mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2025-11-04 09:57:38 +03:00
Couple of fixes and some testing stuff
This commit is contained in:
Miroslav Stampar
parent
381deb68ff
commit
212c1ec1f2
|
|
@ -235,6 +235,7 @@ optDict = {
|
||||||
"profile": "boolean",
|
"profile": "boolean",
|
||||||
"forceDns": "boolean",
|
"forceDns": "boolean",
|
||||||
"ignore401": "boolean",
|
"ignore401": "boolean",
|
||||||
|
"murphyRate": "integer",
|
||||||
"smokeTest": "boolean",
|
"smokeTest": "boolean",
|
||||||
"liveTest": "boolean",
|
"liveTest": "boolean",
|
||||||
"stopFail": "boolean",
|
"stopFail": "boolean",
|
||||||
|
|
|
||||||
|
|
@ -19,7 +19,7 @@ from lib.core.enums import OS
|
||||||
from lib.core.revision import getRevisionNumber
|
from lib.core.revision import getRevisionNumber
|
||||||
|
|
||||||
# sqlmap version (<major>.<minor>.<month>.<monthly commit>)
|
# sqlmap version (<major>.<minor>.<month>.<monthly commit>)
|
||||||
VERSION = "1.0.9.40"
|
VERSION = "1.0.9.41"
|
||||||
REVISION = getRevisionNumber()
|
REVISION = getRevisionNumber()
|
||||||
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
|
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
|
||||||
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
|
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
|
||||||
|
|
@ -86,6 +86,9 @@ MAX_CONNECTIONS_REGEX = r"max.+connections"
|
||||||
# Timeout before the pre-connection candidate is being disposed (because of high probability that the web server will reset it)
|
# Timeout before the pre-connection candidate is being disposed (because of high probability that the web server will reset it)
|
||||||
PRECONNECT_CANDIDATE_TIMEOUT = 10
|
PRECONNECT_CANDIDATE_TIMEOUT = 10
|
||||||
|
|
||||||
|
# Maximum sleep time in "Murphy" (testing) mode
|
||||||
|
MAX_MURPHY_SLEEP_TIME = 3
|
||||||
|
|
||||||
# Regular expression used for extracting results from Google search
|
# Regular expression used for extracting results from Google search
|
||||||
GOOGLE_REGEX = r"webcache\.googleusercontent\.com/search\?q=cache:[^:]+:([^+]+)\+&cd=|url\?\w+=((?![^>]+webcache\.googleusercontent\.com)http[^>]+)&(sa=U|rct=j)"
|
GOOGLE_REGEX = r"webcache\.googleusercontent\.com/search\?q=cache:[^:]+:([^+]+)\+&cd=|url\?\w+=((?![^>]+webcache\.googleusercontent\.com)http[^>]+)&(sa=U|rct=j)"
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -59,6 +59,7 @@ class _ThreadData(threading.local):
|
||||||
self.retriesCount = 0
|
self.retriesCount = 0
|
||||||
self.seqMatcher = difflib.SequenceMatcher(None)
|
self.seqMatcher = difflib.SequenceMatcher(None)
|
||||||
self.shared = shared
|
self.shared = shared
|
||||||
|
self.validationRun = 0
|
||||||
self.valueStack = []
|
self.valueStack = []
|
||||||
|
|
||||||
ThreadData = _ThreadData()
|
ThreadData = _ThreadData()
|
||||||
|
|
|
||||||
|
|
@ -759,6 +759,9 @@ def cmdLineParser(argv=None):
|
||||||
parser.add_option("--dummy", dest="dummy", action="store_true",
|
parser.add_option("--dummy", dest="dummy", action="store_true",
|
||||||
help=SUPPRESS_HELP)
|
help=SUPPRESS_HELP)
|
||||||
|
|
||||||
|
parser.add_option("--murphy-rate", dest="murphyRate", type="int",
|
||||||
|
help=SUPPRESS_HELP)
|
||||||
|
|
||||||
parser.add_option("--pickled-options", dest="pickledOptions",
|
parser.add_option("--pickled-options", dest="pickledOptions",
|
||||||
help=SUPPRESS_HELP)
|
help=SUPPRESS_HELP)
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -90,6 +90,7 @@ from lib.core.settings import HTTP_ACCEPT_ENCODING_HEADER_VALUE
|
||||||
from lib.core.settings import MAX_CONNECTION_CHUNK_SIZE
|
from lib.core.settings import MAX_CONNECTION_CHUNK_SIZE
|
||||||
from lib.core.settings import MAX_CONNECTIONS_REGEX
|
from lib.core.settings import MAX_CONNECTIONS_REGEX
|
||||||
from lib.core.settings import MAX_CONNECTION_TOTAL_SIZE
|
from lib.core.settings import MAX_CONNECTION_TOTAL_SIZE
|
||||||
|
from lib.core.settings import MAX_MURPHY_SLEEP_TIME
|
||||||
from lib.core.settings import META_REFRESH_REGEX
|
from lib.core.settings import META_REFRESH_REGEX
|
||||||
from lib.core.settings import MIN_TIME_RESPONSES
|
from lib.core.settings import MIN_TIME_RESPONSES
|
||||||
from lib.core.settings import IS_WIN
|
from lib.core.settings import IS_WIN
|
||||||
|
|
@ -224,8 +225,10 @@ class Connect(object):
|
||||||
|
|
||||||
if conf.offline:
|
if conf.offline:
|
||||||
return None, None, None
|
return None, None, None
|
||||||
elif conf.dummy:
|
elif conf.dummy or conf.murphyRate and randomInt() % conf.murphyRate == 0:
|
||||||
return getUnicode(randomStr(int(randomInt()), alphabet=[chr(_) for _ in xrange(256)]), {}, int(randomInt())), None, None
|
if conf.murphyRate:
|
||||||
|
time.sleep(randomInt() % (MAX_MURPHY_SLEEP_TIME + 1))
|
||||||
|
return getUnicode(randomStr(int(randomInt()), alphabet=[chr(_) for _ in xrange(256)]), {}, int(randomInt())), None, None if not conf.murphyRate else randomInt(3)
|
||||||
|
|
||||||
threadData = getCurrentThreadData()
|
threadData = getCurrentThreadData()
|
||||||
with kb.locks.request:
|
with kb.locks.request:
|
||||||
|
|
|
||||||
|
|
@ -324,7 +324,7 @@ def bisection(payload, expression, length=None, charsetType=None, firstChar=None
|
||||||
if not timeBasedCompare:
|
if not timeBasedCompare:
|
||||||
unexpectedCode |= threadData.lastCode not in (kb.injection.data[kb.technique].falseCode, kb.injection.data[kb.technique].trueCode)
|
unexpectedCode |= threadData.lastCode not in (kb.injection.data[kb.technique].falseCode, kb.injection.data[kb.technique].trueCode)
|
||||||
if unexpectedCode:
|
if unexpectedCode:
|
||||||
warnMsg = "unexpected HTTP code '%d' detected. Will use (extra) validation step in similar cases" % threadData.lastCode
|
warnMsg = "unexpected HTTP code '%s' detected. Will use (extra) validation step in similar cases" % threadData.lastCode
|
||||||
singleTimeWarnMessage(warnMsg)
|
singleTimeWarnMessage(warnMsg)
|
||||||
|
|
||||||
if result:
|
if result:
|
||||||
|
|
|
||||||
|
|
@ -38,26 +38,26 @@ e4ca0fd47f20cf7ba6a5f5cbf980073c lib/core/decorators.py
|
||||||
e4aec2b11c1ad6039d0c3dbbfbc5eb1a lib/core/exception.py
|
e4aec2b11c1ad6039d0c3dbbfbc5eb1a lib/core/exception.py
|
||||||
cc9c82cfffd8ee9b25ba3af6284f057e lib/core/__init__.py
|
cc9c82cfffd8ee9b25ba3af6284f057e lib/core/__init__.py
|
||||||
91c514013daa796e2cdd940389354eac lib/core/log.py
|
91c514013daa796e2cdd940389354eac lib/core/log.py
|
||||||
b9779615206791e6ebbaa84947842b49 lib/core/optiondict.py
|
5b079749c50240602ea92637e268ed31 lib/core/optiondict.py
|
||||||
74d826338a2cd66a4724d8486a648d93 lib/core/option.py
|
74d826338a2cd66a4724d8486a648d93 lib/core/option.py
|
||||||
1e8948dddbd12def5c2af52530738059 lib/core/profiling.py
|
1e8948dddbd12def5c2af52530738059 lib/core/profiling.py
|
||||||
e60456db5380840a586654344003d4e6 lib/core/readlineng.py
|
e60456db5380840a586654344003d4e6 lib/core/readlineng.py
|
||||||
5ef56abb8671c2ca6ceecb208258e360 lib/core/replication.py
|
5ef56abb8671c2ca6ceecb208258e360 lib/core/replication.py
|
||||||
99a2b496b9d5b546b335653ca801153f lib/core/revision.py
|
99a2b496b9d5b546b335653ca801153f lib/core/revision.py
|
||||||
7c15dd2777af4dac2c89cab6df17462e lib/core/session.py
|
7c15dd2777af4dac2c89cab6df17462e lib/core/session.py
|
||||||
beddfa335e49041ded23235064af09de lib/core/settings.py
|
f736ee4e7e504498859dce2171991550 lib/core/settings.py
|
||||||
7af83e4f18cab6dff5e67840eb65be80 lib/core/shell.py
|
7af83e4f18cab6dff5e67840eb65be80 lib/core/shell.py
|
||||||
23657cd7d924e3c6d225719865855827 lib/core/subprocessng.py
|
23657cd7d924e3c6d225719865855827 lib/core/subprocessng.py
|
||||||
0bc2fae1dec18cdd11954b22358293f2 lib/core/target.py
|
0bc2fae1dec18cdd11954b22358293f2 lib/core/target.py
|
||||||
d43f059747ffd48952922c94152e2a07 lib/core/testing.py
|
d43f059747ffd48952922c94152e2a07 lib/core/testing.py
|
||||||
7ec80da7d7fa8ceaf2ff606cfa578c15 lib/core/threads.py
|
2cafee22d9f8018e7efff0a5e3178596 lib/core/threads.py
|
||||||
53c15b78e0288274f52410db25406432 lib/core/unescaper.py
|
53c15b78e0288274f52410db25406432 lib/core/unescaper.py
|
||||||
6bdc53e2ca152ff8cd35ad671e48a96b lib/core/update.py
|
6bdc53e2ca152ff8cd35ad671e48a96b lib/core/update.py
|
||||||
8485a3cd94c0a5af2718bad60c5f1ae5 lib/core/wordlist.py
|
8485a3cd94c0a5af2718bad60c5f1ae5 lib/core/wordlist.py
|
||||||
354ecc0c6d3e0ac9c06ed897c4d52edf lib/core/xmldump.py
|
354ecc0c6d3e0ac9c06ed897c4d52edf lib/core/xmldump.py
|
||||||
cc9c82cfffd8ee9b25ba3af6284f057e lib/__init__.py
|
cc9c82cfffd8ee9b25ba3af6284f057e lib/__init__.py
|
||||||
c1288bc4ce5651dbdd82d4a9435fdc03 lib/parse/banner.py
|
c1288bc4ce5651dbdd82d4a9435fdc03 lib/parse/banner.py
|
||||||
daea32290b63c43f7d1c0e14c66d4826 lib/parse/cmdline.py
|
498be08b12a01bd79d82fc993bd07965 lib/parse/cmdline.py
|
||||||
8ec4d4f02634834701f8258726f2e511 lib/parse/configfile.py
|
8ec4d4f02634834701f8258726f2e511 lib/parse/configfile.py
|
||||||
fe4e2152292587928edb94c9a4d311ff lib/parse/handler.py
|
fe4e2152292587928edb94c9a4d311ff lib/parse/handler.py
|
||||||
8e6bfb13e5a34b2610f3ff23467a34cf lib/parse/headers.py
|
8e6bfb13e5a34b2610f3ff23467a34cf lib/parse/headers.py
|
||||||
|
|
@ -68,7 +68,7 @@ b40a4c5d91770d347df36d3065b63798 lib/parse/sitemap.py
|
||||||
9299f21804033f099681525bb9bf51c0 lib/request/basicauthhandler.py
|
9299f21804033f099681525bb9bf51c0 lib/request/basicauthhandler.py
|
||||||
ca9879ea9277810c5fce0f0d8d2f8e03 lib/request/basic.py
|
ca9879ea9277810c5fce0f0d8d2f8e03 lib/request/basic.py
|
||||||
c48285682a61d49982cb508351013cb4 lib/request/comparison.py
|
c48285682a61d49982cb508351013cb4 lib/request/comparison.py
|
||||||
29148e4412209526b18acbd8a942fe03 lib/request/connect.py
|
c8aeed55d933b4944da038fdee4cdbc6 lib/request/connect.py
|
||||||
49b4c583af68689de5f9acb162de2939 lib/request/direct.py
|
49b4c583af68689de5f9acb162de2939 lib/request/direct.py
|
||||||
1a46f7bb26b23ec0c0d9d9c95828241b lib/request/dns.py
|
1a46f7bb26b23ec0c0d9d9c95828241b lib/request/dns.py
|
||||||
70ceefe39980611494d4f99afb96f652 lib/request/httpshandler.py
|
70ceefe39980611494d4f99afb96f652 lib/request/httpshandler.py
|
||||||
|
|
@ -87,7 +87,7 @@ cc9c82cfffd8ee9b25ba3af6284f057e lib/takeover/__init__.py
|
||||||
7d6cd7bdfc8f4bc4e8aed60c84cdf87f lib/takeover/udf.py
|
7d6cd7bdfc8f4bc4e8aed60c84cdf87f lib/takeover/udf.py
|
||||||
f6e3084abd506925a8be3d1c0a6d058c lib/takeover/web.py
|
f6e3084abd506925a8be3d1c0a6d058c lib/takeover/web.py
|
||||||
9af83a62de360184f1c14e69b8a95cfe lib/takeover/xp_cmdshell.py
|
9af83a62de360184f1c14e69b8a95cfe lib/takeover/xp_cmdshell.py
|
||||||
9e4ae2df75cab68ea297f0db50b574c7 lib/techniques/blind/inference.py
|
0b44d8de954e74ac9bac13594b9d81e8 lib/techniques/blind/inference.py
|
||||||
cc9c82cfffd8ee9b25ba3af6284f057e lib/techniques/blind/__init__.py
|
cc9c82cfffd8ee9b25ba3af6284f057e lib/techniques/blind/__init__.py
|
||||||
cc9c82cfffd8ee9b25ba3af6284f057e lib/techniques/brute/__init__.py
|
cc9c82cfffd8ee9b25ba3af6284f057e lib/techniques/brute/__init__.py
|
||||||
d36effffe64e63ef9b3be490f850e2cc lib/techniques/brute/use.py
|
d36effffe64e63ef9b3be490f850e2cc lib/techniques/brute/use.py
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue
Block a user