From 1e82405bb99ea38100d742dbc0de490e1a6354fd Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Mon, 27 Feb 2012 12:14:01 +0000 Subject: [PATCH] HashDB is now supported in -d too --- lib/request/direct.py | 23 +++++++++-------------- lib/request/inject.py | 3 --- 2 files changed, 9 insertions(+), 17 deletions(-) diff --git a/lib/request/direct.py b/lib/request/direct.py index eae735b48..dc38543dd 100644 --- a/lib/request/direct.py +++ b/lib/request/direct.py @@ -14,6 +14,8 @@ from lib.core.common import Backend from lib.core.common import calculateDeltaSeconds from lib.core.common import getCurrentThreadData from lib.core.common import getUnicode +from lib.core.common import hashDBRetrieve +from lib.core.common import hashDBWrite from lib.core.convert import base64unpickle from lib.core.data import conf from lib.core.data import kb @@ -24,7 +26,6 @@ from lib.core.settings import UNICODE_ENCODING from lib.utils.timeout import timeout def direct(query, content=True): - output = None select = True query = agent.payloadDirect(query) threadData = getCurrentThreadData() @@ -43,28 +44,22 @@ def direct(query, content=True): logger.log(9, query) + output = hashDBRetrieve(query, True, True) + start = time.time() if not select and "EXEC " not in query: _ = timeout(func=conf.dbmsConnector.execute, args=(query,), duration=conf.timeout, default=None) - elif conf.hostname in kb.resumedQueries and query in kb.resumedQueries[conf.hostname] and "sqlmapoutput" not in query and "sqlmapfile" not in query: - try: - output = base64unpickle(kb.resumedQueries[conf.hostname][query][:-1]) - except: - output = timeout(func=conf.dbmsConnector.select, args=(query,), duration=conf.timeout, default=None) - - infoMsg = "resumed from file '%s': " % conf.sessionFile - infoMsg += "%s..." % getUnicode(output, UNICODE_ENCODING)[:20] - logger.info(infoMsg) - else: + elif not (output and "sqlmapoutput" not in query and "sqlmapfile" not in query): output = timeout(func=conf.dbmsConnector.select, args=(query,), duration=conf.timeout, default=None) + hashDBWrite(query, output, True) + elif output: + infoMsg = "resumed: %s..." % getUnicode(output, UNICODE_ENCODING)[:20] + logger.info(infoMsg) threadData.lastQueryDuration = calculateDeltaSeconds(start) if not output: return output elif content: - #if conf.hostname not in kb.resumedQueries or ( conf.hostname in kb.resumedQueries and query not in kb.resumedQueries[conf.hostname] ): - #dataToSessionFile("[%s][%s][%s][%s][%s]\n" % (conf.hostname, kb.injection.place, conf.parameters[kb.injection.place], query, base64pickle(output))) - if output and isinstance(output, (list, tuple)): if len(output[0]) == 1: if len(output) > 1: diff --git a/lib/request/inject.py b/lib/request/inject.py index 50c2fd5d5..bc1e0f038 100644 --- a/lib/request/inject.py +++ b/lib/request/inject.py @@ -15,7 +15,6 @@ from lib.core.bigarray import BigArray from lib.core.common import Backend from lib.core.common import calculateDeltaSeconds from lib.core.common import cleanQuery -from lib.core.common import dataToSessionFile from lib.core.common import expandAsteriskForColumns from lib.core.common import extractExpectedValue from lib.core.common import getPublicTypeMembers @@ -63,8 +62,6 @@ def __goInference(payload, expression, charsetType=None, firstChar=None, lastCha else: length = None - dataToSessionFile("[%s][%s][%s][%s][" % (conf.url, kb.injection.place, conf.parameters[kb.injection.place], expression)) - kb.inferenceMode = True count, value = bisection(payload, expression, length, charsetType, firstChar, lastChar, dump) kb.inferenceMode = False