sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-11-04 09:57:38 +03:00
Code Issues Packages Projects Releases Wiki Activity

implemented basic smoke testing mechanism

Browse Source
This commit is contained in:
Miroslav Stampar 2010-07-30 12:49:25 +00:00
parent f033943815
commit 092829c189
5 changed files with 33 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
extra/cloak/cloak.py
View File

@ -34,21 +34,21 @@ def hideAscii(data):
retVal += chr(ord(data[i]) ^ 127) retVal += chr(ord(data[i]) ^ 127)
else: else:
retVal += data[i] retVal += data[i]
return retVal return retVal
def cloak(inputFile): def cloak(inputFile):
f = open(inputFile, 'rb') f = open(inputFile, 'rb')
data = bz2.compress(f.read()) data = bz2.compress(f.read())
f.close() f.close()
return hideAscii(data) return hideAscii(data)
def decloak(inputFile): def decloak(inputFile):
f = open(inputFile, 'rb') f = open(inputFile, 'rb')
data = bz2.decompress(hideAscii(f.read())) data = bz2.decompress(hideAscii(f.read()))
f.close() f.close()
return data return data
def main(): def main():
@ -71,7 +71,7 @@ def main():
if not os.path.isfile(args.inputFile): if not os.path.isfile(args.inputFile):
print 'ERROR: the provided input file \'%s\' is not a regular file' % args.inputFile print 'ERROR: the provided input file \'%s\' is not a regular file' % args.inputFile
sys.exit(1) sys.exit(1)
if not args.decrypt: if not args.decrypt:
data = cloak(args.inputFile) data = cloak(args.inputFile)
else: else:
@ -82,7 +82,7 @@ def main():
args.outputFile = args.inputFile + '_' args.outputFile = args.inputFile + '_'
else: else:
args.outputFile = args.inputFile[:-1] args.outputFile = args.inputFile[:-1]
fpOut = open(args.outputFile, 'wb') fpOut = open(args.outputFile, 'wb')
sys.stdout = fpOut sys.stdout = fpOut
sys.stdout.write(data) sys.stdout.write(data)

4
lib/controller/controller.py
View File

@ -33,6 +33,7 @@ from lib.core.common import getUnicode
from lib.core.common import paramToDict from lib.core.common import paramToDict
from lib.core.common import parseTargetUrl from lib.core.common import parseTargetUrl
from lib.core.common import readInput from lib.core.common import readInput
from lib.core.common import smokeTest
from lib.core.data import conf from lib.core.data import conf
from lib.core.data import kb from lib.core.data import kb
from lib.core.data import logger from lib.core.data import logger
@ -93,6 +94,9 @@ def start():
if not conf.start: if not conf.start:
return return
if conf.smokeTest:
smokeTest()
if conf.direct: if conf.direct:
initTargetEnv() initTargetEnv()
setupTargetEnv() setupTargetEnv()

18
lib/core/common.py
View File

@ -57,6 +57,7 @@ from lib.core.data import queries
from lib.core.data import temp from lib.core.data import temp
from lib.core.convert import urlencode from lib.core.convert import urlencode
from lib.core.exception import sqlmapFilePathException from lib.core.exception import sqlmapFilePathException
from lib.core.exception import sqlmapGenericException
from lib.core.exception import sqlmapNoneDataException from lib.core.exception import sqlmapNoneDataException
from lib.core.exception import sqlmapMissingDependence from lib.core.exception import sqlmapMissingDependence
from lib.core.exception import sqlmapSyntaxException from lib.core.exception import sqlmapSyntaxException
@ -471,7 +472,7 @@ def readInput(message, default=None):
data = default data = default
else: else:
data = raw_input(message.encode(conf.dataEncoding)) data = raw_input(message.encode(sys.stdout.encoding))
if not data: if not data:
data = default data = default
@ -1410,3 +1411,18 @@ def longestCommonPrefix(*sequences):
def commonFinderOnly(initial, sequence): def commonFinderOnly(initial, sequence):
return longestCommonPrefix(*filter(lambda x: x.startswith(initial), sequence)) return longestCommonPrefix(*filter(lambda x: x.startswith(initial), sequence))
def smokeTest():
for root, _, files in os.walk(paths.SQLMAP_ROOT_PATH):
for file in files:
if os.path.splitext(file)[1].lower() == '.py' and file != '__init__.py':
path = os.path.join(root, os.path.splitext(file)[0])
path = path.replace(paths.SQLMAP_ROOT_PATH, '.')
path = path.replace(os.sep, '.').lstrip('.')
try:
module = __import__(path)
except Exception, msg:
raise sqlmapGenericException, "smoke test failed at importing module '%s' (%s):\n\n%s" % (path, os.path.join(paths.SQLMAP_ROOT_PATH, file), msg)
infoMsg = "smoke test passed"
logger.info(infoMsg)

7
lib/parse/cmdline.py
View File

@ -108,7 +108,7 @@ def cmdLineParser():
request.add_option("--auth-cred", dest="aCred", request.add_option("--auth-cred", dest="aCred",
help="HTTP authentication credentials " help="HTTP authentication credentials "
"(name:password)") "(name:password)")
request.add_option("--auth-cert", dest="aCert", request.add_option("--auth-cert", dest="aCert",
help="HTTP authentication certificate (" help="HTTP authentication certificate ("
"key_file,cert_file)") "key_file,cert_file)")
@ -457,6 +457,9 @@ def cmdLineParser():
parser.add_option("--common-prediction", dest="useCommonPrediction", action="store_true", parser.add_option("--common-prediction", dest="useCommonPrediction", action="store_true",
help=SUPPRESS_HELP) help=SUPPRESS_HELP)
parser.add_option("--smoke-test", dest="smokeTest", action="store_true",
help=SUPPRESS_HELP)
parser.add_option_group(target) parser.add_option_group(target)
parser.add_option_group(request) parser.add_option_group(request)
parser.add_option_group(injection) parser.add_option_group(injection)
@ -471,7 +474,7 @@ def cmdLineParser():
(args, _) = parser.parse_args([utf8decode(arg) for arg in sys.argv]) (args, _) = parser.parse_args([utf8decode(arg) for arg in sys.argv])
if not args.direct and not args.url and not args.list and not args.googleDork and not args.configFile and not args.requestFile and not args.updateAll: if not args.direct and not args.url and not args.list and not args.googleDork and not args.configFile and not args.requestFile and not args.updateAll and not args.smokeTest:
errMsg = "missing a mandatory parameter ('-d', '-u', '-l', '-r', '-g', '-c' or '--update'), " errMsg = "missing a mandatory parameter ('-d', '-u', '-l', '-r', '-g', '-c' or '--update'), "
errMsg += "-h for help" errMsg += "-h for help"
parser.error(errMsg) parser.error(errMsg)

2
sqlmap.py
View File

@ -23,7 +23,6 @@ Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
""" """
import codecs import codecs
import locale
import os import os
import sys import sys
import time import time
@ -33,6 +32,7 @@ import warnings
warnings.filterwarnings(action="ignore", message=".*was already imported", category=UserWarning) warnings.filterwarnings(action="ignore", message=".*was already imported", category=UserWarning)
# NOTE: This breaks SQL shell and OS shell history and TAB functionalities # NOTE: This breaks SQL shell and OS shell history and TAB functionalities
#import locale
#sys.stdout = codecs.getwriter(locale.getpreferredencoding())(sys.stdout) #sys.stdout = codecs.getwriter(locale.getpreferredencoding())(sys.stdout)
try: try: