From 10f8c6a0b6a44328caa83d8c9b5895332d5f62f7 Mon Sep 17 00:00:00 2001
From: Miroslav Stampar <miroslav.stampar@gmail.com>
Date: Fri, 10 Jul 2015 16:10:24 +0200
Subject: [PATCH] Introducing --offline switch (to perform session only
 lookups)

---
 lib/controller/checks.py | 8 ++++----
 lib/core/optiondict.py   | 1 +
 lib/parse/cmdline.py     | 4 ++++
 lib/request/connect.py   | 4 +++-
 lib/request/inject.py    | 2 +-
 sqlmap.conf              | 4 ++++
 6 files changed, 17 insertions(+), 6 deletions(-)

diff --git a/lib/controller/checks.py b/lib/controller/checks.py
index 59c0c2969..4c1e14c7e 100644
--- a/lib/controller/checks.py
+++ b/lib/controller/checks.py
@@ -552,7 +552,7 @@ def checkSqlInjection(place, parameter, value):
 
                         kb.previousMethod = method
 
-                        if conf.dummy:
+                        if conf.dummy or conf.offline:
                             injectable = False
 
                     # If the injection test was successful feed the injection
@@ -1142,7 +1142,7 @@ def checkWaf():
     Reference: http://seclists.org/nmap-dev/2011/q2/att-1005/http-waf-detect.nse
     """
 
-    if any((conf.string, conf.notString, conf.regexp)):
+    if any((conf.string, conf.notString, conf.regexp, conf.dummy, conf.offline)):
         return None
 
     dbmMsg = "heuristically checking if the target is protected by "
@@ -1290,7 +1290,7 @@ def checkNullConnection():
     return kb.nullConnection is not None
 
 def checkConnection(suppressOutput=False):
-    if not any((conf.proxy, conf.tor, conf.dummy)):
+    if not any((conf.proxy, conf.tor, conf.dummy, conf.offline)):
         try:
             debugMsg = "resolving hostname '%s'" % conf.hostname
             logger.debug(debugMsg)
@@ -1303,7 +1303,7 @@ def checkConnection(suppressOutput=False):
             errMsg += "resolving a host name '%s' ('%s')" % (conf.hostname, getUnicode(ex))
             raise SqlmapConnectionException(errMsg)
 
-    if not suppressOutput and not conf.dummy:
+    if not suppressOutput and not conf.dummy and not conf.offline:
         infoMsg = "testing connection to the target URL"
         logger.info(infoMsg)
 
diff --git a/lib/core/optiondict.py b/lib/core/optiondict.py
index 587db58b9..b9adbd67b 100644
--- a/lib/core/optiondict.py
+++ b/lib/core/optiondict.py
@@ -217,6 +217,7 @@ optDict = {
                                "disableColoring":   "boolean",
                                "googlePage":        "integer",
                                "mobile":            "boolean",
+                               "offline":           "boolean",
                                "pageRank":          "boolean",
                                "purgeOutput":       "boolean",
                                "smart":             "boolean",
diff --git a/lib/parse/cmdline.py b/lib/parse/cmdline.py
index a374b4fa5..177cb063e 100644
--- a/lib/parse/cmdline.py
+++ b/lib/parse/cmdline.py
@@ -715,6 +715,10 @@ def cmdLineParser():
                                   action="store_true",
                                   help="Imitate smartphone through HTTP User-Agent header")
 
+        miscellaneous.add_option("--offline", dest="offline",
+                                  action="store_true",
+                                  help="Work in offline mode (only use session data)")
+
         miscellaneous.add_option("--page-rank", dest="pageRank",
                                   action="store_true",
                                   help="Display page rank (PR) for Google dork results")
diff --git a/lib/request/connect.py b/lib/request/connect.py
index b3fe886f1..94d1e4576 100644
--- a/lib/request/connect.py
+++ b/lib/request/connect.py
@@ -212,7 +212,9 @@ class Connect(object):
         elif conf.cpuThrottle:
             cpuThrottle(conf.cpuThrottle)
 
-        if conf.dummy:
+        if conf.offline:
+            return None, None, None
+        elif conf.dummy:
             return getUnicode(randomStr(int(randomInt()), alphabet=[chr(_) for _ in xrange(256)]), {}, int(randomInt())), None, None
 
         threadData = getCurrentThreadData()
diff --git a/lib/request/inject.py b/lib/request/inject.py
index 0395c0a56..74d83efc9 100644
--- a/lib/request/inject.py
+++ b/lib/request/inject.py
@@ -450,7 +450,7 @@ def getValue(expression, blind=True, union=True, error=True, time=True, fromUser
 
     kb.safeCharEncode = False
 
-    if not kb.testMode and value is None and Backend.getDbms() and conf.dbmsHandler and not conf.noCast and not conf.hexConvert:
+    if not any((kb.testMode, conf.dummy, conf.offline)) and value is None and Backend.getDbms() and conf.dbmsHandler and not conf.noCast and not conf.hexConvert:
         warnMsg = "in case of continuous data retrieval problems you are advised to try "
         warnMsg += "a switch '--no-cast' "
         warnMsg += "or switch '--hex'" if Backend.getIdentifiedDbms() not in (DBMS.ACCESS, DBMS.FIREBIRD) else ""
diff --git a/sqlmap.conf b/sqlmap.conf
index f9f30e759..2ca8c6dd6 100644
--- a/sqlmap.conf
+++ b/sqlmap.conf
@@ -754,6 +754,10 @@ identifyWaf = False
 # Valid: True or False
 mobile = False
 
+# Work in offline mode (only use session data)
+# Valid: True or False
+offline = False
+
 # Display page rank (PR) for Google dork results.
 # Valid: True or False
 pageRank = False