diff --git a/lib/core/dicts.py b/lib/core/dicts.py index 4ec0051ed..27077f08f 100644 --- a/lib/core/dicts.py +++ b/lib/core/dicts.py @@ -363,6 +363,7 @@ OBSOLETE_OPTIONS = { "--ignore-401": "use '--ignore-code' instead", "--second-order": "use '--second-url' instead", "--purge-output": "use '--purge' instead", + "--sqlmap-shell": "use '--shell' instead", "--check-payload": None, "--check-waf": None, "--pickled-options": "use '--api -c ...' instead", diff --git a/lib/core/enums.py b/lib/core/enums.py index cf4eabb0a..9423c499f 100644 --- a/lib/core/enums.py +++ b/lib/core/enums.py @@ -437,3 +437,58 @@ class FUZZ_UNION_COLUMN: STRING = "" INTEGER = "" NULL = "NULL" + +class COLOR: + BLUE = "\033[34m" + BOLD_MAGENTA = "\033[35;1m" + BOLD_GREEN = "\033[32;1m" + BOLD_LIGHT_MAGENTA = "\033[95;1m" + LIGHT_GRAY = "\033[37m" + BOLD_RED = "\033[31;1m" + BOLD_LIGHT_GRAY = "\033[37;1m" + YELLOW = "\033[33m" + DARK_GRAY = "\033[90m" + BOLD_CYAN = "\033[36;1m" + LIGHT_RED = "\033[91m" + CYAN = "\033[36m" + MAGENTA = "\033[35m" + LIGHT_MAGENTA = "\033[95m" + LIGHT_GREEN = "\033[92m" + RESET = "\033[0m" + BOLD_DARK_GRAY = "\033[90;1m" + BOLD_LIGHT_YELLOW = "\033[93;1m" + BOLD_LIGHT_RED = "\033[91;1m" + BOLD_LIGHT_GREEN = "\033[92;1m" + LIGHT_YELLOW = "\033[93m" + BOLD_LIGHT_BLUE = "\033[94;1m" + BOLD_LIGHT_CYAN = "\033[96;1m" + LIGHT_BLUE = "\033[94m" + BOLD_WHITE = "\033[97;1m" + LIGHT_CYAN = "\033[96m" + BLACK = "\033[30m" + BOLD_YELLOW = "\033[33;1m" + BOLD_BLUE = "\033[34;1m" + GREEN = "\033[32m" + WHITE = "\033[97m" + BOLD_BLACK = "\033[30;1m" + RED = "\033[31m" + UNDERLINE = "\033[4m" + +class BACKGROUND: + BLUE = "\033[44m" + LIGHT_GRAY = "\033[47m" + YELLOW = "\033[43m" + DARK_GRAY = "\033[100m" + LIGHT_RED = "\033[101m" + CYAN = "\033[46m" + MAGENTA = "\033[45m" + LIGHT_MAGENTA = "\033[105m" + LIGHT_GREEN = "\033[102m" + RESET = "\033[0m" + LIGHT_YELLOW = "\033[103m" + LIGHT_BLUE = "\033[104m" + LIGHT_CYAN = "\033[106m" + BLACK = "\033[40m" + GREEN = "\033[42m" + WHITE = "\033[107m" + RED = "\033[41m" diff --git a/lib/core/option.py b/lib/core/option.py index 83f2f5aee..e12c674b4 100644 --- a/lib/core/option.py +++ b/lib/core/option.py @@ -1916,7 +1916,7 @@ def _cleanupOptions(): def _cleanupEnvironment(): """ - Cleanup environment (e.g. from leftovers after --sqlmap-shell). + Cleanup environment (e.g. from leftovers after --shell). """ if issubclass(_http_client.socket.socket, socks.socksocket): diff --git a/lib/core/settings.py b/lib/core/settings.py index 16526bf1d..f94a6a8d2 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -18,7 +18,7 @@ from lib.core.enums import OS from thirdparty.six import unichr as _unichr # sqlmap version (...) -VERSION = "1.5.2.15" +VERSION = "1.5.2.16" TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable" TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34} VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE) diff --git a/lib/parse/cmdline.py b/lib/parse/cmdline.py index 6992f5dcc..39676d89e 100644 --- a/lib/parse/cmdline.py +++ b/lib/parse/cmdline.py @@ -751,7 +751,7 @@ def cmdLineParser(argv=None): miscellaneous.add_argument("--results-file", dest="resultsFile", help="Location of CSV results file in multiple targets mode") - miscellaneous.add_argument("--sqlmap-shell", dest="sqlmapShell", action="store_true", + miscellaneous.add_argument("--shell", dest="shell", action="store_true", help="Prompt for an interactive sqlmap shell") miscellaneous.add_argument("--tmp-dir", dest="tmpDir", @@ -894,7 +894,7 @@ def cmdLineParser(argv=None): raise SqlmapSilentQuitException - elif "--sqlmap-shell" in argv: + elif "--shell" in argv: _createHomeDirectories() parser.usage = "" @@ -907,14 +907,17 @@ def cmdLineParser(argv=None): while True: command = None + prompt = "sqlmap > " try: # Note: in Python2 command should not be converted to Unicode before passing to shlex (Reference: https://bugs.python.org/issue1170) - command = _input("sqlmap-shell> ").strip() + command = _input(prompt).strip() except (KeyboardInterrupt, EOFError): print() raise SqlmapShellQuitException + command = re.sub(r"(?i)\Anew\s+", "", command or "") + if not command: continue elif command.lower() == "clear": @@ -924,8 +927,9 @@ def cmdLineParser(argv=None): elif command.lower() in ("x", "q", "exit", "quit"): raise SqlmapShellQuitException elif command[0] != '-': - dataToStdout("[!] invalid option(s) provided\n") - dataToStdout("[i] proper example: '-u http://www.site.com/vuln.php?id=1 --banner'\n") + if not re.search(r"(?i)\A(\?|help)\Z", command): + dataToStdout("[!] invalid option(s) provided\n") + dataToStdout("[i] valid example: '-u http://www.site.com/vuln.php?id=1 --banner'\n") else: saveHistory(AUTOCOMPLETE_TYPE.SQLMAP) loadHistory(AUTOCOMPLETE_TYPE.SQLMAP) @@ -1057,7 +1061,7 @@ def cmdLineParser(argv=None): args.stdinPipe = None if not any((args.direct, args.url, args.logFile, args.bulkFile, args.googleDork, args.configFile, args.requestFile, args.updateAll, args.smokeTest, args.vulnTest, args.bedTest, args.fuzzTest, args.wizard, args.dependencies, args.purge, args.listTampers, args.hashFile, args.stdinPipe)): - errMsg = "missing a mandatory option (-d, -u, -l, -m, -r, -g, -c, --list-tampers, --wizard, --update, --purge or --dependencies). " + errMsg = "missing a mandatory option (-d, -u, -l, -m, -r, -g, -c, --wizard, --shell, --update, --purge, --list-tampers or --dependencies). " errMsg += "Use -h for basic and -hh for advanced help\n" parser.error(errMsg)