sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-11-22 01:26:42 +03:00
Code Issues Packages Projects Releases Wiki Activity

Adding experimental option --crack

Browse Source
This commit is contained in:
Miroslav Stampar 2018-12-17 17:38:47 +01:00
parent b288bfdbc3
commit 01d5da18e3
6 changed files with 48 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
lib/controller/controller.py
View File

@ -71,6 +71,7 @@ from lib.core.settings import REFERER_ALIASES
from lib.core.settings import USER_AGENT_ALIASES
from lib.core.target import initTargetEnv
from lib.core.target import setupTargetEnv
from lib.utils.hash import crackHashFile
def _selectInjection():
"""
@ -268,6 +269,9 @@ def start():
check if they are dynamic and SQL injection affected
"""
if conf.hashFile:
crackHashFile(conf.hashFile)
if conf.direct:
initTargetEnv()
setupTargetEnv()

16
lib/core/common.py
View File

@ -4343,19 +4343,23 @@ def hashDBWrite(key, value, serialize=False):
Helper function for writing session data to HashDB
"""
_ = '|'.join((str(_) if not isinstance(_, basestring) else _) for _ in (conf.hostname, conf.path.strip('/') if conf.path is not None else conf.port, key, HASHDB_MILESTONE_VALUE))
conf.hashDB.write(_, value, serialize)
if conf.hashDB:
_ = '|'.join((str(_) if not isinstance(_, basestring) else _) for _ in (conf.hostname, conf.path.strip('/') if conf.path is not None else conf.port, key, HASHDB_MILESTONE_VALUE))
conf.hashDB.write(_, value, serialize)
def hashDBRetrieve(key, unserialize=False, checkConf=False):
"""
Helper function for restoring session data from HashDB
"""
_ = '|'.join((str(_) if not isinstance(_, basestring) else _) for _ in (conf.hostname, conf.path.strip('/') if conf.path is not None else conf.port, key, HASHDB_MILESTONE_VALUE))
retVal = conf.hashDB.retrieve(_, unserialize) if kb.resumeValues and not (checkConf and any((conf.flushSession, conf.freshQueries))) else None
retVal = None
if not kb.inferenceMode and not kb.fileReadMode and isinstance(retVal, basestring) and any(_ in retVal for _ in (PARTIAL_VALUE_MARKER, PARTIAL_HEX_VALUE_MARKER)):
retVal = None
if conf.hashDB:
_ = '|'.join((str(_) if not isinstance(_, basestring) else _) for _ in (conf.hostname, conf.path.strip('/') if conf.path is not None else conf.port, key, HASHDB_MILESTONE_VALUE))
retVal = conf.hashDB.retrieve(_, unserialize) if kb.resumeValues and not (checkConf and any((conf.flushSession, conf.freshQueries))) else None
if not kb.inferenceMode and not kb.fileReadMode and isinstance(retVal, basestring) and any(_ in retVal for _ in (PARTIAL_VALUE_MARKER, PARTIAL_HEX_VALUE_MARKER)):
retVal = None
return retVal

2
lib/core/settings.py
View File

@ -19,7 +19,7 @@ from lib.core.enums import DBMS_DIRECTORY_NAME
from lib.core.enums import OS
# sqlmap version (<major>.<minor>.<month>.<monthly commit>)
VERSION = "1.2.12.25"
VERSION = "1.2.12.26"
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)

6
lib/parse/cmdline.py
View File

@ -668,6 +668,10 @@ def cmdLineParser(argv=None):
help="Simple wizard interface for beginner users")
# Hidden and/or experimental options
parser.add_option("--crack", dest="hashFile",
help=SUPPRESS_HELP)
#help="Load and crack hashes from a file")
parser.add_option("--dummy", dest="dummy", action="store_true",
help=SUPPRESS_HELP)
@ -884,7 +888,7 @@ def cmdLineParser(argv=None):
if args.dummy:
args.url = args.url or DUMMY_URL
if not any((args.direct, args.url, args.logFile, args.bulkFile, args.googleDork, args.configFile, args.requestFile, args.updateAll, args.smokeTest, args.liveTest, args.wizard, args.dependencies, args.purge, args.sitemapUrl, args.listTampers)):
if not any((args.direct, args.url, args.logFile, args.bulkFile, args.googleDork, args.configFile, args.requestFile, args.updateAll, args.smokeTest, args.liveTest, args.wizard, args.dependencies, args.purge, args.sitemapUrl, args.listTampers, args.hashFile)):
errMsg = "missing a mandatory option (-d, -u, -l, -m, -r, -g, -c, -x, --list-tampers, --wizard, --update, --purge or --dependencies). "
errMsg += "Use -h for basic and -hh for advanced help\n"
parser.error(errMsg)

28
lib/utils/hash.py
View File

@ -1078,7 +1078,8 @@ def dictionaryAttack(attack_dict):
gc.enable()
if retVal:
conf.hashDB.beginTransaction()
if conf.hashDB:
conf.hashDB.beginTransaction()
while not retVal.empty():
user, hash_, word = item = retVal.get(block=False)
@ -1086,7 +1087,8 @@ def dictionaryAttack(attack_dict):
hashDBWrite(hash_, word)
results.append(item)
conf.hashDB.endTransaction()
if conf.hashDB:
conf.hashDB.endTransaction()
clearConsoleLine()
@ -1171,15 +1173,17 @@ def dictionaryAttack(attack_dict):
if _multiprocessing:
gc.enable()
if retVal:
conf.hashDB.beginTransaction()
if retVal and conf.hashDB:
if conf.hashDB:
conf.hashDB.beginTransaction()
while not retVal.empty():
user, hash_, word = item = retVal.get(block=False)
hashDBWrite(hash_, word)
results.append(item)
conf.hashDB.endTransaction()
if conf.hashDB:
conf.hashDB.endTransaction()
clearConsoleLine()
@ -1194,3 +1198,17 @@ def dictionaryAttack(attack_dict):
logger.warn(warnMsg)
return results
def crackHashFile(hashFile):
i = 0
attack_dict = {}
for line in getFileItems(conf.hashFile):
if ':' in line:
user, hash_ = line.split(':', 1)
attack_dict[user] = [hash_]
else:
attack_dict["%s%d" % (DUMMY_USER_PREFIX, i)] = [line]
i += 1
dictionaryAttack(attack_dict)

10
txt/checksum.md5
View File

@ -24,12 +24,12 @@ b3e60ea4e18a65c48515d04aab28ff68 extra/sqlharvest/sqlharvest.py
c1bccc94522d3425a372dcd57f78418e extra/wafdetectify/wafdetectify.py
3459c562a6abb9b4bdcc36925f751f3e lib/controller/action.py
0f0feede9750be810d2b8a7ab159b7b0 lib/controller/checks.py
ad968ee04e93f6f850d6b7e5ac0073c5 lib/controller/controller.py
ae444b08253e10bc4553f011d6100b28 lib/controller/controller.py
988b548f6578adf9cec17afdeee8291c lib/controller/handler.py
1e5532ede194ac9c083891c2f02bca93 lib/controller/__init__.py
e62309b22a59e60b270e62586f169441 lib/core/agent.py
c347f085bd561adfa26d3a9512e5f3b9 lib/core/bigarray.py
a78c563bbaeebd958b25303d83dfe3f2 lib/core/common.py
ae4bf844c42f9a36ebbe8444e89f7041 lib/core/common.py
0d082da16c388b3445e656e0760fb582 lib/core/convert.py
9f87391b6a3395f7f50830b391264f27 lib/core/data.py
72016ea5c994a711a262fd64572a0fcd lib/core/datatype.py
@ -49,7 +49,7 @@ c8c386d644d57c659d74542f5f57f632 lib/core/patch.py
0c3eef46bdbf87e29a3f95f90240d192 lib/core/replication.py
a7db43859b61569b601b97f187dd31c5 lib/core/revision.py
fcb74fcc9577523524659ec49e2e964b lib/core/session.py
3805f9f360e47798a3e6d4da977c83eb lib/core/settings.py
758c731f879a5989288d8809a8d54567 lib/core/settings.py
a971ce157d04de96ba6e710d3d38a9a8 lib/core/shell.py
a7edc9250d13af36ac0108f259859c19 lib/core/subprocessng.py
1581be48127a3a7a9fd703359b6e7567 lib/core/target.py
@ -60,7 +60,7 @@ b35636650cfe721f5cc47fb91737c061 lib/core/update.py
e772deb63270375e685fa5a7b775c382 lib/core/wordlist.py
1e5532ede194ac9c083891c2f02bca93 lib/__init__.py
7620f1f4b8791e13c7184c06b5421754 lib/parse/banner.py
30d7cbada42154dcbb17f4ca969d812a lib/parse/cmdline.py
cfd7938668213fef65a7570997b78403 lib/parse/cmdline.py
fb2e2f05dde98caeac6ccf3e67192177 lib/parse/configfile.py
3794ff139869f5ae8e81cfdbe5714f56 lib/parse/handler.py
6bab53ea9d75bc9bb8169d3e8f3f149f lib/parse/headers.py
@ -108,7 +108,7 @@ f9867bbfcd6d31916ca73e72e95fd881 lib/utils/deps.py
f7af65aa47329d021e2b2cc8521b42a4 lib/utils/getch.py
7af29f61302c8693cd6436d4b69e22d3 lib/utils/har.py
1205648d55649accafae2cc77d647aa0 lib/utils/hashdb.py
4b50c02e803c874c1d03873fd29d63ee lib/utils/hash.py
eb2aa3fa9ebdf4cb6ac3e005f7df1e9b lib/utils/hash.py
011d2dbf589e0faa0deca61a651239cc lib/utils/htmlentities.py
1e5532ede194ac9c083891c2f02bca93 lib/utils/__init__.py
527409077a094b63c88f3291138b1c81 lib/utils/pivotdumptable.py