to identify initially which injection types are present so for instance if boolean-based blind is not supported, but error-based is, sqlmap will keep going and work!
2010-11-28 21:10:54 +03:00
logMsg += "parameter '%s'" % parameter
logger.info(logMsg)
fix for that duplicates
2010-10-15 04:34:16 +04:00
Rewrite from scratch the detection engine. Now it performs checks defined in payload.xml. User can specify its own. All (hopefully) functionalities should still be working. Added two switches, --level and --risk to specify which injection tests and boundaries to use. The main advantage now is that sqlmap is able to identify initially which injection types are present so for instance if boolean-based blind is not supported, but error-based is, sqlmap will keep going and work!
2010-11-28 21:10:54 +03:00
injection = checkSqlInjection(place, parameter, value)
minor fix for end phase (Ctrl+C)
2010-12-22 02:55:55 +03:00
proceed = not kb.endDetection
Now, if the back-end dbms type has been identified by the detection engine, skips the fingerprint phase. Major code refactoring and commenting to detection engine. Ask user whether or not to proceed to test remaining parameters after an injection point has been identified. Restore beep at SQL injection find. Avoid reuse of same variable in DBMS handler code. Minor adjustment of payloads XML file.
2010-12-01 01:40:25 +03:00
if injection is not None and injection.place is not None:
Rewrite from scratch the detection engine. Now it performs checks defined in payload.xml. User can specify its own. All (hopefully) functionalities should still be working. Added two switches, --level and --risk to specify which injection tests and boundaries to use. The main advantage now is that sqlmap is able to identify initially which injection types are present so for instance if boolean-based blind is not supported, but error-based is, sqlmap will keep going and work!
2010-11-28 21:10:54 +03:00
kb.injections.append(injection)
Now, if the back-end dbms type has been identified by the detection engine, skips the fingerprint phase. Major code refactoring and commenting to detection engine. Ask user whether or not to proceed to test remaining parameters after an injection point has been identified. Restore beep at SQL injection find. Avoid reuse of same variable in DBMS handler code. Minor adjustment of payloads XML file.
2010-12-01 01:40:25 +03:00
Minor fix for ctrl+c during detection phase
2010-12-22 16:15:44 +03:00
# In case when user wants to end detection phase (Ctrl+C)
if not proceed:
break
Now, if the back-end dbms type has been identified by the detection engine, skips the fingerprint phase. Major code refactoring and commenting to detection engine. Ask user whether or not to proceed to test remaining parameters after an injection point has been identified. Restore beep at SQL injection find. Avoid reuse of same variable in DBMS handler code. Minor adjustment of payloads XML file.
2010-12-01 01:40:25 +03:00
msg = "%s parameter '%s' " % (injection.place, injection.parameter)
msg += "is vulnerable. Do you want to keep testing the others? [y/N] "
test = readInput(msg, default="N")
if test[0] in ("n", "N"):
proceed = False
bug fix of re-introduced bug (in multiple target mode sites with similar URI weren't skipped)
2010-12-23 14:28:13 +03:00
paramKey = (conf.hostname, conf.path, None, None)
kb.testedParams.add(paramKey)
Rewrite from scratch the detection engine. Now it performs checks defined in payload.xml. User can specify its own. All (hopefully) functionalities should still be working. Added two switches, --level and --risk to specify which injection tests and boundaries to use. The main advantage now is that sqlmap is able to identify initially which injection types are present so for instance if boolean-based blind is not supported, but error-based is, sqlmap will keep going and work!
2010-11-28 21:10:54 +03:00
else:
First big commit to move UNION query tests to detection phase - there are some improvements and tuning to do yet though. Major refactoring to Agent.payload() method. Minor bug fixes, some code refactoring and a lot of core adjustments here and there. Added more checks for injection in GROUP BY and ORDER BY.
2011-01-12 01:18:47 +03:00
warnMsg = "%s parameter '%s' is not " % (place, parameter)
Fixes #177 - Don't exit at exception if in "multiple targets" mode (-l or -g)
2010-03-16 15:14:02 +03:00
warnMsg += "injectable"
logger.warn(warnMsg)
Updated work on multiple targets support (works for WebScarab conversations/ folder, still to work out for Burp log file). Major bug fix in the controller library.
2008-11-22 04:57:22 +03:00
Now, if the back-end dbms type has been identified by the detection engine, skips the fingerprint phase. Major code refactoring and commenting to detection engine. Ask user whether or not to proceed to test remaining parameters after an injection point has been identified. Restore beep at SQL injection find. Avoid reuse of same variable in DBMS handler code. Minor adjustment of payloads XML file.
2010-12-01 01:40:25 +03:00
if len(kb.injections) == 0 or (len(kb.injections) == 1 and kb.injections[0].place is None):
update
2010-12-23 17:06:22 +03:00
if not conf.realTest:
minor adjustments
2010-12-21 03:25:03 +03:00
errMsg = "all parameters are not injectable, try "
cosmetics
2011-01-14 19:12:44 +03:00
errMsg += "a higher --level/--risk to use more tests"
More code cleanup
2011-01-16 02:11:36 +03:00
cosmetics
2011-01-14 19:12:44 +03:00
if not conf.textOnly and kb.originalPage:
minor fix
2011-01-16 21:11:35 +03:00
percent = (100.0 * len(getFilteredPageContent(kb.originalPage)) / len(kb.originalPage))
cosmetics
2011-01-14 19:12:44 +03:00
errMsg += " and/or --text-only switch if the target page "
errMsg += "has a low percentage of textual content "
minor fix
2011-01-16 21:11:35 +03:00
errMsg += "(approximately %.2f%% of page content is text)" % percent
More code cleanup
2011-01-16 02:11:36 +03:00
minor adjustments
2010-12-21 03:25:03 +03:00
raise sqlmapNotVulnerableException, errMsg
else:
errMsg = "it seems that all parameters are not injectable"
cosmetics
2011-01-14 19:12:44 +03:00
raise sqlmapNotVulnerableException, errMsg
Rewrite from scratch the detection engine. Now it performs checks defined in payload.xml. User can specify its own. All (hopefully) functionalities should still be working. Added two switches, --level and --risk to specify which injection tests and boundaries to use. The main advantage now is that sqlmap is able to identify initially which injection types are present so for instance if boolean-based blind is not supported, but error-based is, sqlmap will keep going and work!
2010-11-28 21:10:54 +03:00
else:
First big commit to move UNION query tests to detection phase - there are some improvements and tuning to do yet though. Major refactoring to Agent.payload() method. Minor bug fixes, some code refactoring and a lot of core adjustments here and there. Added more checks for injection in GROUP BY and ORDER BY.
2011-01-12 01:18:47 +03:00
# Flush the flag
kb.testMode = False
Rewrite from scratch the detection engine. Now it performs checks defined in payload.xml. User can specify its own. All (hopefully) functionalities should still be working. Added two switches, --level and --risk to specify which injection tests and boundaries to use. The main advantage now is that sqlmap is able to identify initially which injection types are present so for instance if boolean-based blind is not supported, but error-based is, sqlmap will keep going and work!
2010-11-28 21:10:54 +03:00
__saveToSessionFile()
__showInjections()
__selectInjection()
After the storm, a restore..
2008-10-15 19:38:22 +04:00
Added tag <epayload> to the payloads.xml's <test> tag to define which payload to use when exploiting the test type. Removed some useless tests. Moved <error> from queries.xml to payloads.xml as it makes more sense. Beeps at sql inj found only if --beep is provided. Minor fix in order to be able to pickle advancedDict() objects. Minor code refactoring. Removed useless folders.
2010-12-01 20:09:52 +03:00
if kb.injection.place is not None and kb.injection.parameter is not None:
minor update
2011-01-02 00:11:29 +03:00
if kb.testQueryCount == 0 and conf.realTest:
condition = False
elif conf.multipleTargets:
Fixes #177 - Don't exit at exception if in "multiple targets" mode (-l or -g)
2010-03-16 15:14:02 +03:00
message = "do you want to exploit this SQL injection? [Y/n] "
exploit = readInput(message, default="Y")
After the storm, a restore..
2008-10-15 19:38:22 +04:00
Fixes #177 - Don't exit at exception if in "multiple targets" mode (-l or -g)
2010-03-16 15:14:02 +03:00
condition = not exploit or exploit[0] in ("y", "Y")
else:
condition = True
if condition:
action()
added some fancy Ctrl+C when having multiple targets
2010-11-05 18:59:25 +03:00
except KeyboardInterrupt:
minor fix
2010-11-05 19:03:12 +03:00
if conf.multipleTargets:
cosmetics
2010-11-05 19:08:42 +03:00
warnMsg = "Ctrl+C detected in multiple target mode"
minor fix
2010-11-05 19:03:12 +03:00
logger.warn(warnMsg)
added some fancy Ctrl+C when having multiple targets
2010-11-05 18:59:25 +03:00
Cosmetics
2010-11-07 19:23:03 +03:00
message = "do you want to skip to the next target in list? [Y/n/q]"
minor fix
2010-11-05 19:03:12 +03:00
test = readInput(message, default="Y")
added some fancy Ctrl+C when having multiple targets
2010-11-05 18:59:25 +03:00
minor fix
2010-11-05 19:03:12 +03:00
if not test or test[0] in ("y", "Y"):
pass
elif test[0] in ("n", "N"):
return False
elif test[0] in ("q", "Q"):
raise sqlmapUserQuitException
else:
raise
added some fancy Ctrl+C when having multiple targets
2010-11-05 18:59:25 +03:00
some update
2010-09-30 23:45:23 +04:00
except sqlmapUserQuitException:
raise
bug fix (reported by ToR)
2010-11-10 22:44:51 +03:00
except sqlmapSilentQuitException:
raise
Fixes #177 - Don't exit at exception if in "multiple targets" mode (-l or -g)
2010-03-16 15:14:02 +03:00
except exceptionsTuple, e:
more unicode refactoring
2010-06-02 16:45:40 +04:00
e = getUnicode(e)
After the storm, a restore..
2008-10-15 19:38:22 +04:00
Fixes #177 - Don't exit at exception if in "multiple targets" mode (-l or -g)
2010-03-16 15:14:02 +03:00
if conf.multipleTargets:
minor update
2010-11-15 15:19:22 +03:00
e += ", skipping to the next %s" % ("form" if conf.forms else "url")
Fixes #177 - Don't exit at exception if in "multiple targets" mode (-l or -g)
2010-03-16 15:14:02 +03:00
logger.error(e)
else:
minor update
2010-09-27 17:41:18 +04:00
logger.critical(e)
update
2010-09-26 18:56:55 +04:00
return False
After the storm, a restore..
2008-10-15 19:38:22 +04:00
added support for displaying HTTP error codes (particularly interesting ones are 403 and 406 which screw up data retrieval and DBMS fingerprinting badly)
2011-01-02 10:37:47 +03:00
finally:
showHttpErrorCodes()
minor minor fix
2011-01-03 17:28:20 +03:00
if conf.loggedToOut and not conf.multipleTargets:
After the storm, a restore..
2008-10-15 19:38:22 +04:00
logger.info("Fetched data logged to text files under '%s'" % conf.outputPath)
removed all trailing spaces from blank lines
2010-11-03 13:08:27 +03:00
update
2010-09-26 18:56:55 +04:00
return True
Reference in New Issue Copy Permalink