code refactoring

2025-01-23 15:54:24 +03:00 · 2010-12-07 13:34:06 +00:00 · 2010-12-07 13:34:06 +00:00 · 0dc630203f
commit 0dc630203f
parent 4f01d4c109
4 changed files with 10 additions and 15 deletions
--- a/lib/controller/checks.py
+++ b/lib/controller/checks.py
@ -95,7 +95,7 @@ def checkSqlInjection(place, parameter, value):
    injection = injectionDict()

    # Clear cookies after each query page attempt
-    kb.flushCookies = True
+    kb.testMode = True

    for test in conf.tests:
        title = test.title
@ -269,7 +269,6 @@ def checkSqlInjection(place, parameter, value):
                    # as we are changing parameters value, which will result
                    # most definitely with a different content
                    kb.pageTemplate, _ = Request.queryPage(agent.payload(place, parameter, value, origValue), place, content=True)
-                    kb.testCount += 1
                elif where == 3:
                    origValue = ""
                    kb.pageTemplate = kb.originalPage
@ -307,15 +306,12 @@ def checkSqlInjection(place, parameter, value):
                        # the False response content
                        conf.matchRatio = None
                        _ = Request.queryPage(cmpPayload, place)
-                        kb.testCount += 1

                        # Compare True and False response contents
                        trueResult = Request.queryPage(reqPayload, place)
-                        kb.testCount += 1

                        if trueResult:
                            falseResult = Request.queryPage(cmpPayload, place)
-                            kb.testCount += 1

                            if not falseResult:
                                infoMsg = "%s parameter '%s' is '%s' injectable " % (place, parameter, title)
@ -329,7 +325,6 @@ def checkSqlInjection(place, parameter, value):
                        # Perform the test's request and grep the response
                        # body for the test's <grep> regular expression
                        reqBody, _ = Request.queryPage(reqPayload, place, content=True)
-                        kb.testCount += 1
                        output = extractRegexResult(check, reqBody, re.DOTALL | re.IGNORECASE)

                        if output:
@ -354,9 +349,7 @@ def checkSqlInjection(place, parameter, value):
                        # Perform the test's request and check how long
                        # it takes to get the response back
                        start = time.time()
-
                        _ = Request.queryPage(reqPayload, place)
-                        kb.testCount += 1
                        duration = calculateDeltaSeconds(start)

                        # Threat sleep and delayed (heavy query) differently
@ -429,7 +422,7 @@ def checkSqlInjection(place, parameter, value):
                break

    # Flush the flag
-    kb.flushCookies = False
+    kb.testMode = False

    # Return the injection object
    if injection.place is not None and injection.parameter is not None:
--- a/lib/controller/controller.py
+++ b/lib/controller/controller.py
@ -115,7 +115,7 @@ def __formatInjection(inj):

 def __showInjections():
    header = "sqlmap identified the following injection points "
-    header += "with %d HTTP(s) requests" % kb.testCount
+    header += "with %d HTTP(s) requests" % kb.testQueryCount
    data = ""

    for inj in kb.injections:
--- a/lib/core/option.py
+++ b/lib/core/option.py
@ -1117,7 +1117,6 @@ def __setKnowledgeBaseAttributes():
    kb.cache.content   = {}
    kb.cache.regex     = {}

-    kb.flushCookies    = False
    kb.commonOutputs   = None

    kb.data            = advancedDict()
@ -1172,6 +1171,7 @@ def __setKnowledgeBaseAttributes():
    kb.partRun         = None
    kb.proxyAuthHeader = None
    kb.queryCounter    = 0
+    kb.redirectSetCookie = None
    kb.responseTime    = 0
    kb.resumedQueries  = {}
    kb.retriesCount    = 0
@ -1179,14 +1179,14 @@ def __setKnowledgeBaseAttributes():
    kb.targetUrls      = set()
    kb.testedParams    = set()
    kb.technique       = None
+    kb.testMode        = False
+    kb.testQueryCount  = 0
    kb.unionComment    = ""
    kb.unionCount      = None
    kb.unionPosition   = None
    kb.unionNegative   = False
    kb.userAgents      = None
    kb.valueStack      = []
-    kb.redirectSetCookie = None
-    kb.testCount       = 0

 def __saveCmdline():
    """
--- a/lib/request/connect.py
+++ b/lib/request/connect.py
@ -407,7 +407,9 @@ class Connect:
        if conf.textOnly:
            page = getFilteredPageContent(page)

-        if kb.flushCookies and conf.cj:
+        if kb.testMode:
+            kb.testQueryCount += 1
+            if conf.cj:
                conf.cj.clear()

        if content or response: