From 01a431c2e4302a19507f0676ec2f67e783451918 Mon Sep 17 00:00:00 2001
From: Andris Raugulis <moo@arthepsy.eu>
Date: Mon, 8 Feb 2016 15:04:51 +0200
Subject: [PATCH] Add Excel (xlsx) output parsing support.

---
 lib/request/basic.py | 26 ++++++++++++++++++++++++++
 1 file changed, 26 insertions(+)

diff --git a/lib/request/basic.py b/lib/request/basic.py
index 78e793603..71f17b28f 100644
--- a/lib/request/basic.py
+++ b/lib/request/basic.py
@@ -5,6 +5,7 @@ Copyright (c) 2006-2016 sqlmap developers (http://sqlmap.org/)
 See the file 'doc/COPYING' for copying permission
 """
 
+import cgi
 import codecs
 import gzip
 import logging
@@ -321,8 +322,33 @@ def decodePage(page, contentEncoding, contentType):
             # e.g. &zeta;
             page = re.sub(r"&([^;]+);", lambda _: unichr(htmlEntities[_.group(1)]) if htmlEntities.get(_.group(1), 0) > 255 else _.group(0), page)
 
+    if contentType and contentType.lower() == 'application/vnd.ms-excel':
+        page = _xlsx2html(StringIO.StringIO(page))
+
     return page
 
+def _xlsx2html(fio):
+    sio = StringIO.StringIO()
+    try:
+        import openpyxl
+        wb = openpyxl.load_workbook(fio)
+        for ws in wb:
+            sio.write(u'<h1>{0}</h1>'.format(ws.title))
+            sio.write(u'<table border="1">')
+            rows, cols = len(ws.rows), len(ws.columns)
+            for y in range(1, rows + 1):
+                sio.write(u'<tr>')
+                for x in range(1, cols + 1):
+                    value = unicode(ws.cell(row=y, column=x).value or '')
+                    value = cgi.escape(value).encode('ascii', 'xmlcharrefreplace')
+                    sio.write(u'<td>{0}</td>'.format(value))
+                    sio.write(u'</tr>')
+            sio.write(u'</table>')
+    except Exception as e:
+        singleTimeLogMessage(e, logging.ERROR)
+        raise e
+    return sio.getvalue()
+
 def processResponse(page, responseHeaders):
     kb.processResponseCounter += 1