From 017ea9e686382776f3732b6bd4206cbc8fa3fe37 Mon Sep 17 00:00:00 2001
From: Miroslav Stampar <miroslav.stampar@gmail.com>
Date: Thu, 23 Dec 2010 14:06:22 +0000
Subject: [PATCH] update

---
 lib/controller/checks.py     |  4 ++--
 lib/controller/controller.py |  6 +++---
 lib/core/common.py           |  1 -
 lib/core/option.py           | 17 +----------------
 lib/parse/cmdline.py         |  6 +++---
 lib/request/connect.py       |  4 ++--
 txt/dorks.txt                | 27 ---------------------------
 7 files changed, 11 insertions(+), 54 deletions(-)
 delete mode 100644 txt/dorks.txt

diff --git a/lib/controller/checks.py b/lib/controller/checks.py
index 07a5d2101..9eb06ecd7 100644
--- a/lib/controller/checks.py
+++ b/lib/controller/checks.py
@@ -387,7 +387,7 @@ def checkSqlInjection(place, parameter, value):
                                 elif detailKey == "os" and injection.os is None:
                                     injection.os = detailValue
 
-                        if conf.beep or conf.scriptKiddie:
+                        if conf.beep or conf.realTest:
                             beep()
 
                         # There is no need to perform this test for other
@@ -589,7 +589,7 @@ def checkStability():
         logger.warn(warnMsg)
 
         message = "how do you want to proceed? [C(ontinue)/s(tring)/r(egex)/q(uit)] "
-        if not conf.scriptKiddie:
+        if not conf.realTest:
             test = readInput(message, default="C")
         else:
             test = None
diff --git a/lib/controller/controller.py b/lib/controller/controller.py
index 8ba50c1d6..a19f8b6ad 100644
--- a/lib/controller/controller.py
+++ b/lib/controller/controller.py
@@ -227,7 +227,7 @@ def start():
                     elif test[0] in ("q", "Q"):
                         break
 
-                elif conf.scriptKiddie:
+                elif conf.realTest:
                     logger.info(message)
                 else:
                     message += "\ndo you want to test this url? [Y/n/q]"
@@ -343,7 +343,7 @@ def start():
 
                         if testSqlInj:
                             check = heuristicCheckSqlInjection(place, parameter, value)
-                            if not check and conf.scriptKiddie:
+                            if not check and conf.realTest:
                                 continue
 
                             logMsg  = "testing sql injection on %s " % place
@@ -376,7 +376,7 @@ def start():
                                 logger.warn(warnMsg)
 
             if len(kb.injections) == 0 or (len(kb.injections) == 1 and kb.injections[0].place is None):
-                if not conf.scriptKiddie:
+                if not conf.realTest:
                     errMsg = "all parameters are not injectable, try "
                     errMsg += "a higher --level"
                     raise sqlmapNotVulnerableException, errMsg
diff --git a/lib/core/common.py b/lib/core/common.py
index 82c2d4d02..7842501ce 100644
--- a/lib/core/common.py
+++ b/lib/core/common.py
@@ -676,7 +676,6 @@ def setPaths():
     paths.COMMON_COLUMNS         = os.path.join(paths.SQLMAP_TXT_PATH, "common-columns.txt")
     paths.COMMON_TABLES          = os.path.join(paths.SQLMAP_TXT_PATH, "common-tables.txt")
     paths.COMMON_OUTPUTS         = os.path.join(paths.SQLMAP_TXT_PATH, 'common-outputs.txt')
-    paths.DORKS                  = os.path.join(paths.SQLMAP_TXT_PATH, "dorks.txt")
     paths.SQL_KEYWORDS           = os.path.join(paths.SQLMAP_TXT_PATH, "keywords.txt")
     paths.ORACLE_DEFAULT_PASSWD  = os.path.join(paths.SQLMAP_TXT_PATH, "oracle-default-passwords.txt")
     paths.WORDLIST               = os.path.join(paths.SQLMAP_TXT_PATH, "wordlist.txt")
diff --git a/lib/core/option.py b/lib/core/option.py
index 3a02d133c..c7b843104 100644
--- a/lib/core/option.py
+++ b/lib/core/option.py
@@ -303,20 +303,6 @@ def __setRequestFromFile():
 
     __feedTargetsDict(conf.requestFile, addedTargetUrls)
 
-def __setScriptKiddie():
-    """
-    This function sets a random google dork
-    """
-    if not conf.scriptKiddie or conf.url or conf.list or conf.requestFile or conf.googleDork:
-        return
-
-    dorks = getFileItems(paths.DORKS)
-    conf.googleDork = dorks[randomRange(0, len(dorks) - 1)]
-    conf.multipleTargets = True
-
-    logMsg = "setting random google dork to: '%s'" % conf.googleDork
-    logger.info(logMsg)
-
 def __setGoogleDorking():
     """
     This function checks if the way to request testable hosts is through
@@ -1393,7 +1379,7 @@ def init(inputOptions=advancedDict()):
     parseTargetUrl()
     parseTargetDirect()
 
-    if conf.url or conf.list or conf.requestFile or conf.googleDork or conf.liveTest or conf.scriptKiddie:
+    if conf.url or conf.list or conf.requestFile or conf.googleDork or conf.liveTest:
         __setHTTPTimeout()
         __setHTTPExtraHeaders()
         __setHTTPCookies()
@@ -1404,7 +1390,6 @@ def init(inputOptions=advancedDict()):
         __setHTTPProxy()
         __setSafeUrl()
         __setUnion()
-        __setScriptKiddie()
         __setGoogleDorking()
         __urllib2Opener()
         __findPageForms()
diff --git a/lib/parse/cmdline.py b/lib/parse/cmdline.py
index 45ae27309..86dcf61f5 100644
--- a/lib/parse/cmdline.py
+++ b/lib/parse/cmdline.py
@@ -529,10 +529,10 @@ def cmdLineParser():
         parser.add_option("--live-test", dest="liveTest", action="store_true",
                           default=False, help=SUPPRESS_HELP)
 
-        parser.add_option("--technique", dest="technique", type="int",
+        parser.add_option("--real-test", dest="realTest", action="store_true",
                           default=False, help=SUPPRESS_HELP)
 
-        parser.add_option("--script-kiddie", dest="scriptKiddie", action="store_true",
+        parser.add_option("--technique", dest="technique", type="int",
                           default=False, help=SUPPRESS_HELP)
 
         parser.add_option_group(target)
@@ -561,7 +561,7 @@ def cmdLineParser():
 
         if not args.direct and not args.url and not args.list and not args.googleDork and not args.configFile\
             and not args.requestFile and not args.updateAll and not args.smokeTest and not args.liveTest\
-            and not args.scriptKiddie:
+            and not args.realTest:
             errMsg  = "missing a mandatory parameter ('-d', '-u', '-l', '-r', '-g', '-c' or '--update'), "
             errMsg += "-h for help"
             parser.error(errMsg)
diff --git a/lib/request/connect.py b/lib/request/connect.py
index aead487d6..d1e6aacc6 100644
--- a/lib/request/connect.py
+++ b/lib/request/connect.py
@@ -195,7 +195,7 @@ class Connect:
             if hasattr(conn, "setcookie"):
                 kb.redirectSetCookie = conn.setcookie
 
-            if hasattr(conn, "redurl") and hasattr(conn, "redcode") and not conf.redirectHandled and not conf.scriptKiddie:
+            if hasattr(conn, "redurl") and hasattr(conn, "redcode") and not conf.redirectHandled and not conf.realTest:
                 msg  = "sqlmap got a %d redirect to " % conn.redcode
                 msg += "%s - What target address do you " % conn.redurl
                 msg += "want to use from now on? %s " % conf.url
@@ -294,7 +294,7 @@ class Connect:
 
             if silent or (ignoreTimeout and "timeout" in tbMsg):
                 return None, None
-            elif kb.retriesCount < conf.retries and not kb.threadException and not conf.scriptKiddie:
+            elif kb.retriesCount < conf.retries and not kb.threadException and not conf.realTest:
                 kb.retriesCount += 1
 
                 warnMsg += ", sqlmap is going to retry the request"
diff --git a/txt/dorks.txt b/txt/dorks.txt
deleted file mode 100644
index b65a173ef..000000000
--- a/txt/dorks.txt
+++ /dev/null
@@ -1,27 +0,0 @@
-inurl:"id=" & intext:"Warning: mysql_fetch_assoc()"
-inurl:"id=" & intext:"Warning: mysql_fetch_array()"
-inurl:"id=" & intext:"Warning: mysql_num_rows()"
-inurl:"id=" & intext:"Warning: session_start()"
-inurl:"id=" & intext:"Warning: getimagesize()"
-inurl:"id=" & intext:"Warning: is_writable()"
-inurl:"id=" & intext:"Warning: getimagesize()"
-inurl:"id=" & intext:"Warning: Unknown()"
-inurl:"id=" & intext:"Warning: session_start()"
-inurl:"id=" & intext:"Warning: mysql_result()"
-inurl:"id=" & intext:"Warning: pg_exec()"
-inurl:"id=" & intext:"Warning: pg_fetch_object"
-inurl:"id=" & intext:"Warning: pg_fetch_array"
-inurl:"id=" & intext:"Warning: mysql_result()"
-inurl:"id=" & intext:"Warning: mysql_num_rows()"
-inurl:"id=" & intext:"Warning: mysql_query()"
-inurl:"id=" & intext:"Warning: array_merge()"
-inurl:"id=" & intext:"Warning: preg_match()"
-inurl:"id=" & intext:"Warning: filesize()"
-inurl:"id=" & intext:"Warning: filesize()"
-inurl:"id=" & intext:"Warning: require()"
-inurl:"id=" & intext:"unexpected end of SQL command"
-inurl:"id=" & intext:"Unclosed quotation mark before the character string"
-inurl:"id=" & intext:"Microsoft OLE DB Provider for ODBC Drivers error"
-inurl:"id=" & intext:"Microsoft Jet Database"
-inurl:"id=" & intext:"VbScript"
-inurl:"id=" & intext:"ODBC SQL Server Driver"