Adding support for multi-threading in (testing) vulnserver

2024-11-22 01:26:42 +03:00 · 2019-04-30 01:08:24 +02:00 · 2019-04-30 01:08:24 +02:00 · 07e6a0a079
commit 07e6a0a079
parent 4e938ea4fd
3 changed files with 12 additions and 6 deletions
--- a/extra/vulnserver/vulnserver.py
+++ b/extra/vulnserver/vulnserver.py
@ -12,6 +12,7 @@ from __future__ import print_function
 import re
 import sqlite3
 import sys
+import threading
 import traceback

 if sys.version_info >= (3, 0):
@ -53,14 +54,17 @@ LISTEN_PORT = 8440

 _conn = None
 _cursor = None
+_lock = None
 _server = None

 def init(quiet=False):
    global _conn
    global _cursor
+    global _lock

    _conn = sqlite3.connect(":memory:", isolation_level=None, check_same_thread=False)
    _cursor = _conn.cursor()
+    _lock = threading.Lock()

    _cursor.executescript(SCHEMA)

@ -116,11 +120,13 @@ class ReqHandler(BaseHTTPRequestHandler):
                self.end_headers()

                try:
-                    _cursor.execute("SELECT * FROM users WHERE id=%s LIMIT 0, 1" % self.params.get("id", ""))
+                    with _lock:
+                        _cursor.execute("SELECT * FROM users WHERE id=%s LIMIT 0, 1" % self.params.get("id", ""))
+                        results = _cursor.fetchall()

                    output = "<b>SQL results:</b>\n"
                    output += "<table border=\"1\">\n"
-                    for row in _cursor.fetchall():
+                    for row in results:
                        output += "<tr>"
                        for value in row:
                            output += "<td>%s</td>" % value
--- a/lib/core/settings.py
+++ b/lib/core/settings.py
@ -17,7 +17,7 @@ from lib.core.enums import DBMS_DIRECTORY_NAME
 from lib.core.enums import OS

 # sqlmap version (<major>.<minor>.<month>.<monthly commit>)
-VERSION = "1.3.4.41"
+VERSION = "1.3.4.42"
 TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
 TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
 VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
--- a/lib/core/testing.py
+++ b/lib/core/testing.py
@ -20,7 +20,6 @@ import traceback
 from extra.beep.beep import beep
 from extra.vulnserver import vulnserver
 from lib.controller.controller import start
-from lib.core.common import checkIntegrity
 from lib.core.common import clearConsoleLine
 from lib.core.common import dataToStdout
 from lib.core.common import getUnicode
@ -66,15 +65,16 @@ def vulnTest():
    thread.start()

    for options, checks in (
-        ("--identify-waf", ("CloudFlare",)),
+        ("--flush-session --identify-waf", ("CloudFlare",)),
        ("--flush-session", ("Type: boolean-based blind", "Type: time-based blind", "Type: UNION query", "back-end DBMS: SQLite", "3 columns")),
        ("--banner --schema --dump -T users --binary-fields=surname --where 'id>3'", ("banner: '3", "INTEGER", "TEXT", "id", "name", "surname", "2 entries", "6E616D6569736E756C6C")),
        ("--all --tamper=between,randomcase", ("5 entries", "luther", "blisset", "fluffy", "179ad45c6ce2cb97cf1029e212046e81", "NULL", "nameisnull", "testpass")),
-        ("--technique=B --hex --fresh-queries --sql-query='SELECT 987654321'", ("single-thread", ": '987654321'",)),
+        ("--technique=B --hex --fresh-queries --threads=4 --sql-query='SELECT 987654321'", ("length of query output", ": '987654321'",)),
        ("--technique=T --fresh-queries --sql-query='SELECT 1234'", (": '1234'",)),
    ):
        output = shellExec("python %s -u http://%s:%d/?id=1 --batch %s" % (os.path.join(os.path.dirname(__file__), "..", "..", "sqlmap.py"), address, port, options))
        if not all(check in output for check in checks):
+            print output
            retVal = False

        count += 1