mirror of
				https://github.com/sqlmapproject/sqlmap.git
				synced 2025-10-25 05:01:32 +03:00 
			
		
		
		
	Adding experimental option --crack
This commit is contained in:
		
							parent
							
								
									b288bfdbc3
								
							
						
					
					
						commit
						01d5da18e3
					
				|  | @ -71,6 +71,7 @@ from lib.core.settings import REFERER_ALIASES | ||||||
| from lib.core.settings import USER_AGENT_ALIASES | from lib.core.settings import USER_AGENT_ALIASES | ||||||
| from lib.core.target import initTargetEnv | from lib.core.target import initTargetEnv | ||||||
| from lib.core.target import setupTargetEnv | from lib.core.target import setupTargetEnv | ||||||
|  | from lib.utils.hash import crackHashFile | ||||||
| 
 | 
 | ||||||
| def _selectInjection(): | def _selectInjection(): | ||||||
|     """ |     """ | ||||||
|  | @ -268,6 +269,9 @@ def start(): | ||||||
|     check if they are dynamic and SQL injection affected |     check if they are dynamic and SQL injection affected | ||||||
|     """ |     """ | ||||||
| 
 | 
 | ||||||
|  |     if conf.hashFile: | ||||||
|  |         crackHashFile(conf.hashFile) | ||||||
|  | 
 | ||||||
|     if conf.direct: |     if conf.direct: | ||||||
|         initTargetEnv() |         initTargetEnv() | ||||||
|         setupTargetEnv() |         setupTargetEnv() | ||||||
|  |  | ||||||
|  | @ -4343,19 +4343,23 @@ def hashDBWrite(key, value, serialize=False): | ||||||
|     Helper function for writing session data to HashDB |     Helper function for writing session data to HashDB | ||||||
|     """ |     """ | ||||||
| 
 | 
 | ||||||
|     _ = '|'.join((str(_) if not isinstance(_, basestring) else _) for _ in (conf.hostname, conf.path.strip('/') if conf.path is not None else conf.port, key, HASHDB_MILESTONE_VALUE)) |     if conf.hashDB: | ||||||
|     conf.hashDB.write(_, value, serialize) |         _ = '|'.join((str(_) if not isinstance(_, basestring) else _) for _ in (conf.hostname, conf.path.strip('/') if conf.path is not None else conf.port, key, HASHDB_MILESTONE_VALUE)) | ||||||
|  |         conf.hashDB.write(_, value, serialize) | ||||||
| 
 | 
 | ||||||
| def hashDBRetrieve(key, unserialize=False, checkConf=False): | def hashDBRetrieve(key, unserialize=False, checkConf=False): | ||||||
|     """ |     """ | ||||||
|     Helper function for restoring session data from HashDB |     Helper function for restoring session data from HashDB | ||||||
|     """ |     """ | ||||||
| 
 | 
 | ||||||
|     _ = '|'.join((str(_) if not isinstance(_, basestring) else _) for _ in (conf.hostname, conf.path.strip('/') if conf.path is not None else conf.port, key, HASHDB_MILESTONE_VALUE)) |     retVal = None | ||||||
|     retVal = conf.hashDB.retrieve(_, unserialize) if kb.resumeValues and not (checkConf and any((conf.flushSession, conf.freshQueries))) else None |  | ||||||
| 
 | 
 | ||||||
|     if not kb.inferenceMode and not kb.fileReadMode and isinstance(retVal, basestring) and any(_ in retVal for _ in (PARTIAL_VALUE_MARKER, PARTIAL_HEX_VALUE_MARKER)): |     if conf.hashDB: | ||||||
|         retVal = None |         _ = '|'.join((str(_) if not isinstance(_, basestring) else _) for _ in (conf.hostname, conf.path.strip('/') if conf.path is not None else conf.port, key, HASHDB_MILESTONE_VALUE)) | ||||||
|  |         retVal = conf.hashDB.retrieve(_, unserialize) if kb.resumeValues and not (checkConf and any((conf.flushSession, conf.freshQueries))) else None | ||||||
|  | 
 | ||||||
|  |         if not kb.inferenceMode and not kb.fileReadMode and isinstance(retVal, basestring) and any(_ in retVal for _ in (PARTIAL_VALUE_MARKER, PARTIAL_HEX_VALUE_MARKER)): | ||||||
|  |             retVal = None | ||||||
| 
 | 
 | ||||||
|     return retVal |     return retVal | ||||||
| 
 | 
 | ||||||
|  |  | ||||||
|  | @ -19,7 +19,7 @@ from lib.core.enums import DBMS_DIRECTORY_NAME | ||||||
| from lib.core.enums import OS | from lib.core.enums import OS | ||||||
| 
 | 
 | ||||||
| # sqlmap version (<major>.<minor>.<month>.<monthly commit>) | # sqlmap version (<major>.<minor>.<month>.<monthly commit>) | ||||||
| VERSION = "1.2.12.25" | VERSION = "1.2.12.26" | ||||||
| TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable" | TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable" | ||||||
| TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34} | TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34} | ||||||
| VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE) | VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE) | ||||||
|  |  | ||||||
|  | @ -668,6 +668,10 @@ def cmdLineParser(argv=None): | ||||||
|                                  help="Simple wizard interface for beginner users") |                                  help="Simple wizard interface for beginner users") | ||||||
| 
 | 
 | ||||||
|         # Hidden and/or experimental options |         # Hidden and/or experimental options | ||||||
|  |         parser.add_option("--crack", dest="hashFile", | ||||||
|  |                           help=SUPPRESS_HELP) | ||||||
|  |                           #help="Load and crack hashes from a file") | ||||||
|  | 
 | ||||||
|         parser.add_option("--dummy", dest="dummy", action="store_true", |         parser.add_option("--dummy", dest="dummy", action="store_true", | ||||||
|                           help=SUPPRESS_HELP) |                           help=SUPPRESS_HELP) | ||||||
| 
 | 
 | ||||||
|  | @ -884,7 +888,7 @@ def cmdLineParser(argv=None): | ||||||
|         if args.dummy: |         if args.dummy: | ||||||
|             args.url = args.url or DUMMY_URL |             args.url = args.url or DUMMY_URL | ||||||
| 
 | 
 | ||||||
|         if not any((args.direct, args.url, args.logFile, args.bulkFile, args.googleDork, args.configFile, args.requestFile, args.updateAll, args.smokeTest, args.liveTest, args.wizard, args.dependencies, args.purge, args.sitemapUrl, args.listTampers)): |         if not any((args.direct, args.url, args.logFile, args.bulkFile, args.googleDork, args.configFile, args.requestFile, args.updateAll, args.smokeTest, args.liveTest, args.wizard, args.dependencies, args.purge, args.sitemapUrl, args.listTampers, args.hashFile)): | ||||||
|             errMsg = "missing a mandatory option (-d, -u, -l, -m, -r, -g, -c, -x, --list-tampers, --wizard, --update, --purge or --dependencies). " |             errMsg = "missing a mandatory option (-d, -u, -l, -m, -r, -g, -c, -x, --list-tampers, --wizard, --update, --purge or --dependencies). " | ||||||
|             errMsg += "Use -h for basic and -hh for advanced help\n" |             errMsg += "Use -h for basic and -hh for advanced help\n" | ||||||
|             parser.error(errMsg) |             parser.error(errMsg) | ||||||
|  |  | ||||||
|  | @ -1078,7 +1078,8 @@ def dictionaryAttack(attack_dict): | ||||||
|                         gc.enable() |                         gc.enable() | ||||||
| 
 | 
 | ||||||
|                     if retVal: |                     if retVal: | ||||||
|                         conf.hashDB.beginTransaction() |                         if conf.hashDB: | ||||||
|  |                             conf.hashDB.beginTransaction() | ||||||
| 
 | 
 | ||||||
|                         while not retVal.empty(): |                         while not retVal.empty(): | ||||||
|                             user, hash_, word = item = retVal.get(block=False) |                             user, hash_, word = item = retVal.get(block=False) | ||||||
|  | @ -1086,7 +1087,8 @@ def dictionaryAttack(attack_dict): | ||||||
|                             hashDBWrite(hash_, word) |                             hashDBWrite(hash_, word) | ||||||
|                             results.append(item) |                             results.append(item) | ||||||
| 
 | 
 | ||||||
|                         conf.hashDB.endTransaction() |                         if conf.hashDB: | ||||||
|  |                             conf.hashDB.endTransaction() | ||||||
| 
 | 
 | ||||||
|             clearConsoleLine() |             clearConsoleLine() | ||||||
| 
 | 
 | ||||||
|  | @ -1171,15 +1173,17 @@ def dictionaryAttack(attack_dict): | ||||||
|                         if _multiprocessing: |                         if _multiprocessing: | ||||||
|                             gc.enable() |                             gc.enable() | ||||||
| 
 | 
 | ||||||
|                         if retVal: |                         if retVal and conf.hashDB: | ||||||
|                             conf.hashDB.beginTransaction() |                             if conf.hashDB: | ||||||
|  |                                 conf.hashDB.beginTransaction() | ||||||
| 
 | 
 | ||||||
|                             while not retVal.empty(): |                             while not retVal.empty(): | ||||||
|                                 user, hash_, word = item = retVal.get(block=False) |                                 user, hash_, word = item = retVal.get(block=False) | ||||||
|                                 hashDBWrite(hash_, word) |                                 hashDBWrite(hash_, word) | ||||||
|                                 results.append(item) |                                 results.append(item) | ||||||
| 
 | 
 | ||||||
|                             conf.hashDB.endTransaction() |                             if conf.hashDB: | ||||||
|  |                                 conf.hashDB.endTransaction() | ||||||
| 
 | 
 | ||||||
|                 clearConsoleLine() |                 clearConsoleLine() | ||||||
| 
 | 
 | ||||||
|  | @ -1194,3 +1198,17 @@ def dictionaryAttack(attack_dict): | ||||||
|         logger.warn(warnMsg) |         logger.warn(warnMsg) | ||||||
| 
 | 
 | ||||||
|     return results |     return results | ||||||
|  | 
 | ||||||
|  | def crackHashFile(hashFile): | ||||||
|  |     i = 0 | ||||||
|  |     attack_dict = {} | ||||||
|  | 
 | ||||||
|  |     for line in getFileItems(conf.hashFile): | ||||||
|  |         if ':' in line: | ||||||
|  |             user, hash_ = line.split(':', 1) | ||||||
|  |             attack_dict[user] = [hash_] | ||||||
|  |         else: | ||||||
|  |             attack_dict["%s%d" % (DUMMY_USER_PREFIX, i)] = [line] | ||||||
|  |             i += 1 | ||||||
|  | 
 | ||||||
|  |     dictionaryAttack(attack_dict) | ||||||
|  |  | ||||||
|  | @ -24,12 +24,12 @@ b3e60ea4e18a65c48515d04aab28ff68  extra/sqlharvest/sqlharvest.py | ||||||
| c1bccc94522d3425a372dcd57f78418e  extra/wafdetectify/wafdetectify.py | c1bccc94522d3425a372dcd57f78418e  extra/wafdetectify/wafdetectify.py | ||||||
| 3459c562a6abb9b4bdcc36925f751f3e  lib/controller/action.py | 3459c562a6abb9b4bdcc36925f751f3e  lib/controller/action.py | ||||||
| 0f0feede9750be810d2b8a7ab159b7b0  lib/controller/checks.py | 0f0feede9750be810d2b8a7ab159b7b0  lib/controller/checks.py | ||||||
| ad968ee04e93f6f850d6b7e5ac0073c5  lib/controller/controller.py | ae444b08253e10bc4553f011d6100b28  lib/controller/controller.py | ||||||
| 988b548f6578adf9cec17afdeee8291c  lib/controller/handler.py | 988b548f6578adf9cec17afdeee8291c  lib/controller/handler.py | ||||||
| 1e5532ede194ac9c083891c2f02bca93  lib/controller/__init__.py | 1e5532ede194ac9c083891c2f02bca93  lib/controller/__init__.py | ||||||
| e62309b22a59e60b270e62586f169441  lib/core/agent.py | e62309b22a59e60b270e62586f169441  lib/core/agent.py | ||||||
| c347f085bd561adfa26d3a9512e5f3b9  lib/core/bigarray.py | c347f085bd561adfa26d3a9512e5f3b9  lib/core/bigarray.py | ||||||
| a78c563bbaeebd958b25303d83dfe3f2  lib/core/common.py | ae4bf844c42f9a36ebbe8444e89f7041  lib/core/common.py | ||||||
| 0d082da16c388b3445e656e0760fb582  lib/core/convert.py | 0d082da16c388b3445e656e0760fb582  lib/core/convert.py | ||||||
| 9f87391b6a3395f7f50830b391264f27  lib/core/data.py | 9f87391b6a3395f7f50830b391264f27  lib/core/data.py | ||||||
| 72016ea5c994a711a262fd64572a0fcd  lib/core/datatype.py | 72016ea5c994a711a262fd64572a0fcd  lib/core/datatype.py | ||||||
|  | @ -49,7 +49,7 @@ c8c386d644d57c659d74542f5f57f632  lib/core/patch.py | ||||||
| 0c3eef46bdbf87e29a3f95f90240d192  lib/core/replication.py | 0c3eef46bdbf87e29a3f95f90240d192  lib/core/replication.py | ||||||
| a7db43859b61569b601b97f187dd31c5  lib/core/revision.py | a7db43859b61569b601b97f187dd31c5  lib/core/revision.py | ||||||
| fcb74fcc9577523524659ec49e2e964b  lib/core/session.py | fcb74fcc9577523524659ec49e2e964b  lib/core/session.py | ||||||
| 3805f9f360e47798a3e6d4da977c83eb  lib/core/settings.py | 758c731f879a5989288d8809a8d54567  lib/core/settings.py | ||||||
| a971ce157d04de96ba6e710d3d38a9a8  lib/core/shell.py | a971ce157d04de96ba6e710d3d38a9a8  lib/core/shell.py | ||||||
| a7edc9250d13af36ac0108f259859c19  lib/core/subprocessng.py | a7edc9250d13af36ac0108f259859c19  lib/core/subprocessng.py | ||||||
| 1581be48127a3a7a9fd703359b6e7567  lib/core/target.py | 1581be48127a3a7a9fd703359b6e7567  lib/core/target.py | ||||||
|  | @ -60,7 +60,7 @@ b35636650cfe721f5cc47fb91737c061  lib/core/update.py | ||||||
| e772deb63270375e685fa5a7b775c382  lib/core/wordlist.py | e772deb63270375e685fa5a7b775c382  lib/core/wordlist.py | ||||||
| 1e5532ede194ac9c083891c2f02bca93  lib/__init__.py | 1e5532ede194ac9c083891c2f02bca93  lib/__init__.py | ||||||
| 7620f1f4b8791e13c7184c06b5421754  lib/parse/banner.py | 7620f1f4b8791e13c7184c06b5421754  lib/parse/banner.py | ||||||
| 30d7cbada42154dcbb17f4ca969d812a  lib/parse/cmdline.py | cfd7938668213fef65a7570997b78403  lib/parse/cmdline.py | ||||||
| fb2e2f05dde98caeac6ccf3e67192177  lib/parse/configfile.py | fb2e2f05dde98caeac6ccf3e67192177  lib/parse/configfile.py | ||||||
| 3794ff139869f5ae8e81cfdbe5714f56  lib/parse/handler.py | 3794ff139869f5ae8e81cfdbe5714f56  lib/parse/handler.py | ||||||
| 6bab53ea9d75bc9bb8169d3e8f3f149f  lib/parse/headers.py | 6bab53ea9d75bc9bb8169d3e8f3f149f  lib/parse/headers.py | ||||||
|  | @ -108,7 +108,7 @@ f9867bbfcd6d31916ca73e72e95fd881  lib/utils/deps.py | ||||||
| f7af65aa47329d021e2b2cc8521b42a4  lib/utils/getch.py | f7af65aa47329d021e2b2cc8521b42a4  lib/utils/getch.py | ||||||
| 7af29f61302c8693cd6436d4b69e22d3  lib/utils/har.py | 7af29f61302c8693cd6436d4b69e22d3  lib/utils/har.py | ||||||
| 1205648d55649accafae2cc77d647aa0  lib/utils/hashdb.py | 1205648d55649accafae2cc77d647aa0  lib/utils/hashdb.py | ||||||
| 4b50c02e803c874c1d03873fd29d63ee  lib/utils/hash.py | eb2aa3fa9ebdf4cb6ac3e005f7df1e9b  lib/utils/hash.py | ||||||
| 011d2dbf589e0faa0deca61a651239cc  lib/utils/htmlentities.py | 011d2dbf589e0faa0deca61a651239cc  lib/utils/htmlentities.py | ||||||
| 1e5532ede194ac9c083891c2f02bca93  lib/utils/__init__.py | 1e5532ede194ac9c083891c2f02bca93  lib/utils/__init__.py | ||||||
| 527409077a094b63c88f3291138b1c81  lib/utils/pivotdumptable.py | 527409077a094b63c88f3291138b1c81  lib/utils/pivotdumptable.py | ||||||
|  |  | ||||||
		Loading…
	
		Reference in New Issue
	
	Block a user