update

lib/controller/checks.py

@@ -387,7 +387,7 @@ def checkSqlInjection(place, parameter, value):
                                 elif detailKey == "os" and injection.os is None:
                                     injection.os = detailValue
 
-                        if conf.beep or conf.scriptKiddie:
+                        if conf.beep or conf.realTest:
                             beep()
 
                         # There is no need to perform this test for other
@@ -589,7 +589,7 @@ def checkStability():
         logger.warn(warnMsg)
 
         message = "how do you want to proceed? [C(ontinue)/s(tring)/r(egex)/q(uit)] "
-        if not conf.scriptKiddie:
+        if not conf.realTest:
             test = readInput(message, default="C")
         else:
             test = None

lib/controller/controller.py

@@ -227,7 +227,7 @@ def start():
                     elif test[0] in ("q", "Q"):
                         break
 
-                elif conf.scriptKiddie:
+                elif conf.realTest:
                     logger.info(message)
                 else:
                     message += "\ndo you want to test this url? [Y/n/q]"
@@ -343,7 +343,7 @@ def start():
 
                         if testSqlInj:
                             check = heuristicCheckSqlInjection(place, parameter, value)
-                            if not check and conf.scriptKiddie:
+                            if not check and conf.realTest:
                                 continue
 
                             logMsg  = "testing sql injection on %s " % place
@@ -376,7 +376,7 @@ def start():
                                 logger.warn(warnMsg)
 
             if len(kb.injections) == 0 or (len(kb.injections) == 1 and kb.injections[0].place is None):
-                if not conf.scriptKiddie:
+                if not conf.realTest:
                     errMsg = "all parameters are not injectable, try "
                     errMsg += "a higher --level"
                     raise sqlmapNotVulnerableException, errMsg

lib/core/common.py

@@ -676,7 +676,6 @@ def setPaths():
     paths.COMMON_COLUMNS         = os.path.join(paths.SQLMAP_TXT_PATH, "common-columns.txt")
     paths.COMMON_TABLES          = os.path.join(paths.SQLMAP_TXT_PATH, "common-tables.txt")
     paths.COMMON_OUTPUTS         = os.path.join(paths.SQLMAP_TXT_PATH, 'common-outputs.txt')
-    paths.DORKS                  = os.path.join(paths.SQLMAP_TXT_PATH, "dorks.txt")
     paths.SQL_KEYWORDS           = os.path.join(paths.SQLMAP_TXT_PATH, "keywords.txt")
     paths.ORACLE_DEFAULT_PASSWD  = os.path.join(paths.SQLMAP_TXT_PATH, "oracle-default-passwords.txt")
     paths.WORDLIST               = os.path.join(paths.SQLMAP_TXT_PATH, "wordlist.txt")

lib/core/option.py

@@ -303,20 +303,6 @@ def __setRequestFromFile():
 
     __feedTargetsDict(conf.requestFile, addedTargetUrls)
 
-def __setScriptKiddie():
-    """
-    This function sets a random google dork
-    """
-    if not conf.scriptKiddie or conf.url or conf.list or conf.requestFile or conf.googleDork:
-        return
-
-    dorks = getFileItems(paths.DORKS)
-    conf.googleDork = dorks[randomRange(0, len(dorks) - 1)]
-    conf.multipleTargets = True
-
-    logMsg = "setting random google dork to: '%s'" % conf.googleDork
-    logger.info(logMsg)
-
 def __setGoogleDorking():
     """
     This function checks if the way to request testable hosts is through
@@ -1393,7 +1379,7 @@ def init(inputOptions=advancedDict()):
     parseTargetUrl()
     parseTargetDirect()
 
-    if conf.url or conf.list or conf.requestFile or conf.googleDork or conf.liveTest or conf.scriptKiddie:
+    if conf.url or conf.list or conf.requestFile or conf.googleDork or conf.liveTest:
         __setHTTPTimeout()
         __setHTTPExtraHeaders()
         __setHTTPCookies()
@@ -1404,7 +1390,6 @@ def init(inputOptions=advancedDict()):
         __setHTTPProxy()
         __setSafeUrl()
         __setUnion()
-        __setScriptKiddie()
         __setGoogleDorking()
         __urllib2Opener()
         __findPageForms()

lib/parse/cmdline.py

@@ -529,10 +529,10 @@ def cmdLineParser():
         parser.add_option("--live-test", dest="liveTest", action="store_true",
                           default=False, help=SUPPRESS_HELP)
 
-        parser.add_option("--technique", dest="technique", type="int",
+        parser.add_option("--real-test", dest="realTest", action="store_true",
                           default=False, help=SUPPRESS_HELP)
 
-        parser.add_option("--script-kiddie", dest="scriptKiddie", action="store_true",
+        parser.add_option("--technique", dest="technique", type="int",
                           default=False, help=SUPPRESS_HELP)
 
         parser.add_option_group(target)
@@ -561,7 +561,7 @@ def cmdLineParser():
 
         if not args.direct and not args.url and not args.list and not args.googleDork and not args.configFile\
             and not args.requestFile and not args.updateAll and not args.smokeTest and not args.liveTest\
-            and not args.scriptKiddie:
+            and not args.realTest:
             errMsg  = "missing a mandatory parameter ('-d', '-u', '-l', '-r', '-g', '-c' or '--update'), "
             errMsg += "-h for help"
             parser.error(errMsg)

lib/request/connect.py

@@ -195,7 +195,7 @@ class Connect:
             if hasattr(conn, "setcookie"):
                 kb.redirectSetCookie = conn.setcookie
 
-            if hasattr(conn, "redurl") and hasattr(conn, "redcode") and not conf.redirectHandled and not conf.scriptKiddie:
+            if hasattr(conn, "redurl") and hasattr(conn, "redcode") and not conf.redirectHandled and not conf.realTest:
                 msg  = "sqlmap got a %d redirect to " % conn.redcode
                 msg += "%s - What target address do you " % conn.redurl
                 msg += "want to use from now on? %s " % conf.url
@@ -294,7 +294,7 @@ class Connect:
 
             if silent or (ignoreTimeout and "timeout" in tbMsg):
                 return None, None
-            elif kb.retriesCount < conf.retries and not kb.threadException and not conf.scriptKiddie:
+            elif kb.retriesCount < conf.retries and not kb.threadException and not conf.realTest:
                 kb.retriesCount += 1
 
                 warnMsg += ", sqlmap is going to retry the request"

txt/dorks.txt

@@ -1,27 +0,0 @@
-inurl:"id=" & intext:"Warning: mysql_fetch_assoc()"
-inurl:"id=" & intext:"Warning: mysql_fetch_array()"
-inurl:"id=" & intext:"Warning: mysql_num_rows()"
-inurl:"id=" & intext:"Warning: session_start()"
-inurl:"id=" & intext:"Warning: getimagesize()"
-inurl:"id=" & intext:"Warning: is_writable()"
-inurl:"id=" & intext:"Warning: getimagesize()"
-inurl:"id=" & intext:"Warning: Unknown()"
-inurl:"id=" & intext:"Warning: session_start()"
-inurl:"id=" & intext:"Warning: mysql_result()"
-inurl:"id=" & intext:"Warning: pg_exec()"
-inurl:"id=" & intext:"Warning: pg_fetch_object"
-inurl:"id=" & intext:"Warning: pg_fetch_array"
-inurl:"id=" & intext:"Warning: mysql_result()"
-inurl:"id=" & intext:"Warning: mysql_num_rows()"
-inurl:"id=" & intext:"Warning: mysql_query()"
-inurl:"id=" & intext:"Warning: array_merge()"
-inurl:"id=" & intext:"Warning: preg_match()"
-inurl:"id=" & intext:"Warning: filesize()"
-inurl:"id=" & intext:"Warning: filesize()"
-inurl:"id=" & intext:"Warning: require()"
-inurl:"id=" & intext:"unexpected end of SQL command"
-inurl:"id=" & intext:"Unclosed quotation mark before the character string"
-inurl:"id=" & intext:"Microsoft OLE DB Provider for ODBC Drivers error"
-inurl:"id=" & intext:"Microsoft Jet Database"
-inurl:"id=" & intext:"VbScript"
-inurl:"id=" & intext:"ODBC SQL Server Driver"