More fix for save/resume of --technique

This commit is contained in:
Bernardo Damele 2011-05-07 21:08:14 +00:00
parent 28a4ae8eaf
commit 1151af52bb
3 changed files with 36 additions and 23 deletions

View File

@ -203,17 +203,13 @@ def checkSqlInjection(place, parameter, value):
logger.debug(debugMsg) logger.debug(debugMsg)
continue continue
if len(kb.injections) > 0: if len(kb.tested) > 0 and stype in kb.tested:
for resumedInj in kb.injections: debugMsg = "skipping test '%s' because this " % title
if resumedInj.place == place and resumedInj.parameter \ debugMsg += "technique has already been detected "
== parameter and stype in resumedInj.data: debugMsg += "in a previous run"
debugMsg = "skipping test '%s' because this " % title logger.debug(debugMsg)
debugMsg += "technique has already been detected "
debugMsg += "in a previous run"
logger.debug(debugMsg)
proceed = False proceed = False
break
if not proceed: if not proceed:
continue continue

View File

@ -43,6 +43,7 @@ from lib.core.exception import sqlmapSilentQuitException
from lib.core.exception import sqlmapValueException from lib.core.exception import sqlmapValueException
from lib.core.exception import sqlmapUserQuitException from lib.core.exception import sqlmapUserQuitException
from lib.core.session import setInjection from lib.core.session import setInjection
from lib.core.session import setTestedTechniques
from lib.core.settings import EMPTY_FORM_FIELDS_REGEX from lib.core.settings import EMPTY_FORM_FIELDS_REGEX
from lib.core.settings import IGNORE_PARAMETERS from lib.core.settings import IGNORE_PARAMETERS
from lib.core.settings import REFERER_ALIASES from lib.core.settings import REFERER_ALIASES
@ -317,18 +318,10 @@ def start():
# TODO: consider the following line in __setRequestParams() # TODO: consider the following line in __setRequestParams()
# __testableParameters = True # __testableParameters = True
proceed = False if len(kb.tested) > 0 and kb.tested == conf.tech:
testSqlInj = False
if len(kb.injections) > 0: if testSqlInj:
for resumedInj in kb.injections:
for tech in conf.tech:
if tech not in resumedInj.data:
proceed = True
break
else:
proceed = True
if proceed:
if not conf.string and not conf.regexp: if not conf.string and not conf.regexp:
# NOTE: this is not needed anymore, leaving only to display # NOTE: this is not needed anymore, leaving only to display
# a warning message to the user in case the page is not stable # a warning message to the user in case the page is not stable
@ -436,6 +429,8 @@ def start():
warnMsg += "injectable" warnMsg += "injectable"
logger.warn(warnMsg) logger.warn(warnMsg)
setTestedTechniques()
if len(kb.injections) == 0 or (len(kb.injections) == 1 and kb.injections[0].place is None): if len(kb.injections) == 0 or (len(kb.injections) == 1 and kb.injections[0].place is None):
if not conf.realTest: if not conf.realTest:
errMsg = "all parameters are not injectable." errMsg = "all parameters are not injectable."

View File

@ -41,6 +41,23 @@ def unSafeFormatString(value):
retVal = retVal.replace("__LEFT_SQUARE_BRACKET__", "[").replace("__RIGHT_SQUARE_BRACKET__", "]") retVal = retVal.replace("__LEFT_SQUARE_BRACKET__", "[").replace("__RIGHT_SQUARE_BRACKET__", "]")
return retVal return retVal
def setTestedTechniques():
"""
Save information retrieved about dynamic markings to the
session file.
"""
condition = (
( not kb.resumedQueries
or ( kb.resumedQueries.has_key(conf.url) and
not kb.resumedQueries[conf.url].has_key("Tested techniques")) )
or ( kb.resumedQueries[conf.url].has_key("Tested techniques")
and base64unpickle(kb.resumedQueries[conf.url]["Tested techniques"][:-1]) != conf.tech
) )
if condition:
dataToSessionFile("[%s][%s][%s][Tested techniques][%s]\n" % (conf.url, None, None, base64pickle(conf.tech)))
def setInjection(inj): def setInjection(inj):
""" """
Save information retrieved about injection place and parameter in the Save information retrieved about injection place and parameter in the
@ -51,7 +68,7 @@ def setInjection(inj):
or ( kb.resumedQueries.has_key(conf.url) and or ( kb.resumedQueries.has_key(conf.url) and
not kb.resumedQueries[conf.url].has_key("Injection data")) not kb.resumedQueries[conf.url].has_key("Injection data"))
or ( kb.resumedQueries[conf.url].has_key("Injection data") or ( kb.resumedQueries[conf.url].has_key("Injection data")
and intersect(base64unpickle(kb.resumedQueries[conf.url]["Injection data"][:-1]).data.keys(),\ and intersect(base64unpickle(kb.resumedQueries[conf.url]["Injection data"][:-1]).data.keys(), \
inj.data.keys()) != inj.data.keys() inj.data.keys()) != inj.data.keys()
) ) ) )
@ -165,7 +182,12 @@ def setXpCmdshellAvailability(available):
dataToSessionFile("[%s][%s][%s][xp_cmdshell availability][%s]\n" % (conf.url, kb.injection.place, safeFormatString(conf.parameters[kb.injection.place]), str(available).lower())) dataToSessionFile("[%s][%s][%s][xp_cmdshell availability][%s]\n" % (conf.url, kb.injection.place, safeFormatString(conf.parameters[kb.injection.place]), str(available).lower()))
def resumeConfKb(expression, url, value): def resumeConfKb(expression, url, value):
if expression == "Injection data" and url == conf.url: if expression == "Tested techniques" and url == conf.url:
kb.tested.extend(base64unpickle(value[:-1]))
kb.tested = list(set(kb.tested))
kb.tested.sort()
elif expression == "Injection data" and url == conf.url:
injection = base64unpickle(value[:-1]) injection = base64unpickle(value[:-1])
if injection.place in conf.paramDict and \ if injection.place in conf.paramDict and \