From 130bcd4b9b2c76ab4ebcc1c04e18f90082e9ab9d Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Fri, 24 May 2019 14:18:18 +0200 Subject: [PATCH] Minor update --- lib/controller/checks.py | 26 ++++++++++---------------- lib/core/common.py | 16 +++++++++------- lib/core/dicts.py | 2 +- lib/core/option.py | 1 + lib/core/settings.py | 2 +- lib/core/testing.py | 2 +- lib/core/wordlist.py | 1 - lib/parse/cmdline.py | 4 ++-- lib/request/basic.py | 15 ++++++++------- 9 files changed, 33 insertions(+), 36 deletions(-) diff --git a/lib/controller/checks.py b/lib/controller/checks.py index 319e87140..847cdf514 100644 --- a/lib/controller/checks.py +++ b/lib/controller/checks.py @@ -7,13 +7,11 @@ See the file 'LICENSE' for copying permission import copy import logging -import os import random import re import socket import subprocess import sys -import tempfile import time from extra.beep.beep import beep @@ -33,7 +31,6 @@ from lib.core.common import hashDBRetrieve from lib.core.common import hashDBWrite from lib.core.common import intersect from lib.core.common import listToStrValue -from lib.core.common import openFile from lib.core.common import parseFilePaths from lib.core.common import popValue from lib.core.common import pushValue @@ -44,18 +41,15 @@ from lib.core.common import showStaticWords from lib.core.common import singleTimeLogMessage from lib.core.common import singleTimeWarnMessage from lib.core.common import unArrayizeValue -from lib.core.common import urlencode from lib.core.common import wasLastResponseDBMSError from lib.core.common import wasLastResponseHTTPError from lib.core.compat import xrange from lib.core.convert import getUnicode -from lib.core.defaults import defaults from lib.core.data import conf from lib.core.data import kb from lib.core.data import logger from lib.core.datatype import AttribDict from lib.core.datatype import InjectionDict -from lib.core.decorators import cachedmethod from lib.core.decorators import stackedmethod from lib.core.dicts import FROM_DUMMY_TABLE from lib.core.enums import DBMS @@ -63,7 +57,6 @@ from lib.core.enums import HASHDB_KEYS from lib.core.enums import HEURISTIC_TEST from lib.core.enums import HTTP_HEADER from lib.core.enums import HTTPMETHOD -from lib.core.enums import MKSTEMP_PREFIX from lib.core.enums import NOTE from lib.core.enums import NULLCONNECTION from lib.core.enums import PAYLOAD @@ -81,7 +74,6 @@ from lib.core.settings import CANDIDATE_SENTENCE_MIN_LENGTH from lib.core.settings import CHECK_INTERNET_ADDRESS from lib.core.settings import CHECK_INTERNET_VALUE from lib.core.settings import DEFAULT_GET_POST_DELIMITER -from lib.core.settings import DEV_EMAIL_ADDRESS from lib.core.settings import DUMMY_NON_SQLI_CHECK_APPENDIX from lib.core.settings import FI_ERROR_REGEX from lib.core.settings import FORMAT_EXCEPTION_STRINGS @@ -1387,6 +1379,7 @@ def checkWaf(): pushValue(kb.resendPostOnRedirect) pushValue(conf.timeout) + kb.identYwaf = True kb.redirectChoice = REDIRECTION.YES kb.resendPostOnRedirect = False conf.timeout = IDS_WAF_CHECK_TIMEOUT @@ -1396,12 +1389,15 @@ def checkWaf(): except SqlmapConnectionException: retVal = True finally: + kb.identYwaf = False kb.matchRatio = None conf.timeout = popValue() kb.resendPostOnRedirect = popValue() kb.redirectChoice = popValue() + hashDBWrite(HASHDB_KEYS.CHECK_WAF_RESULT, retVal, True) + if retVal: if not kb.identifiedWafs: warnMsg = "heuristics detected that the target " @@ -1409,17 +1405,15 @@ def checkWaf(): logger.critical(warnMsg) message = "are you sure that you want to " - message += "continue with further target testing? [y/N] " - choice = readInput(message, default='N', boolean=True) - - if not conf.tamper: - warnMsg = "please consider usage of tamper scripts (option '--tamper')" - singleTimeWarnMessage(warnMsg) + message += "continue with further target testing? [Y/n] " + choice = readInput(message, default='Y', boolean=True) if not choice: raise SqlmapUserQuitException - - hashDBWrite(HASHDB_KEYS.CHECK_WAF_RESULT, retVal, True) + else: + if not conf.tamper: + warnMsg = "please consider usage of tamper scripts (option '--tamper')" + singleTimeWarnMessage(warnMsg) return retVal diff --git a/lib/core/common.py b/lib/core/common.py index 52081d149..b8e0a1848 100644 --- a/lib/core/common.py +++ b/lib/core/common.py @@ -68,7 +68,7 @@ from lib.core.decorators import cachedmethod from lib.core.defaults import defaults from lib.core.dicts import DBMS_DICT from lib.core.dicts import DEFAULT_DOC_ROOTS -from lib.core.dicts import DEPRECATED_OPTIONS +from lib.core.dicts import OLD_OPTIONS from lib.core.dicts import SQL_STATEMENTS from lib.core.enums import ADJUST_TIME_DELAY from lib.core.enums import CONTENT_STATUS @@ -4457,17 +4457,19 @@ def getHostHeader(url): return retVal -def checkDeprecatedOptions(args): +def checkOldOptions(args): """ - Checks for deprecated options + Checks for deprecated/obsolete options """ for _ in args: _ = _.split('=')[0].strip() - if _ in DEPRECATED_OPTIONS: - errMsg = "switch/option '%s' is deprecated" % _ - if DEPRECATED_OPTIONS[_]: - errMsg += " (hint: %s)" % DEPRECATED_OPTIONS[_] + if _ in OLD_OPTIONS: + if OLD_OPTIONS[_]: + errMsg = "switch/option '%s' is deprecated" % _ + errMsg += " (hint: %s)" % OLD_OPTIONS[_] + else: + errMsg = "switch/option '%s' is obsolete" % _ raise SqlmapSyntaxException(errMsg) def checkSystemEncoding(): diff --git a/lib/core/dicts.py b/lib/core/dicts.py index f96db7a95..4ff4f8f3d 100644 --- a/lib/core/dicts.py +++ b/lib/core/dicts.py @@ -280,7 +280,7 @@ POST_HINT_CONTENT_TYPES = { POST_HINT.ARRAY_LIKE: "application/x-www-form-urlencoded; charset=utf-8", } -DEPRECATED_OPTIONS = { +OLD_OPTIONS = { "--replicate": "use '--dump-format=SQLITE' instead", "--no-unescape": "use '--no-escape' instead", "--binary": "use '--binary-fields' instead", diff --git a/lib/core/option.py b/lib/core/option.py index 4b0087a6a..fb0a50652 100644 --- a/lib/core/option.py +++ b/lib/core/option.py @@ -1886,6 +1886,7 @@ def _setKnowledgeBaseAttributes(flushAll=True): kb.hintValue = None kb.htmlFp = [] kb.httpErrorCodes = {} + kb.identYwaf = False kb.inferenceMode = False kb.ignoreCasted = None kb.ignoreNotFound = False diff --git a/lib/core/settings.py b/lib/core/settings.py index 00ba78f53..626dc1e5f 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -18,7 +18,7 @@ from lib.core.enums import OS from thirdparty.six import unichr as _unichr # sqlmap version (...) -VERSION = "1.3.5.132" +VERSION = "1.3.5.133" TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable" TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34} VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE) diff --git a/lib/core/testing.py b/lib/core/testing.py index 3ca8306e5..d98a512f1 100644 --- a/lib/core/testing.py +++ b/lib/core/testing.py @@ -71,7 +71,7 @@ def vulnTest(): thread.start() for options, checks in ( - ("--flush-session --identify-waf", ("CloudFlare",)), + ("--flush-session", ("CloudFlare",)), ("--flush-session --parse-errors --eval=\"id2=2\" --referer=\"localhost\" --cookie=\"PHPSESSID=d41d8cd98f00b204e9800998ecf8427e\"", (": syntax error", "Type: boolean-based blind", "Type: time-based blind", "Type: UNION query", "back-end DBMS: SQLite", "3 columns")), ("--banner --schema --dump -T users --binary-fields=surname --where \"id>3\"", ("banner: '3", "INTEGER", "TEXT", "id", "name", "surname", "2 entries", "6E616D6569736E756C6C")), ("--all --tamper=between,randomcase", ("5 entries", "luther", "blisset", "fluffy", "179ad45c6ce2cb97cf1029e212046e81", "NULL", "nameisnull", "testpass")), diff --git a/lib/core/wordlist.py b/lib/core/wordlist.py index 34da6358d..89ded46ff 100644 --- a/lib/core/wordlist.py +++ b/lib/core/wordlist.py @@ -5,7 +5,6 @@ Copyright (c) 2006-2019 sqlmap developers (http://sqlmap.org/) See the file 'LICENSE' for copying permission """ -import os import zipfile from lib.core.common import getSafeExString diff --git a/lib/parse/cmdline.py b/lib/parse/cmdline.py index c1a270cdb..fff08fae6 100644 --- a/lib/parse/cmdline.py +++ b/lib/parse/cmdline.py @@ -17,7 +17,7 @@ from optparse import OptionGroup from optparse import OptionParser from optparse import SUPPRESS_HELP -from lib.core.common import checkDeprecatedOptions +from lib.core.common import checkOldOptions from lib.core.common import checkSystemEncoding from lib.core.common import dataToStdout from lib.core.common import expandMnemonics @@ -789,7 +789,7 @@ def cmdLineParser(argv=None): _.append(getUnicode(arg, encoding=sys.stdin.encoding)) argv = _ - checkDeprecatedOptions(argv) + checkOldOptions(argv) prompt = "--sqlmap-shell" in argv diff --git a/lib/request/basic.py b/lib/request/basic.py index 27d151736..fbd55b21a 100644 --- a/lib/request/basic.py +++ b/lib/request/basic.py @@ -387,13 +387,14 @@ def processResponse(page, responseHeaders, code=None, status=None): rawResponse = "%s %s %s\n%s\n%s" % (_http_client.HTTPConnection._http_vsn_str, code or "", status or "", "".join(responseHeaders.headers), page) - identYwaf.non_blind.clear() - if identYwaf.non_blind_check(rawResponse, silent=True): - for waf in identYwaf.non_blind: - if waf not in kb.identifiedWafs: - kb.identifiedWafs.add(waf) - errMsg = "WAF/IPS identified as '%s'" % identYwaf.format_name(waf) - singleTimeLogMessage(errMsg, logging.CRITICAL) + if kb.identYwaf: + identYwaf.non_blind.clear() + if identYwaf.non_blind_check(rawResponse, silent=True): + for waf in identYwaf.non_blind: + if waf not in kb.identifiedWafs: + kb.identifiedWafs.add(waf) + errMsg = "WAF/IPS identified as '%s'" % identYwaf.format_name(waf) + singleTimeLogMessage(errMsg, logging.CRITICAL) if kb.originalPage is None: for regex in (EVENTVALIDATION_REGEX, VIEWSTATE_REGEX):