code reviewing part 2

2025-02-03 05:04:11 +03:00 · 2011-01-15 12:53:40 +00:00 · 2011-01-15 12:53:40 +00:00 · 1fa8f0cba7
commit 1fa8f0cba7
parent 6a0e0cde3c
9 changed files with 13 additions and 6 deletions
--- a/lib/core/shell.py
+++ b/lib/core/shell.py
@ -57,7 +57,7 @@ class CompleterNG(rlcompleter.Completer):
 def autoCompletion(sqlShell=False, osShell=False):
    # First of all we check if the readline is available, by default
    # it is not in Python default installation on Windows
-    if not readline.haveReadline:
+    if not readline._readline:
        return

    if sqlShell:
--- a/lib/parse/banner.py
+++ b/lib/parse/banner.py
@ -28,6 +28,8 @@ class MSSQLBannerHandler(ContentHandler):
    """

    def __init__(self, banner, info):
+        ContentHandler.__init__(self)
+
        self.__banner        = sanitizeStr(banner)
        self.__inVersion     = False
        self.__inServicePack = False
--- a/lib/parse/handler.py
+++ b/lib/parse/handler.py
@ -18,6 +18,8 @@ class FingerprintHandler(ContentHandler):
    """

    def __init__(self, banner, info):
+        ContentHandler.__init__(self)
+
        self.__banner      = sanitizeStr(banner)
        self.__regexp      = None
        self.__match       = None
--- a/lib/parse/html.py
+++ b/lib/parse/html.py
@ -25,6 +25,8 @@ class htmlHandler(ContentHandler):
    """

    def __init__(self, page):
+        ContentHandler.__init__(self)
+
        self.__dbms   = None
        self.__page   = page
        self.__regexp = None
--- a/lib/request/comparison.py
+++ b/lib/request/comparison.py
@ -23,7 +23,7 @@ from lib.core.settings import DIFF_TOLERANCE
 from lib.core.settings import LOWER_RATIO_BOUND
 from lib.core.settings import UPPER_RATIO_BOUND

-def comparison(page, headers=None, getSeqMatcher=False, pageLength=None):
+def comparison(page, getSeqMatcher=False, pageLength=None):
    if page is None and pageLength is None:
        return None

--- a/lib/request/connect.py
+++ b/lib/request/connect.py
@ -472,8 +472,8 @@ class Connect:
        if content or response:
            return page, headers
        elif getSeqMatcher:
-            return comparison(page, headers, getSeqMatcher=False, pageLength=pageLength), comparison(page, headers, getSeqMatcher=True, pageLength=pageLength)
+            return comparison(page, getSeqMatcher=False, pageLength=pageLength), comparison(page, getSeqMatcher=True, pageLength=pageLength)
        elif pageLength or page:
-            return comparison(page, headers, getSeqMatcher, pageLength)
+            return comparison(page, getSeqMatcher, pageLength)
        else:
            return False
--- a/lib/takeover/web.py
+++ b/lib/takeover/web.py
@ -78,6 +78,7 @@ class Web:

    def __webFileStreamUpload(self, stream, destFileName, directory):
        stream.seek(0) # Rewind
+        stream.name = destFileName

        if self.webApi in ("php", "asp", "aspx", "jsp"):
            multipartParams = {
--- a/lib/techniques/inband/union/use.py
+++ b/lib/techniques/inband/union/use.py
@ -31,7 +31,7 @@ from lib.utils.resume import resume

 reqCount = 0

-def unionUse(expression, direct=False, unescape=True, resetCounter=False, nullChar=None, unpack=True, dump=False):
+def unionUse(expression, direct=False, unescape=True, resetCounter=False, unpack=True, dump=False):
    """
    This function tests for an inband SQL injection on the target
    url then call its subsidiary function to effectively perform an
--- a/plugins/dbms/mysql/filesystem.py
+++ b/plugins/dbms/mysql/filesystem.py
@ -92,7 +92,7 @@ class Filesystem(GenericFilesystem):
        logger.debug(debugMsg)

        sqlQuery = "%s INTO DUMPFILE '%s'" % (fcEncodedStr, dFile)
-        unionUse(sqlQuery, direct=True, unescape=False, nullChar="''")
+        unionUse(sqlQuery, direct=True, unescape=False)

        if confirm:
            self.askCheckWrittenFile(wFile, dFile, fileType)