Merge 429352a0ab into 76905e8728

.gitignore

@@ -1,6 +1,7 @@
 *.py[cod]
+*.sw[op]
 output/
 .sqlmap_history
 traffic.txt
 *~
-.idea/
+.idea/

extra/cloak/cloak.py

@@ -7,6 +7,7 @@ Copyright (c) 2006-2018 sqlmap developers (http://sqlmap.org/)
 See the file 'LICENSE' for copying permission
 """
 
+from __future__ import print_function
 import os
 import sys
 import zlib
@@ -38,7 +39,7 @@ def decloak(inputFile=None, data=None):
     try:
         data = zlib.decompress(hideAscii(data))
     except:
-        print 'ERROR: the provided input file \'%s\' does not contain valid cloaked content' % inputFile
+        print('ERROR: the provided input file \'%s\' does not contain valid cloaked content' % inputFile)
         sys.exit(1)
     finally:
         f.close()
@@ -63,7 +64,7 @@ def main():
         parser.error(e)
 
     if not os.path.isfile(args.inputFile):
-        print 'ERROR: the provided input file \'%s\' is non existent' % args.inputFile
+        print('ERROR: the provided input file \'%s\' is non existent' % args.inputFile)
         sys.exit(1)
 
     if not args.decrypt:

extra/dbgtool/dbgtool.py

@@ -7,6 +7,7 @@ Copyright (c) 2006-2018 sqlmap developers (http://sqlmap.org/)
 See the file 'LICENSE' for copying permission
 """
 
+from __future__ import print_function
 import os
 import sys
 import struct
@@ -19,7 +20,7 @@ def convert(inputFile):
     fileSize = fileStat.st_size
 
     if fileSize > 65280:
-        print "ERROR: the provided input file '%s' is too big for debug.exe" % inputFile
+        print("ERROR: the provided input file '%s' is too big for debug.exe" % inputFile)
         sys.exit(1)
 
     script = "n %s\nr cx\n" % os.path.basename(inputFile.replace(".", "_"))
@@ -59,7 +60,7 @@ def convert(inputFile):
 
 def main(inputFile, outputFile):
     if not os.path.isfile(inputFile):
-        print "ERROR: the provided input file '%s' is not a regular file" % inputFile
+        print("ERROR: the provided input file '%s' is not a regular file" % inputFile)
         sys.exit(1)
 
     script = convert(inputFile)
@@ -70,7 +71,7 @@ def main(inputFile, outputFile):
         sys.stdout.write(script)
         sys.stdout.close()
     else:
-        print script
+        print(script)
 
 if __name__ == "__main__":
     usage = "%s -i <input file> [-o <output file>]" % sys.argv[0]

extra/mssqlsig/update.py

@@ -5,6 +5,7 @@ Copyright (c) 2006-2018 sqlmap developers (http://sqlmap.org/)
 See the file 'LICENSE' for copying permission
 """
 
+from __future__ import print_function
 import codecs
 import os
 import re
@@ -22,11 +23,11 @@ MSSQL_VERSIONS_URL = "http://www.sqlsecurity.com/FAQs/SQLServerVersionDatabase/t
 def updateMSSQLXML():
     if not os.path.exists(MSSQL_XML):
         errMsg = "[ERROR] file '%s' does not exist. Please run the script from its parent directory" % MSSQL_XML
-        print errMsg
+        print(errMsg)
         return
 
     infoMsg = "[INFO] retrieving data from '%s'" % MSSQL_VERSIONS_URL
-    print infoMsg
+    print(infoMsg)
 
     try:
         req = urllib2.Request(MSSQL_VERSIONS_URL)
@@ -39,7 +40,7 @@ def updateMSSQLXML():
 
         warnMsg = "[WARNING] sqlmap was unable to connect to %s," % __mssqlHostname
         warnMsg += " check your Internet connection and retry"
-        print warnMsg
+        print(warnMsg)
 
         return
 
@@ -131,7 +132,7 @@ def updateMSSQLXML():
     mssqlXml.close()
 
     infoMsg = "[INFO] done. retrieved data parsed and saved into '%s'" % MSSQL_XML
-    print infoMsg
+    print(infoMsg)
 
 if __name__ == "__main__":
     updateMSSQLXML()

extra/safe2bin/safe2bin.py

@@ -7,6 +7,7 @@ Copyright (c) 2006-2018 sqlmap developers (http://sqlmap.org/)
 See the file 'LICENSE' for copying permission
 """
 
+from __future__ import print_function
 import binascii
 import re
 import string
@@ -112,7 +113,7 @@ def main():
         parser.error(e)
 
     if not os.path.isfile(args.inputFile):
-        print 'ERROR: the provided input file \'%s\' is not a regular file' % args.inputFile
+        print('ERROR: the provided input file \'%s\' is not a regular file' % args.inputFile)
         sys.exit(1)
 
     f = open(args.inputFile, 'r')

extra/shutils/duplicates.py

@@ -5,6 +5,7 @@
 
 # Removes duplicate entries in wordlist like files
 
+from __future__ import print_function
 import sys
 
 if len(sys.argv) > 0:
@@ -17,7 +18,7 @@ if len(sys.argv) > 0:
                 str.encode(item)
                 if item in items:
                     if item:
-                        print item
+                        print(item)
                 else:
                     items.append(item)
             except:

extra/shutils/pylint.py

@@ -3,6 +3,7 @@
 # Runs pylint on all python scripts found in a directory tree
 # Reference: http://rowinggolfer.blogspot.com/2009/08/pylint-recursively.html
 
+from __future__ import print_function
 import os
 import re
 import sys
@@ -17,26 +18,26 @@ def check(module):
 
     if module[-3:] == ".py":
 
-        print "CHECKING ", module
+        print("CHECKING ", module)
         pout = os.popen("pylint --rcfile=/dev/null %s" % module, 'r')
         for line in pout:
             if re.match(r"\AE:", line):
-                print line.strip()
+                print(line.strip())
             if __RATING__ and "Your code has been rated at" in line:
-                print line
+                print(line)
                 score = re.findall(r"\d.\d\d", line)[0]
                 total += float(score)
                 count += 1
 
 if __name__ == "__main__":
     try:
-        print sys.argv
+        print(sys.argv)
         BASE_DIRECTORY = sys.argv[1]
     except IndexError:
-        print "no directory specified, defaulting to current working directory"
+        print("no directory specified, defaulting to current working directory")
         BASE_DIRECTORY = os.getcwd()
 
-    print "looking for *.py scripts in subdirectories of ", BASE_DIRECTORY
+    print("looking for *.py scripts in subdirectories of ", BASE_DIRECTORY)
     for root, dirs, files in os.walk(BASE_DIRECTORY):
         if any(_ in root for _ in ("extra", "thirdparty")):
             continue
@@ -45,6 +46,6 @@ if __name__ == "__main__":
             check(filepath)
 
     if __RATING__:
-        print "==" * 50
+        print("==" * 50)
-        print "%d modules found" % count
+        print("%d modules found" % count)
-        print "AVERAGE SCORE = %.02f" % (total / count)
+        print("AVERAGE SCORE = %.02f" % (total / count))

extra/shutils/regressiontest.py

@@ -3,6 +3,7 @@
 # Copyright (c) 2006-2018 sqlmap developers (http://sqlmap.org/)
 # See the file 'LICENSE' for copying permission
 
+from __future__ import print_function
 import codecs
 import inspect
 import os
@@ -57,7 +58,7 @@ def send_email(msg):
         s.quit()
     # Catch all for SMTP exceptions
     except smtplib.SMTPException, e:
-        print "Failure to send email: %s" % str(e)
+        print("Failure to send email: %s" % str(e))
 
 def failure_email(msg):
     msg = prepare_email(msg)

extra/sqlharvest/sqlharvest.py

@@ -5,6 +5,7 @@ Copyright (c) 2006-2018 sqlmap developers (http://sqlmap.org/)
 See the file 'LICENSE' for copying permission
 """
 
+from __future__ import print_function
 import cookielib
 import re
 import socket
@@ -76,7 +77,7 @@ def main():
                 raise
 
             except Exception, msg:
-                print msg
+                print(msg)
 
             if abort:
                 break
@@ -86,7 +87,7 @@ def main():
             sys.stdout.write("---------------\n")
 
             for sqlfile in files:
-                print sqlfile
+                print(sqlfile)
 
                 try:
                     req = urllib2.Request(sqlfile)
@@ -119,7 +120,7 @@ def main():
                     raise
 
                 except Exception, msg:
-                    print msg
+                    print(msg)
 
             else:
                 i += 1

lib/core/threads.py

@@ -5,6 +5,7 @@ Copyright (c) 2006-2018 sqlmap developers (http://sqlmap.org/)
 See the file 'LICENSE' for copying permission
 """
 
+from __future__ import print_function
 import difflib
 import random
 import threading
@@ -167,7 +168,7 @@ def runThreads(numThreads, threadFunction, cleanupFunction=None, forwardExceptio
                     time.sleep(0.1)
 
     except (KeyboardInterrupt, SqlmapUserQuitException), ex:
-        print
+        print()
         kb.threadContinue = False
         kb.threadException = True
 
@@ -184,7 +185,7 @@ def runThreads(numThreads, threadFunction, cleanupFunction=None, forwardExceptio
             raise
 
     except (SqlmapConnectionException, SqlmapValueException), ex:
-        print
+        print()
         kb.threadException = True
         logger.error("thread %s: %s" % (threading.currentThread().getName(), ex.message))
 
@@ -194,7 +195,7 @@ def runThreads(numThreads, threadFunction, cleanupFunction=None, forwardExceptio
     except:
         from lib.core.common import unhandledExceptionMessage
 
-        print
+        print()
         kb.threadException = True
         errMsg = unhandledExceptionMessage()
         logger.error("thread %s: %s" % (threading.currentThread().getName(), errMsg))

lib/parse/cmdline.py

@@ -5,6 +5,7 @@ Copyright (c) 2006-2018 sqlmap developers (http://sqlmap.org/)
 See the file 'LICENSE' for copying permission
 """
 
+from __future__ import print_function
 import os
 import re
 import shlex
@@ -886,7 +887,7 @@ def cmdLineParser(argv=None):
                     command = raw_input("sqlmap-shell> ").strip()
                     command = getUnicode(command, encoding=sys.stdin.encoding)
                 except (KeyboardInterrupt, EOFError):
-                    print
+                    print()
                     raise SqlmapShellQuitException
 
                 if not command:
@@ -930,7 +931,7 @@ def cmdLineParser(argv=None):
                 argv[i] = argv[i][:-1]
                 conf.skipThreadCheck = True
             elif argv[i] == "--version":
-                print VERSION_STRING.split('/')[-1]
+                print(VERSION_STRING.split('/')[-1])
                 raise SystemExit
             elif argv[i] in ("-h", "--help"):
                 advancedHelp = False

lib/request/dns.py

@@ -5,6 +5,7 @@ Copyright (c) 2006-2018 sqlmap developers (http://sqlmap.org/)
 See the file 'LICENSE' for copying permission
 """
 
+from __future__ import print_function
 import os
 import re
 import socket
@@ -145,13 +146,13 @@ if __name__ == "__main__":
                 if _ is None:
                     break
                 else:
-                    print "[i] %s" % _
+                    print("[i] %s" % _)
 
             time.sleep(1)
 
     except socket.error, ex:
         if 'Permission' in str(ex):
-            print "[x] Please run with sudo/Administrator privileges"
+            print("[x] Please run with sudo/Administrator privileges")
         else:
             raise
     except KeyboardInterrupt:

lib/request/inject.py

@@ -5,6 +5,7 @@ Copyright (c) 2006-2018 sqlmap developers (http://sqlmap.org/)
 See the file 'LICENSE' for copying permission
 """
 
+from __future__ import print_function
 import re
 import time
 
@@ -276,7 +277,7 @@ def _goInferenceProxy(expression, fromUser=False, batch=False, unpack=True, char
                         raise SqlmapDataException(errMsg)
 
                 except KeyboardInterrupt:
-                    print
+                    print()
                     warnMsg = "user aborted during dumping phase"
                     logger.warn(warnMsg)
 

lib/takeover/abstraction.py

@@ -5,6 +5,7 @@ Copyright (c) 2006-2018 sqlmap developers (http://sqlmap.org/)
 See the file 'LICENSE' for copying permission
 """
 
+from __future__ import print_function
 import sys
 
 from extra.safe2bin.safe2bin import safechardecode
@@ -130,11 +131,11 @@ class Abstraction(Web, UDF, XP_cmdshell):
                 command = raw_input("os-shell> ")
                 command = getUnicode(command, encoding=sys.stdin.encoding)
             except KeyboardInterrupt:
-                print
+                print()
                 errMsg = "user aborted"
                 logger.error(errMsg)
             except EOFError:
-                print
+                print()
                 errMsg = "exit"
                 logger.error(errMsg)
                 break

lib/takeover/metasploit.py

@@ -5,6 +5,7 @@ Copyright (c) 2006-2018 sqlmap developers (http://sqlmap.org/)
 See the file 'LICENSE' for copying permission
 """
 
+from __future__ import print_function
 import os
 import re
 import select
@@ -492,7 +493,7 @@ class Metasploit:
         send_all(proc, "getuid\n")
 
         if conf.privEsc:
-            print
+            print()
 
             infoMsg = "trying to escalate privileges using Meterpreter "
             infoMsg += "'getsystem' command which tries different "

lib/techniques/error/use.py

@@ -5,6 +5,7 @@ Copyright (c) 2006-2018 sqlmap developers (http://sqlmap.org/)
 See the file 'LICENSE' for copying permission
 """
 
+from __future__ import print_function
 import re
 import time
 
@@ -239,7 +240,7 @@ def _errorFields(expression, expressionFields, expressionFieldsList, num=None, e
 
         if not suppressOutput:
             if kb.fileReadMode and output and output.strip():
-                print
+                print()
             elif output is not None and not (threadData.resumed and kb.suppressResumeInfo) and not (emptyFields and field in emptyFields):
                 status = "[%s] [INFO] %s: %s" % (time.strftime("%X"), "resumed" if threadData.resumed else "retrieved", output if kb.safeCharEncode else safecharencode(output))
 

lib/utils/api.py

@@ -6,6 +6,7 @@ Copyright (c) 2006-2018 sqlmap developers (http://sqlmap.org/)
 See the file 'LICENSE' for copying permission
 """
 
+from __future__ import print_function
 import contextlib
 import httplib
 import logging
@@ -769,7 +770,7 @@ def client(host=RESTAPI_DEFAULT_ADDRESS, port=RESTAPI_DEFAULT_PORT, username=Non
             command = raw_input("api%s> " % (" (%s)" % taskid if taskid else "")).strip()
             command = re.sub(r"\A(\w+)", lambda match: match.group(1).lower(), command)
         except (EOFError, KeyboardInterrupt):
-            print
+            print()
             break
 
         if command in ("data", "log", "status", "stop", "kill"):

lib/utils/hash.py

@@ -5,6 +5,7 @@ Copyright (c) 2006-2018 sqlmap developers (http://sqlmap.org/)
 See the file 'LICENSE' for copying permission
 """
 
+from __future__ import print_function
 try:
     from crypt import crypt
 except ImportError:
@@ -1061,7 +1062,7 @@ def dictionaryAttack(attack_dict):
                         _bruteProcessVariantA(attack_info, hash_regex, suffix, retVal, 0, 1, kb.wordlists, custom_wordlist, conf.api)
 
                 except KeyboardInterrupt:
-                    print
+                    print()
                     processException = True
                     warnMsg = "user aborted during dictionary-based attack phase (Ctrl+C was pressed)"
                     logger.warn(warnMsg)
@@ -1155,7 +1156,7 @@ def dictionaryAttack(attack_dict):
                             found = found_.value
 
                     except KeyboardInterrupt:
-                        print
+                        print()
                         processException = True
                         warnMsg = "user aborted during dictionary-based attack phase (Ctrl+C was pressed)"
                         logger.warn(warnMsg)

plugins/generic/custom.py

@@ -5,6 +5,7 @@ Copyright (c) 2006-2018 sqlmap developers (http://sqlmap.org/)
 See the file 'LICENSE' for copying permission
 """
 
+from __future__ import print_function
 import re
 import sys
 
@@ -89,11 +90,11 @@ class Custom:
                 query = raw_input("sql-shell> ")
                 query = getUnicode(query, encoding=sys.stdin.encoding)
             except KeyboardInterrupt:
-                print
+                print()
                 errMsg = "user aborted"
                 logger.error(errMsg)
             except EOFError:
-                print
+                print()
                 errMsg = "exit"
                 logger.error(errMsg)
                 break

sqlmap.py

@@ -5,6 +5,7 @@ Copyright (c) 2006-2018 sqlmap developers (http://sqlmap.org/)
 See the file 'LICENSE' for copying permission
 """
 
+from __future__ import print_function
 import sys
 
 sys.dont_write_bytecode = True
@@ -185,7 +186,7 @@ def main():
         raise SystemExit
 
     except KeyboardInterrupt:
-        print
+        print()
 
         errMsg = "user aborted"
         try:
@@ -194,7 +195,7 @@ def main():
             pass
 
     except EOFError:
-        print
+        print()
         errMsg = "exit"
 
         try:
@@ -206,7 +207,7 @@ def main():
         pass
 
     except:
-        print
+        print()
         errMsg = unhandledExceptionMessage()
         excMsg = traceback.format_exc()
         valid = checkIntegrity()
@@ -217,13 +218,13 @@ def main():
                 errMsg += "You should retrieve the latest development version from official GitHub "
                 errMsg += "repository at '%s'" % GIT_PAGE
                 logger.critical(errMsg)
-                print
+                print()
                 dataToStdout(excMsg)
                 raise SystemExit
 
             elif any(_ in excMsg for _ in ("tamper/", "waf/")):
                 logger.critical(errMsg)
-                print
+                print()
                 dataToStdout(excMsg)
                 raise SystemExit
 
@@ -391,4 +392,4 @@ if __name__ == "__main__":
     main()
 else:
     # cancelling postponed imports (because of Travis CI checks)
-    from lib.controller.controller import start
+    from lib.controller.controller import start