HashDB is now supported in -d too

lib/request/direct.py

@@ -14,6 +14,8 @@ from lib.core.common import Backend
 from lib.core.common import calculateDeltaSeconds
 from lib.core.common import getCurrentThreadData
 from lib.core.common import getUnicode
+from lib.core.common import hashDBRetrieve
+from lib.core.common import hashDBWrite
 from lib.core.convert import base64unpickle
 from lib.core.data import conf
 from lib.core.data import kb
@@ -24,7 +26,6 @@ from lib.core.settings import UNICODE_ENCODING
 from lib.utils.timeout import timeout
 
 def direct(query, content=True):
-    output = None
     select = True
     query = agent.payloadDirect(query)
     threadData = getCurrentThreadData()
@@ -43,28 +44,22 @@ def direct(query, content=True):
 
     logger.log(9, query)
 
+    output = hashDBRetrieve(query, True, True)
+
     start = time.time()
     if not select and "EXEC " not in query:
         _ = timeout(func=conf.dbmsConnector.execute, args=(query,), duration=conf.timeout, default=None)
-    elif conf.hostname in kb.resumedQueries and query in kb.resumedQueries[conf.hostname] and "sqlmapoutput" not in query and "sqlmapfile" not in query:
+    elif not (output and "sqlmapoutput" not in query and "sqlmapfile" not in query):
-        try:
-            output = base64unpickle(kb.resumedQueries[conf.hostname][query][:-1])
-        except:
         output = timeout(func=conf.dbmsConnector.select, args=(query,), duration=conf.timeout, default=None)
-
+        hashDBWrite(query, output, True)
-        infoMsg = "resumed from file '%s': " % conf.sessionFile
+    elif output:
-        infoMsg += "%s..." % getUnicode(output, UNICODE_ENCODING)[:20]
+        infoMsg = "resumed: %s..." % getUnicode(output, UNICODE_ENCODING)[:20]
         logger.info(infoMsg)
-    else:
-        output = timeout(func=conf.dbmsConnector.select, args=(query,), duration=conf.timeout, default=None)
     threadData.lastQueryDuration = calculateDeltaSeconds(start)
 
     if not output:
         return output
     elif content:
-        #if conf.hostname not in kb.resumedQueries or ( conf.hostname in kb.resumedQueries and query not in kb.resumedQueries[conf.hostname] ):
-            #dataToSessionFile("[%s][%s][%s][%s][%s]\n" % (conf.hostname, kb.injection.place, conf.parameters[kb.injection.place], query, base64pickle(output)))
-
         if output and isinstance(output, (list, tuple)):
             if len(output[0]) == 1:
                 if len(output) > 1:

lib/request/inject.py

@@ -15,7 +15,6 @@ from lib.core.bigarray import BigArray
 from lib.core.common import Backend
 from lib.core.common import calculateDeltaSeconds
 from lib.core.common import cleanQuery
-from lib.core.common import dataToSessionFile
 from lib.core.common import expandAsteriskForColumns
 from lib.core.common import extractExpectedValue
 from lib.core.common import getPublicTypeMembers
@@ -63,8 +62,6 @@ def __goInference(payload, expression, charsetType=None, firstChar=None, lastCha
     else:
         length = None
 
-    dataToSessionFile("[%s][%s][%s][%s][" % (conf.url, kb.injection.place, conf.parameters[kb.injection.place], expression))
-
     kb.inferenceMode = True
     count, value = bisection(payload, expression, length, charsetType, firstChar, lastChar, dump)
     kb.inferenceMode = False