sqlmap/extra/safe2bin/safe2bin.py

#!/usr/bin/env python2

"""
safe2bin.py - Simple safe(hex) to binary format converter

Copyright (c) 2006-2019 sqlmap developers (http://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""

from __future__ import print_function

import binascii
import re
import string
import os
import sys

from optparse import OptionError
from optparse import OptionParser

if sys.version_info.major > 2:
    xrange = range

# Regex used for recognition of hex encoded characters
HEX_ENCODED_CHAR_REGEX = r"(?P<result>\\x[0-9A-Fa-f]{2})"

# Raw chars that will be safe encoded to their slash (\) representations (e.g. newline to \n)
SAFE_ENCODE_SLASH_REPLACEMENTS = "\t\n\r\x0b\x0c"

# Characters that don't need to be safe encoded
SAFE_CHARS = "".join(filter(lambda _: _ not in SAFE_ENCODE_SLASH_REPLACEMENTS, string.printable.replace('\\', '')))

# Prefix used for hex encoded values
HEX_ENCODED_PREFIX = r"\x"

# Strings used for temporary marking of hex encoded prefixes (to prevent double encoding)
HEX_ENCODED_PREFIX_MARKER = "__HEX_ENCODED_PREFIX__"

# String used for temporary marking of slash characters
SLASH_MARKER = "__SLASH__"

def safecharencode(value):
    """
    Returns safe representation of a given basestring value

    >>> safecharencode(u'test123')
    u'test123'
    >>> safecharencode(u'test\x01\x02\xff')
    u'test\\01\\02\\03\\ff'
    """

    retVal = value

    if isinstance(value, basestring):
        if any([_ not in SAFE_CHARS for _ in value]):
            retVal = retVal.replace(HEX_ENCODED_PREFIX, HEX_ENCODED_PREFIX_MARKER)
            retVal = retVal.replace('\\', SLASH_MARKER)

            for char in SAFE_ENCODE_SLASH_REPLACEMENTS:
                retVal = retVal.replace(char, repr(char).strip('\''))

            retVal = reduce(lambda x, y: x + (y if (y in string.printable or isinstance(value, unicode) and ord(y) >= 160) else '\\x%02x' % ord(y)), retVal, (unicode if isinstance(value, unicode) else str)())

            retVal = retVal.replace(SLASH_MARKER, "\\\\")
            retVal = retVal.replace(HEX_ENCODED_PREFIX_MARKER, HEX_ENCODED_PREFIX)
    elif isinstance(value, list):
        for i in xrange(len(value)):
            retVal[i] = safecharencode(value[i])

    return retVal

def safechardecode(value, binary=False):
    """
    Reverse function to safecharencode
    """

    retVal = value
    if isinstance(value, basestring):
        retVal = retVal.replace('\\\\', SLASH_MARKER)

        while True:
            match = re.search(HEX_ENCODED_CHAR_REGEX, retVal)
            if match:
                retVal = retVal.replace(match.group("result"), (unichr if isinstance(value, unicode) else chr)(ord(binascii.unhexlify(match.group("result").lstrip("\\x")))))
            else:
                break

        for char in SAFE_ENCODE_SLASH_REPLACEMENTS[::-1]:
            retVal = retVal.replace(repr(char).strip('\''), char)

        retVal = retVal.replace(SLASH_MARKER, '\\')

        if binary:
            if isinstance(retVal, unicode):
                retVal = retVal.encode("utf8")

    elif isinstance(value, (list, tuple)):
        for i in xrange(len(value)):
            retVal[i] = safechardecode(value[i])

    return retVal

def main():
    usage = '%s -i <input file> [-o <output file>]' % sys.argv[0]
    parser = OptionParser(usage=usage, version='0.1')

    try:
        parser.add_option('-i', dest='inputFile', help='Input file')
        parser.add_option('-o', dest='outputFile', help='Output file')

        (args, _) = parser.parse_args()

        if not args.inputFile:
            parser.error('Missing the input file, -h for help')

    except (OptionError, TypeError) as ex:
        parser.error(ex)

    if not os.path.isfile(args.inputFile):
        print('ERROR: the provided input file \'%s\' is not a regular file' % args.inputFile)
        sys.exit(1)

    f = open(args.inputFile, 'r')
    data = f.read()
    f.close()

    if not args.outputFile:
        args.outputFile = args.inputFile + '.bin'

    f = open(args.outputFile, 'wb')
    f.write(safechardecode(data))
    f.close()

if __name__ == '__main__':
    main()
Update regarding #2940 (PEP 394) 2019-03-21 16:00:09 +03:00			`#!/usr/bin/env python2`
adding new tool safe2bin for decoding safe encoded values 2011-04-15 17:41:50 +04:00
			`"""`
			`safe2bin.py - Simple safe(hex) to binary format converter`

update_copyright_year() 2019-01-05 23:38:52 +03:00			`Copyright (c) 2006-2019 sqlmap developers (http://sqlmap.org/)`
Replacing doc/COPYING to LICENSE 2017-10-11 15:50:46 +03:00			`See the file 'LICENSE' for copying permission`
adding new tool safe2bin for decoding safe encoded values 2011-04-15 17:41:50 +04:00			`"""`

Update related to the last commit 2019-01-22 03:20:27 +03:00			`from __future__ import print_function`

adding new tool safe2bin for decoding safe encoded values 2011-04-15 17:41:50 +04:00			`import binascii`
			`import re`
some refactoring 2011-04-15 17:51:06 +04:00			`import string`
adding new tool safe2bin for decoding safe encoded values 2011-04-15 17:41:50 +04:00			`import os`
			`import sys`

			`from optparse import OptionError`
			`from optparse import OptionParser`

Some more drei stuff 2019-03-28 17:14:16 +03:00			`if sys.version_info.major > 2:`
			`xrange = range`

adding new tool safe2bin for decoding safe encoded values 2011-04-15 17:41:50 +04:00			`# Regex used for recognition of hex encoded characters`
			`HEX_ENCODED_CHAR_REGEX = r"(?P<result>\\x[0-9A-Fa-f]{2})"`

			`# Raw chars that will be safe encoded to their slash (\) representations (e.g. newline to \n)`
fix for a "problem" reported by Kirill Morozov (nt authority\\network service) 2011-06-11 11:54:59 +04:00			`SAFE_ENCODE_SLASH_REPLACEMENTS = "\t\n\r\x0b\x0c"`

minor optimization 2011-12-23 00:08:28 +04:00			`# Characters that don't need to be safe encoded`
Speed optimization(s) 2016-09-09 12:06:38 +03:00			`SAFE_CHARS = "".join(filter(lambda _: _ not in SAFE_ENCODE_SLASH_REPLACEMENTS, string.printable.replace('\\', '')))`
minor optimization 2011-12-23 00:08:28 +04:00
Another patch related to #1539 (simplifying unicode bad chars and preventing double encoding of safe chars) 2015-11-16 17:02:30 +03:00			`# Prefix used for hex encoded values`
			`HEX_ENCODED_PREFIX = r"\x"`

			`# Strings used for temporary marking of hex encoded prefixes (to prevent double encoding)`
			`HEX_ENCODED_PREFIX_MARKER = "__HEX_ENCODED_PREFIX__"`

fix for a "problem" reported by Kirill Morozov (nt authority\\network service) 2011-06-11 11:54:59 +04:00			`# String used for temporary marking of slash characters`
			`SLASH_MARKER = "__SLASH__"`
adding new tool safe2bin for decoding safe encoded values 2011-04-15 17:41:50 +04:00
some refactoring 2011-04-15 17:51:06 +04:00			`def safecharencode(value):`
			`"""`
			`Returns safe representation of a given basestring value`

			`>>> safecharencode(u'test123')`
			`u'test123'`
			`>>> safecharencode(u'test\x01\x02\xff')`
			`u'test\\01\\02\\03\\ff'`
			`"""`

			`retVal = value`

			`if isinstance(value, basestring):`
Speed optimization(s) 2016-09-09 12:06:38 +03:00			`if any([_ not in SAFE_CHARS for _ in value]):`
Another patch related to #1539 (simplifying unicode bad chars and preventing double encoding of safe chars) 2015-11-16 17:02:30 +03:00			`retVal = retVal.replace(HEX_ENCODED_PREFIX, HEX_ENCODED_PREFIX_MARKER)`
Distinguishing invalid unicode from safe encoded characters (for proper potential decoding) 2012-12-28 01:43:39 +04:00			`retVal = retVal.replace('\\', SLASH_MARKER)`
some refactoring 2011-04-15 17:51:06 +04:00
minor optimization 2011-12-23 00:08:28 +04:00			`for char in SAFE_ENCODE_SLASH_REPLACEMENTS:`
			`retVal = retVal.replace(char, repr(char).strip('\''))`
fix for a "problem" reported by Kirill Morozov (nt authority\\network service) 2011-06-11 11:54:59 +04:00
Bug fix for international letters (range in 160-255 is also printable) 2014-08-21 01:28:45 +04:00			`retVal = reduce(lambda x, y: x + (y if (y in string.printable or isinstance(value, unicode) and ord(y) >= 160) else '\\x%02x' % ord(y)), retVal, (unicode if isinstance(value, unicode) else str)())`
Distinguishing invalid unicode from safe encoded characters (for proper potential decoding) 2012-12-28 01:43:39 +04:00
Minor update for an Issue #8 2013-01-16 17:16:22 +04:00			`retVal = retVal.replace(SLASH_MARKER, "\\\\")`
Another patch related to #1539 (simplifying unicode bad chars and preventing double encoding of safe chars) 2015-11-16 17:02:30 +03:00			`retVal = retVal.replace(HEX_ENCODED_PREFIX_MARKER, HEX_ENCODED_PREFIX)`
some refactoring 2011-04-15 17:51:06 +04:00			`elif isinstance(value, list):`
			`for i in xrange(len(value)):`
			`retVal[i] = safecharencode(value[i])`

			`return retVal`

Minor update for an Issue #8 2013-01-16 17:16:22 +04:00			`def safechardecode(value, binary=False):`
adding new tool safe2bin for decoding safe encoded values 2011-04-15 17:41:50 +04:00			`"""`
some refactoring 2011-04-15 17:51:06 +04:00			`Reverse function to safecharencode`
adding new tool safe2bin for decoding safe encoded values 2011-04-15 17:41:50 +04:00			`"""`

			`retVal = value`
			`if isinstance(value, basestring):`
Distinguishing invalid unicode from safe encoded characters (for proper potential decoding) 2012-12-28 01:43:39 +04:00			`retVal = retVal.replace('\\\\', SLASH_MARKER)`
adding new tool safe2bin for decoding safe encoded values 2011-04-15 17:41:50 +04:00
			`while True:`
Distinguishing invalid unicode from safe encoded characters (for proper potential decoding) 2012-12-28 01:43:39 +04:00			`match = re.search(HEX_ENCODED_CHAR_REGEX, retVal)`
adding new tool safe2bin for decoding safe encoded values 2011-04-15 17:41:50 +04:00			`if match:`
Minor update for an Issue #8 2013-01-16 17:16:22 +04:00			`retVal = retVal.replace(match.group("result"), (unichr if isinstance(value, unicode) else chr)(ord(binascii.unhexlify(match.group("result").lstrip("\\x")))))`
adding new tool safe2bin for decoding safe encoded values 2011-04-15 17:41:50 +04:00			`else:`
			`break`

			`for char in SAFE_ENCODE_SLASH_REPLACEMENTS[::-1]:`
			`retVal = retVal.replace(repr(char).strip('\''), char)`

fix for a "problem" reported by Kirill Morozov (nt authority\\network service) 2011-06-11 11:54:59 +04:00			`retVal = retVal.replace(SLASH_MARKER, '\\')`

Minor update for an Issue #8 2013-01-16 17:16:22 +04:00			`if binary:`
			`if isinstance(retVal, unicode):`
			`retVal = retVal.encode("utf8")`

adding new tool safe2bin for decoding safe encoded values 2011-04-15 17:41:50 +04:00			`elif isinstance(value, (list, tuple)):`
			`for i in xrange(len(value)):`
			`retVal[i] = safechardecode(value[i])`

			`return retVal`

			`def main():`
			`usage = '%s -i <input file> [-o <output file>]' % sys.argv[0]`
Minor code restyling 2011-04-30 17:20:05 +04:00			`parser = OptionParser(usage=usage, version='0.1')`
adding new tool safe2bin for decoding safe encoded values 2011-04-15 17:41:50 +04:00
			`try:`
			`parser.add_option('-i', dest='inputFile', help='Input file')`
			`parser.add_option('-o', dest='outputFile', help='Output file')`

			`(args, _) = parser.parse_args()`

			`if not args.inputFile:`
			`parser.error('Missing the input file, -h for help')`

Old exception handling format to new one 2019-01-22 16:09:13 +03:00			`except (OptionError, TypeError) as ex:`
			`parser.error(ex)`
adding new tool safe2bin for decoding safe encoded values 2011-04-15 17:41:50 +04:00
			`if not os.path.isfile(args.inputFile):`
Update related to the last commit 2019-01-22 03:20:27 +03:00			`print('ERROR: the provided input file \'%s\' is not a regular file' % args.inputFile)`
adding new tool safe2bin for decoding safe encoded values 2011-04-15 17:41:50 +04:00			`sys.exit(1)`

			`f = open(args.inputFile, 'r')`
			`data = f.read()`
			`f.close()`

			`if not args.outputFile:`
			`args.outputFile = args.inputFile + '.bin'`

			`f = open(args.outputFile, 'wb')`
			`f.write(safechardecode(data))`
			`f.close()`

			`if __name__ == '__main__':`
			`main()`