More fix for save/resume of --technique

2024-11-25 11:03:47 +03:00 · 2011-05-07 21:08:14 +00:00 · 2011-05-07 21:08:14 +00:00 · 1151af52bb
commit 1151af52bb
parent 28a4ae8eaf
3 changed files with 36 additions and 23 deletions
--- a/lib/controller/checks.py
+++ b/lib/controller/checks.py
@ -203,17 +203,13 @@ def checkSqlInjection(place, parameter, value):
                logger.debug(debugMsg)
                continue

-            if len(kb.injections) > 0:
-                for resumedInj in kb.injections:
-                    if resumedInj.place == place and resumedInj.parameter \
-                       == parameter and stype in resumedInj.data:
+            if len(kb.tested) > 0 and stype in kb.tested:
                debugMsg = "skipping test '%s' because this " % title
                debugMsg += "technique has already been detected "
                debugMsg += "in a previous run"
                logger.debug(debugMsg)

                proceed = False
-                        break

            if not proceed:
                continue
--- a/lib/controller/controller.py
+++ b/lib/controller/controller.py
@ -43,6 +43,7 @@ from lib.core.exception import sqlmapSilentQuitException
 from lib.core.exception import sqlmapValueException
 from lib.core.exception import sqlmapUserQuitException
 from lib.core.session import setInjection
+from lib.core.session import setTestedTechniques
 from lib.core.settings import EMPTY_FORM_FIELDS_REGEX
 from lib.core.settings import IGNORE_PARAMETERS
 from lib.core.settings import REFERER_ALIASES
@ -317,18 +318,10 @@ def start():
                            # TODO: consider the following line in __setRequestParams()
                            # __testableParameters = True

-            proceed = False
+            if len(kb.tested) > 0 and kb.tested == conf.tech:
+                testSqlInj = False

-            if len(kb.injections) > 0:
-                for resumedInj in kb.injections:
-                    for tech in conf.tech:
-                        if tech not in resumedInj.data:
-                            proceed = True
-                            break
-            else:
-                proceed = True
-
-            if proceed:
+            if testSqlInj:
                if not conf.string and not conf.regexp:
                    # NOTE: this is not needed anymore, leaving only to display
                    # a warning message to the user in case the page is not stable
@ -436,6 +429,8 @@ def start():
                                warnMsg += "injectable"
                                logger.warn(warnMsg)

+            setTestedTechniques()
+
            if len(kb.injections) == 0 or (len(kb.injections) == 1 and kb.injections[0].place is None):
                if not conf.realTest:
                    errMsg = "all parameters are not injectable."
--- a/lib/core/session.py
+++ b/lib/core/session.py
@ -41,6 +41,23 @@ def unSafeFormatString(value):
        retVal = retVal.replace("__LEFT_SQUARE_BRACKET__", "[").replace("__RIGHT_SQUARE_BRACKET__", "]")
    return retVal

+def setTestedTechniques():
+    """
+    Save information retrieved about dynamic markings to the
+    session file.
+    """
+
+    condition = (
+                  ( not kb.resumedQueries
+                  or ( kb.resumedQueries.has_key(conf.url) and
+                  not kb.resumedQueries[conf.url].has_key("Tested techniques")) )
+                  or ( kb.resumedQueries[conf.url].has_key("Tested techniques")
+                  and base64unpickle(kb.resumedQueries[conf.url]["Tested techniques"][:-1]) != conf.tech
+                ) )
+
+    if condition:
+        dataToSessionFile("[%s][%s][%s][Tested techniques][%s]\n" % (conf.url, None, None, base64pickle(conf.tech)))
+
 def setInjection(inj):
    """
    Save information retrieved about injection place and parameter in the
@ -51,7 +68,7 @@ def setInjection(inj):
                  or ( kb.resumedQueries.has_key(conf.url) and
                  not kb.resumedQueries[conf.url].has_key("Injection data"))
                  or ( kb.resumedQueries[conf.url].has_key("Injection data")
-                  and intersect(base64unpickle(kb.resumedQueries[conf.url]["Injection data"][:-1]).data.keys(),\
+                  and intersect(base64unpickle(kb.resumedQueries[conf.url]["Injection data"][:-1]).data.keys(), \
                    inj.data.keys()) != inj.data.keys()
                ) )

@ -165,7 +182,12 @@ def setXpCmdshellAvailability(available):
        dataToSessionFile("[%s][%s][%s][xp_cmdshell availability][%s]\n" % (conf.url, kb.injection.place, safeFormatString(conf.parameters[kb.injection.place]), str(available).lower()))

 def resumeConfKb(expression, url, value):
-    if expression == "Injection data" and url == conf.url:
+    if expression == "Tested techniques" and url == conf.url:
+        kb.tested.extend(base64unpickle(value[:-1]))
+        kb.tested = list(set(kb.tested))
+        kb.tested.sort()
+
+    elif expression == "Injection data" and url == conf.url:
        injection = base64unpickle(value[:-1])

        if injection.place in conf.paramDict and \