2019-03-21 16:00:09 +03:00
|
|
|
#!/usr/bin/env python2
|
2008-10-15 19:38:22 +04:00
|
|
|
|
|
|
|
"""
|
2019-01-05 23:38:52 +03:00
|
|
|
Copyright (c) 2006-2019 sqlmap developers (http://sqlmap.org/)
|
2017-10-11 15:50:46 +03:00
|
|
|
See the file 'LICENSE' for copying permission
|
2008-10-15 19:38:22 +04:00
|
|
|
"""
|
|
|
|
|
2016-10-26 23:33:04 +03:00
|
|
|
try:
|
2016-10-29 01:13:04 +03:00
|
|
|
import cPickle as pickle
|
2016-10-26 23:33:04 +03:00
|
|
|
except:
|
2016-10-29 01:13:04 +03:00
|
|
|
import pickle
|
2016-10-26 23:33:04 +03:00
|
|
|
|
2015-01-15 19:32:07 +03:00
|
|
|
import base64
|
2013-01-10 02:08:50 +04:00
|
|
|
import json
|
2016-01-08 13:47:12 +03:00
|
|
|
import re
|
2010-02-23 11:54:33 +03:00
|
|
|
import sys
|
2008-10-15 19:38:22 +04:00
|
|
|
|
2012-07-31 13:03:44 +04:00
|
|
|
from lib.core.settings import IS_WIN
|
2011-03-03 13:39:04 +03:00
|
|
|
from lib.core.settings import UNICODE_ENCODING
|
2019-03-28 15:53:54 +03:00
|
|
|
from thirdparty import six
|
2010-03-27 02:23:25 +03:00
|
|
|
|
2011-01-15 15:13:45 +03:00
|
|
|
def base64decode(value):
|
2013-03-11 17:58:05 +04:00
|
|
|
"""
|
|
|
|
Decodes string value from Base64 to plain format
|
|
|
|
|
|
|
|
>>> base64decode('Zm9vYmFy')
|
|
|
|
'foobar'
|
|
|
|
"""
|
|
|
|
|
2019-03-29 00:45:44 +03:00
|
|
|
return base64.b64decode(unicodeencode(value))
|
2008-10-15 19:38:22 +04:00
|
|
|
|
2011-01-15 15:13:45 +03:00
|
|
|
def base64encode(value):
|
2013-03-11 17:58:05 +04:00
|
|
|
"""
|
|
|
|
Encodes string value from plain to Base64 format
|
|
|
|
|
|
|
|
>>> base64encode('foobar')
|
|
|
|
'Zm9vYmFy'
|
|
|
|
"""
|
|
|
|
|
2019-03-29 00:45:44 +03:00
|
|
|
return base64.b64encode(unicodeencode(value))
|
2010-04-12 13:35:20 +04:00
|
|
|
|
2011-01-15 15:13:45 +03:00
|
|
|
def base64pickle(value):
|
2013-03-11 17:58:05 +04:00
|
|
|
"""
|
|
|
|
Serializes (with pickle) and encodes to Base64 format supplied (binary) value
|
|
|
|
|
|
|
|
>>> base64pickle('foobar')
|
2016-10-29 01:13:04 +03:00
|
|
|
'gAJVBmZvb2JhcnEBLg=='
|
2013-03-11 17:58:05 +04:00
|
|
|
"""
|
|
|
|
|
2012-11-26 14:16:59 +04:00
|
|
|
retVal = None
|
2014-11-13 12:52:33 +03:00
|
|
|
|
2012-11-26 14:16:59 +04:00
|
|
|
try:
|
|
|
|
retVal = base64encode(pickle.dumps(value, pickle.HIGHEST_PROTOCOL))
|
|
|
|
except:
|
|
|
|
warnMsg = "problem occurred while serializing "
|
|
|
|
warnMsg += "instance of a type '%s'" % type(value)
|
|
|
|
singleTimeWarnMessage(warnMsg)
|
|
|
|
|
2014-05-29 11:33:14 +04:00
|
|
|
try:
|
|
|
|
retVal = base64encode(pickle.dumps(value))
|
|
|
|
except:
|
|
|
|
retVal = base64encode(pickle.dumps(str(value), pickle.HIGHEST_PROTOCOL))
|
|
|
|
|
2012-11-26 14:16:59 +04:00
|
|
|
return retVal
|
2010-04-12 13:35:20 +04:00
|
|
|
|
2019-03-27 03:28:34 +03:00
|
|
|
def base64unpickle(value):
|
2013-03-11 17:58:05 +04:00
|
|
|
"""
|
2013-03-26 17:11:17 +04:00
|
|
|
Decodes value from Base64 to plain format and deserializes (with pickle) its content
|
2013-03-11 17:58:05 +04:00
|
|
|
|
2016-10-29 01:13:04 +03:00
|
|
|
>>> base64unpickle('gAJVBmZvb2JhcnEBLg==')
|
2013-03-11 17:58:05 +04:00
|
|
|
'foobar'
|
|
|
|
"""
|
|
|
|
|
2014-11-13 12:52:33 +03:00
|
|
|
retVal = None
|
|
|
|
|
|
|
|
try:
|
2019-03-27 03:28:34 +03:00
|
|
|
retVal = pickle.loads(base64decode(value))
|
2018-03-13 15:45:42 +03:00
|
|
|
except TypeError:
|
2019-03-27 03:28:34 +03:00
|
|
|
retVal = pickle.loads(base64decode(bytes(value)))
|
2014-11-13 12:52:33 +03:00
|
|
|
|
|
|
|
return retVal
|
2008-10-15 19:38:22 +04:00
|
|
|
|
2011-01-15 15:13:45 +03:00
|
|
|
def hexdecode(value):
|
2013-03-11 17:58:05 +04:00
|
|
|
"""
|
|
|
|
Decodes string value from hex to plain format
|
|
|
|
|
|
|
|
>>> hexdecode('666f6f626172')
|
|
|
|
'foobar'
|
|
|
|
"""
|
|
|
|
|
2011-01-15 15:13:45 +03:00
|
|
|
value = value.lower()
|
2019-03-29 00:45:44 +03:00
|
|
|
value = value[2:] if value.startswith("0x") else value
|
|
|
|
|
|
|
|
if six.PY2:
|
|
|
|
retVal = value.decode("hex")
|
|
|
|
else:
|
|
|
|
retVal = bytes.fromhex(value)
|
|
|
|
|
|
|
|
return retVal
|
2010-11-03 13:08:27 +03:00
|
|
|
|
2017-09-05 14:13:08 +03:00
|
|
|
def hexencode(value, encoding=None):
|
2013-03-11 17:58:05 +04:00
|
|
|
"""
|
|
|
|
Encodes string value from plain to hex format
|
|
|
|
|
|
|
|
>>> hexencode('foobar')
|
|
|
|
'666f6f626172'
|
|
|
|
"""
|
|
|
|
|
2019-03-29 00:45:44 +03:00
|
|
|
retVal = unicodeencode(value, encoding)
|
|
|
|
|
|
|
|
if six.PY2:
|
|
|
|
retVal = retVal.encode("hex")
|
|
|
|
else:
|
|
|
|
retVal = retVal.hex()
|
|
|
|
|
|
|
|
return retVal
|
2008-10-15 19:38:22 +04:00
|
|
|
|
2011-04-29 19:22:32 +04:00
|
|
|
def unicodeencode(value, encoding=None):
|
|
|
|
"""
|
2013-03-11 17:58:05 +04:00
|
|
|
Returns 8-bit string representation of the supplied unicode value
|
2011-04-29 19:22:32 +04:00
|
|
|
|
2013-03-11 17:58:05 +04:00
|
|
|
>>> unicodeencode(u'foobar')
|
|
|
|
'foobar'
|
2011-04-29 19:22:32 +04:00
|
|
|
"""
|
|
|
|
|
|
|
|
retVal = value
|
2019-03-29 00:45:44 +03:00
|
|
|
|
|
|
|
if isinstance(value, six.text_type):
|
2011-04-29 19:22:32 +04:00
|
|
|
try:
|
|
|
|
retVal = value.encode(encoding or UNICODE_ENCODING)
|
|
|
|
except UnicodeEncodeError:
|
2019-03-29 00:45:44 +03:00
|
|
|
retVal = value.encode(encoding or UNICODE_ENCODING, "replace")
|
|
|
|
|
2011-04-29 19:22:32 +04:00
|
|
|
return retVal
|
|
|
|
|
2011-01-15 15:13:45 +03:00
|
|
|
def utf8encode(value):
|
2013-03-11 17:58:05 +04:00
|
|
|
"""
|
|
|
|
Returns 8-bit string representation of the supplied UTF-8 value
|
|
|
|
|
|
|
|
>>> utf8encode(u'foobar')
|
|
|
|
'foobar'
|
|
|
|
"""
|
|
|
|
|
2011-04-29 19:22:32 +04:00
|
|
|
return unicodeencode(value, "utf-8")
|
2010-05-28 15:32:10 +04:00
|
|
|
|
2011-01-15 15:13:45 +03:00
|
|
|
def utf8decode(value):
|
2013-03-11 17:58:05 +04:00
|
|
|
"""
|
|
|
|
Returns UTF-8 representation of the supplied 8-bit string representation
|
2010-10-01 12:03:39 +04:00
|
|
|
|
2013-03-11 17:58:05 +04:00
|
|
|
>>> utf8decode('foobar')
|
|
|
|
u'foobar'
|
|
|
|
"""
|
|
|
|
|
|
|
|
return value.decode("utf-8")
|
2010-10-01 12:03:39 +04:00
|
|
|
|
2011-01-15 15:13:45 +03:00
|
|
|
def htmlunescape(value):
|
2013-03-11 17:58:05 +04:00
|
|
|
"""
|
|
|
|
Returns (basic conversion) HTML unescaped value
|
|
|
|
|
|
|
|
>>> htmlunescape('a<b')
|
|
|
|
'a<b'
|
|
|
|
"""
|
|
|
|
|
2011-12-21 18:25:39 +04:00
|
|
|
retVal = value
|
2019-03-28 15:53:54 +03:00
|
|
|
if value and isinstance(value, six.string_types):
|
2019-04-30 14:20:31 +03:00
|
|
|
replacements = (("<", '<'), (">", '>'), (""", '"'), (" ", ' '), ("&", '&'), ("'", "'"))
|
|
|
|
for code, value in replacements:
|
|
|
|
retVal = retVal.replace(code, value)
|
|
|
|
|
2016-01-09 01:10:32 +03:00
|
|
|
try:
|
2016-05-15 10:37:45 +03:00
|
|
|
retVal = re.sub(r"&#x([^ ;]+);", lambda match: unichr(int(match.group(1), 16)), retVal)
|
2016-01-09 01:10:32 +03:00
|
|
|
except ValueError:
|
|
|
|
pass
|
2011-04-15 01:36:13 +04:00
|
|
|
return retVal
|
2012-07-31 13:03:44 +04:00
|
|
|
|
2018-03-21 16:29:54 +03:00
|
|
|
def singleTimeWarnMessage(message): # Cross-referenced function
|
2014-11-30 01:33:24 +03:00
|
|
|
sys.stdout.write(message)
|
|
|
|
sys.stdout.write("\n")
|
|
|
|
sys.stdout.flush()
|
2012-07-31 13:03:44 +04:00
|
|
|
|
|
|
|
def stdoutencode(data):
|
2019-04-30 14:20:31 +03:00
|
|
|
retVal = data
|
2012-07-31 13:03:44 +04:00
|
|
|
|
2019-04-30 14:20:31 +03:00
|
|
|
if six.PY2:
|
|
|
|
try:
|
|
|
|
retVal = unicodeencode(data or "", sys.stdout.encoding)
|
|
|
|
|
|
|
|
# Reference: http://bugs.python.org/issue1602
|
|
|
|
if IS_WIN:
|
|
|
|
if '?' in retVal and '?' not in retVal:
|
|
|
|
warnMsg = "cannot properly display Unicode characters "
|
|
|
|
warnMsg += "inside Windows OS command prompt "
|
|
|
|
warnMsg += "(http://bugs.python.org/issue1602). All "
|
|
|
|
warnMsg += "unhandled occurrences will result in "
|
|
|
|
warnMsg += "replacement with '?' character. Please, find "
|
|
|
|
warnMsg += "proper character representation inside "
|
|
|
|
warnMsg += "corresponding output files. "
|
|
|
|
singleTimeWarnMessage(warnMsg)
|
2012-07-31 13:03:44 +04:00
|
|
|
|
2019-04-30 14:20:31 +03:00
|
|
|
except:
|
|
|
|
retVal = unicodeencode(data or "")
|
2012-07-31 13:03:44 +04:00
|
|
|
|
|
|
|
return retVal
|
2013-01-10 02:08:50 +04:00
|
|
|
|
|
|
|
def jsonize(data):
|
2013-03-11 17:58:05 +04:00
|
|
|
"""
|
|
|
|
Returns JSON serialized data
|
|
|
|
|
|
|
|
>>> jsonize({'foo':'bar'})
|
|
|
|
'{\\n "foo": "bar"\\n}'
|
|
|
|
"""
|
|
|
|
|
2013-01-10 02:08:50 +04:00
|
|
|
return json.dumps(data, sort_keys=False, indent=4)
|
2013-01-29 05:39:27 +04:00
|
|
|
|
|
|
|
def dejsonize(data):
|
2013-03-11 17:58:05 +04:00
|
|
|
"""
|
|
|
|
Returns JSON deserialized data
|
|
|
|
|
|
|
|
>>> dejsonize('{\\n "foo": "bar"\\n}')
|
|
|
|
{u'foo': u'bar'}
|
|
|
|
"""
|
|
|
|
|
2013-01-29 05:39:27 +04:00
|
|
|
return json.loads(data)
|