mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2025-10-24 04:31:12 +03:00
some more refactoring
This commit is contained in:
parent
f6509db31a
commit
21d9ae0a2c
|
@ -6,6 +6,7 @@ See the file 'doc/COPYING' for copying permission
|
|||
"""
|
||||
|
||||
import codecs
|
||||
import contextlib
|
||||
import cookielib
|
||||
import copy
|
||||
import ctypes
|
||||
|
@ -102,14 +103,10 @@ from lib.core.settings import USER_AGENT_ALIASES
|
|||
from lib.core.settings import PARTIAL_VALUE_MARKER
|
||||
from lib.core.settings import ERROR_PARSING_REGEXES
|
||||
from lib.core.settings import PRINTABLE_CHAR_REGEX
|
||||
from lib.core.settings import DUMP_DEL_MARKER
|
||||
from lib.core.settings import SQL_STATEMENTS
|
||||
from lib.core.settings import SUPPORTED_DBMS
|
||||
from lib.core.settings import UNKNOWN_DBMS_VERSION
|
||||
from lib.core.settings import DEFAULT_MSSQL_SCHEMA
|
||||
from lib.core.settings import DUMP_NEWLINE_MARKER
|
||||
from lib.core.settings import DUMP_CR_MARKER
|
||||
from lib.core.settings import DUMP_TAB_MARKER
|
||||
from lib.core.settings import PARAMETER_AMP_MARKER
|
||||
from lib.core.settings import PARAMETER_SEMICOLON_MARKER
|
||||
from lib.core.settings import LARGE_OUTPUT_THRESHOLD
|
||||
|
@ -492,27 +489,17 @@ class Backend:
|
|||
|
||||
# Reference: http://code.activestate.com/recipes/325205-cache-decorator-in-python-24/
|
||||
def cachedmethod(f, cache={}):
|
||||
def g(*args, **kwargs):
|
||||
def _(*args, **kwargs):
|
||||
key = (f, tuple(args), frozenset(kwargs.items()))
|
||||
if key not in cache:
|
||||
cache[key] = f(*args, **kwargs)
|
||||
return cache[key]
|
||||
return g
|
||||
return _
|
||||
|
||||
def paramToDict(place, parameters=None):
|
||||
"""
|
||||
Split the parameters into names and values, check if these parameters
|
||||
are within the testable parameters and return in a dictionary.
|
||||
|
||||
@param place: where sqlmap has to work, can be GET, POST or Cookie.
|
||||
@type place: C{str}
|
||||
|
||||
@param parameters: parameters string in the format for instance
|
||||
'p1=v1&p2=v2' (GET and POST) or 'p1=v1;p2=v2' (Cookie).
|
||||
@type parameters: C{str}
|
||||
|
||||
@return: the parameters in a dictionary.
|
||||
@rtype: C{str}
|
||||
"""
|
||||
|
||||
testableParameters = OrderedDict()
|
||||
|
@ -706,6 +693,10 @@ def singleTimeLogMessage(message, level=logging.INFO, flag=None):
|
|||
logger.log(level, message)
|
||||
|
||||
def dataToStdout(data, forceOutput=False):
|
||||
"""
|
||||
Writes text to the stdout (console) stream
|
||||
"""
|
||||
|
||||
if not kb.get("threadException"):
|
||||
if forceOutput or not getCurrentThreadData().disableStdOut:
|
||||
try:
|
||||
|
@ -793,13 +784,10 @@ def readInput(message, default=None, checkBatch=True):
|
|||
else:
|
||||
logging._acquireLock()
|
||||
dataToStdout("\r%s" % message, True)
|
||||
data = raw_input()
|
||||
data = raw_input() or default
|
||||
#data = raw_input(message.encode(sys.stdout.encoding or UNICODE_ENCODING))
|
||||
logging._releaseLock()
|
||||
|
||||
if not data:
|
||||
data = default
|
||||
|
||||
return data
|
||||
|
||||
def randomRange(start=0, stop=1000):
|
||||
|
@ -845,19 +833,6 @@ def checkFile(filename):
|
|||
if not os.path.exists(filename):
|
||||
raise sqlmapFilePathException, "unable to read file '%s'" % filename
|
||||
|
||||
def replaceNewlineTabs(value, stdout=False):
|
||||
if value is None:
|
||||
return
|
||||
|
||||
if stdout:
|
||||
retVal = value.replace("\n", " ").replace("\r", " ").replace("\t", " ")
|
||||
else:
|
||||
retVal = value.replace("\n", DUMP_NEWLINE_MARKER).replace("\r", DUMP_CR_MARKER).replace("\t", DUMP_TAB_MARKER)
|
||||
|
||||
retVal = retVal.replace(kb.chars.delimiter, DUMP_DEL_MARKER)
|
||||
|
||||
return retVal
|
||||
|
||||
def restoreDumpMarkedChars(value, onlyNewlineTab=False):
|
||||
retVal = value
|
||||
|
||||
|
@ -1070,17 +1045,16 @@ def parseTargetUrl():
|
|||
if CUSTOM_INJECTION_MARK_CHAR in conf.url:
|
||||
conf.url = conf.url.replace('?', URI_QUESTION_MARKER)
|
||||
|
||||
__urlSplit = urlparse.urlsplit(conf.url)
|
||||
__hostnamePort = __urlSplit[1].split(":") if not re.search("\[.+\]", __urlSplit[1]) else filter(None, (re.search("\[.+\]", __urlSplit[1]).group(0), re.search("\](:(?P<port>\d+))?", __urlSplit[1]).group("port")))
|
||||
urlSplit = urlparse.urlsplit(conf.url)
|
||||
hostnamePort = urlSplit[1].split(":") if not re.search("\[.+\]", urlSplit[1]) else filter(None, (re.search("\[.+\]", urlSplit[1]).group(0), re.search("\](:(?P<port>\d+))?", urlSplit[1]).group("port")))
|
||||
|
||||
conf.scheme = __urlSplit[0].strip().lower() if not conf.forceSSL else "https"
|
||||
conf.path = __urlSplit[2].strip()
|
||||
conf.hostname = __hostnamePort[0].strip()
|
||||
conf.scheme = urlSplit[0].strip().lower() if not conf.forceSSL else "https"
|
||||
conf.path = urlSplit[2].strip()
|
||||
conf.hostname = hostnamePort[0].strip()
|
||||
|
||||
conf.ipv6 = conf.hostname != conf.hostname.strip("[]")
|
||||
conf.hostname = conf.hostname.strip("[]")
|
||||
|
||||
|
||||
try:
|
||||
_ = conf.hostname.encode("idna")
|
||||
except UnicodeError:
|
||||
|
@ -1090,9 +1064,9 @@ def parseTargetUrl():
|
|||
errMsg = "invalid target url"
|
||||
raise sqlmapSyntaxException, errMsg
|
||||
|
||||
if len(__hostnamePort) == 2:
|
||||
if len(hostnamePort) == 2:
|
||||
try:
|
||||
conf.port = int(__hostnamePort[1])
|
||||
conf.port = int(hostnamePort[1])
|
||||
except:
|
||||
errMsg = "invalid target url"
|
||||
raise sqlmapSyntaxException, errMsg
|
||||
|
@ -1101,8 +1075,8 @@ def parseTargetUrl():
|
|||
else:
|
||||
conf.port = 80
|
||||
|
||||
if __urlSplit[3]:
|
||||
conf.parameters[PLACE.GET] = urldecode(__urlSplit[3]) if __urlSplit[3] and urlencode(DEFAULT_GET_POST_DELIMITER, None) not in __urlSplit[3] else __urlSplit[3]
|
||||
if urlSplit[3]:
|
||||
conf.parameters[PLACE.GET] = urldecode(urlSplit[3]) if urlSplit[3] and urlencode(DEFAULT_GET_POST_DELIMITER, None) not in urlSplit[3] else urlSplit[3]
|
||||
|
||||
conf.url = "%s://%s:%d%s" % (conf.scheme, ("[%s]" % conf.hostname) if conf.ipv6 else conf.hostname, conf.port, conf.path)
|
||||
conf.url = conf.url.replace(URI_QUESTION_MARKER, '?')
|
||||
|
@ -1349,24 +1323,14 @@ def directoryPath(filepath):
|
|||
Returns directory path for a given filepath
|
||||
"""
|
||||
|
||||
if isWindowsDriveLetterPath(filepath):
|
||||
retVal = ntpath.dirname(filepath)
|
||||
else:
|
||||
retVal = posixpath.dirname(filepath)
|
||||
|
||||
return retVal
|
||||
return ntpath.dirname(filepath) if isWindowsDriveLetterPath(filepath) else posixpath.dirname(filepath)
|
||||
|
||||
def normalizePath(filepath):
|
||||
"""
|
||||
Returns normalized string representation of a given filepath
|
||||
"""
|
||||
|
||||
if isWindowsDriveLetterPath(filepath):
|
||||
retVal = ntpath.normpath(filepath)
|
||||
else:
|
||||
retVal = posixpath.normpath(filepath)
|
||||
|
||||
return retVal
|
||||
return ntpath.normpath(filepath) if isWindowsDriveLetterPath(filepath) else posixpath.normpath(filepath)
|
||||
|
||||
def safeStringFormat(format_, params):
|
||||
"""
|
||||
|
@ -1379,16 +1343,13 @@ def safeStringFormat(format_, params):
|
|||
retVal = retVal.replace("%s", params)
|
||||
else:
|
||||
count, index = 0, 0
|
||||
|
||||
while index != -1:
|
||||
index = retVal.find("%s")
|
||||
|
||||
if index != -1:
|
||||
if count < len(params):
|
||||
retVal = retVal[:index] + getUnicode(params[count]) + retVal[index + 2:]
|
||||
else:
|
||||
raise sqlmapNoneDataException, "wrong number of parameters during string formatting"
|
||||
|
||||
count += 1
|
||||
|
||||
return retVal
|
||||
|
@ -1404,10 +1365,8 @@ def getFilteredPageContent(page, onlyText=True):
|
|||
# only if the page's charset has been successfully identified
|
||||
if isinstance(page, unicode):
|
||||
retVal = re.sub(r"(?si)<script.+?</script>|<!--.+?-->|<style.+?</style>%s" % (r"|<[^>]+>|\t|\n|\r" if onlyText else ""), " ", page)
|
||||
|
||||
while retVal.find(" ") != -1:
|
||||
retVal = retVal.replace(" ", " ")
|
||||
|
||||
retVal = htmlunescape(retVal)
|
||||
|
||||
return retVal
|
||||
|
@ -1421,8 +1380,8 @@ def getPageWordSet(page):
|
|||
|
||||
# only if the page's charset has been successfully identified
|
||||
if isinstance(page, unicode):
|
||||
page = getFilteredPageContent(page)
|
||||
retVal = set(re.findall(r"\w+", page))
|
||||
_ = getFilteredPageContent(page)
|
||||
retVal = set(re.findall(r"\w+", _))
|
||||
|
||||
return retVal
|
||||
|
||||
|
@ -1557,8 +1516,8 @@ def getConsoleWidth(default=80):
|
|||
|
||||
width = None
|
||||
|
||||
if 'COLUMNS' in os.environ and os.environ['COLUMNS'].isdigit():
|
||||
width = int(os.environ['COLUMNS'])
|
||||
if os.getenv("COLUMNS", "").isdigit():
|
||||
width = int(os.getenv("COLUMNS"))
|
||||
else:
|
||||
output=execute('stty size', shell=True, stdout=PIPE, stderr=PIPE).stdout.read()
|
||||
items = output.split()
|
||||
|
@ -1576,7 +1535,7 @@ def getConsoleWidth(default=80):
|
|||
except:
|
||||
pass
|
||||
|
||||
return width if width else default
|
||||
return width or default
|
||||
|
||||
def clearConsoleLine(forceOutput=False):
|
||||
"""
|
||||
|
@ -1591,7 +1550,7 @@ def parseXmlFile(xmlFile, handler):
|
|||
Parses XML file by a given handler
|
||||
"""
|
||||
|
||||
with StringIO(readCachedFileContent(xmlFile)) as stream:
|
||||
with contextlib.closing(StringIO(readCachedFileContent(xmlFile))) as stream:
|
||||
parse(stream, handler)
|
||||
|
||||
def getSPQLSnippet(dbms, name, **variables):
|
||||
|
@ -1632,8 +1591,7 @@ def readCachedFileContent(filename, mode='rb'):
|
|||
if filename not in kb.cache.content:
|
||||
checkFile(filename)
|
||||
with codecs.open(filename, mode, UNICODE_ENCODING) as f:
|
||||
content = f.read()
|
||||
kb.cache.content[filename] = content
|
||||
kb.cache.content[filename] = f.read()
|
||||
|
||||
return kb.cache.content[filename]
|
||||
|
||||
|
@ -1675,12 +1633,7 @@ def average(values):
|
|||
Computes the arithmetic mean of a list of numbers.
|
||||
"""
|
||||
|
||||
retVal = None
|
||||
|
||||
if values:
|
||||
retVal = sum(values) / len(values)
|
||||
|
||||
return retVal
|
||||
return (sum(values) / len(values)) if values else None
|
||||
|
||||
def calculateDeltaSeconds(start):
|
||||
"""
|
||||
|
@ -1891,8 +1844,8 @@ def getUnicode(value, encoding=None, system=False, noneToNull=False):
|
|||
def longestCommonPrefix(*sequences):
|
||||
"""
|
||||
Returns longest common prefix occuring in given sequences
|
||||
Reference: http://boredzo.org/blog/archives/2007-01-06/longest-common-prefix-in-python-2
|
||||
"""
|
||||
# Reference: http://boredzo.org/blog/archives/2007-01-06/longest-common-prefix-in-python-2
|
||||
|
||||
if len(sequences) == 1:
|
||||
return sequences[0]
|
||||
|
@ -2356,6 +2309,10 @@ def isInferenceAvailable():
|
|||
return any(isTechniqueAvailable(_) for _ in (PAYLOAD.TECHNIQUE.BOOLEAN, PAYLOAD.TECHNIQUE.STACKED, PAYLOAD.TECHNIQUE.TIME))
|
||||
|
||||
def setOptimize():
|
||||
"""
|
||||
Sets options turned on by switch '-o'
|
||||
"""
|
||||
|
||||
#conf.predictOutput = True
|
||||
conf.keepAlive = True
|
||||
conf.threads = 3 if conf.threads < 3 else conf.threads
|
||||
|
@ -2719,7 +2676,7 @@ def safeSQLIdentificatorNaming(name, isTable=False):
|
|||
parts = name.split('.')
|
||||
|
||||
for i in xrange(len(parts)):
|
||||
if not re.match(r"\A[A-Za-z0-9_@\$]+\Z", parts[i]): # reference: http://stackoverflow.com/questions/954884/what-special-characters-are-allowed-in-t-sql-column-name
|
||||
if not re.match(r"\A[A-Za-z0-9_@\$]+\Z", parts[i]): # Reference: http://stackoverflow.com/questions/954884/what-special-characters-are-allowed-in-t-sql-column-name
|
||||
if Backend.getIdentifiedDbms() in (DBMS.MYSQL, DBMS.ACCESS):
|
||||
parts[i] = "`%s`" % parts[i].strip("`")
|
||||
elif Backend.getIdentifiedDbms() in (DBMS.ORACLE, DBMS.PGSQL, DBMS.DB2):
|
||||
|
@ -3082,10 +3039,7 @@ def unserializeObject(value):
|
|||
Unserializes object from given serialized form
|
||||
"""
|
||||
|
||||
retVal = None
|
||||
if value:
|
||||
retVal = base64unpickle(value)
|
||||
return retVal
|
||||
return base64unpickle(value) if value else None
|
||||
|
||||
def resetCounter(technique):
|
||||
"""
|
||||
|
@ -3176,10 +3130,7 @@ def extractExpectedValue(value, expected):
|
|||
value = None
|
||||
elif expected == EXPECTED.INT:
|
||||
if isinstance(value, basestring):
|
||||
if value.isdigit():
|
||||
value = int(value)
|
||||
else:
|
||||
value = None
|
||||
value = int(value) if value.isdigit() else None
|
||||
|
||||
return value
|
||||
|
||||
|
@ -3211,6 +3162,10 @@ def hashDBRetrieve(key, unserialize=False, checkConf=False):
|
|||
return _
|
||||
|
||||
def resetCookieJar(cookieJar):
|
||||
"""
|
||||
Cleans cookies from a given cookie jar
|
||||
"""
|
||||
|
||||
if not conf.loC:
|
||||
cookieJar.clear()
|
||||
else:
|
||||
|
@ -3223,5 +3178,9 @@ def resetCookieJar(cookieJar):
|
|||
raise sqlmapGenericException, errMsg
|
||||
|
||||
def prioritySortColumns(columns):
|
||||
"""
|
||||
Sorts given column names by length in ascending order while those containing
|
||||
string 'id' go first
|
||||
"""
|
||||
_ = lambda x: x and "id" in x.lower()
|
||||
return sorted(sorted(columns, key=len), lambda x, y: -1 if _(x) and not _(y) else 1 if not _(x) and _(y) else 0)
|
||||
|
|
|
@ -7,7 +7,9 @@ See the file 'doc/COPYING' for copying permission
|
|||
|
||||
import logging
|
||||
import os
|
||||
import re
|
||||
import subprocess
|
||||
import string
|
||||
import sys
|
||||
|
||||
from lib.core.enums import CUSTOM_LOGGING
|
||||
|
@ -44,12 +46,6 @@ LOGGER_HANDLER.setFormatter(FORMATTER)
|
|||
LOGGER.addHandler(LOGGER_HANDLER)
|
||||
LOGGER.setLevel(logging.WARN)
|
||||
|
||||
# dump markers
|
||||
DUMP_NEWLINE_MARKER = "__NEWLINE__"
|
||||
DUMP_CR_MARKER = "__CARRIAGE_RETURN__"
|
||||
DUMP_TAB_MARKER = "__TAB__"
|
||||
DUMP_DEL_MARKER = "__DEL__"
|
||||
|
||||
# markers for special cases when parameter values contain html encoded characters
|
||||
PARAMETER_AMP_MARKER = "__AMP__"
|
||||
PARAMETER_SEMICOLON_MARKER = "__SEMICOLON__"
|
||||
|
@ -475,6 +471,9 @@ MAX_TOTAL_REDIRECTIONS = 10
|
|||
# Reference: http://www.tcpipguide.com/free/t_DNSLabelsNamesandSyntaxRules.htm
|
||||
MAX_DNS_LABEL = 63
|
||||
|
||||
# Alphabet used for prefix and suffix strings of name resolution requests in DNS technique (excluding hexadecimal chars for not mixing with inner content)
|
||||
DNS_BOUNDARIES_ALPHABET = re.sub("[a-fA-F]", "", string.letters)
|
||||
|
||||
# Connection chunk size (processing large responses in chunks to avoid MemoryError crashes - e.g. large table dump in full UNION/inband injections)
|
||||
MAX_CONNECTION_CHUNK_SIZE = 10 * 1024 * 1024
|
||||
|
||||
|
|
|
@ -29,6 +29,7 @@ from lib.core.data import kb
|
|||
from lib.core.data import logger
|
||||
from lib.core.data import queries
|
||||
from lib.core.enums import DBMS
|
||||
from lib.core.settings import DNS_BOUNDARIES_ALPHABET
|
||||
from lib.core.settings import MAX_DNS_LABEL
|
||||
from lib.core.settings import PARTIAL_VALUE_MARKER
|
||||
from lib.core.unescaper import unescaper
|
||||
|
@ -58,7 +59,7 @@ def dnsUse(payload, expression):
|
|||
|
||||
while True:
|
||||
count += 1
|
||||
prefix, suffix = ("%s" % randomStr(length=3, alphabet=re.sub("[a-fA-F]", "", string.letters)) for _ in xrange(2))
|
||||
prefix, suffix = ("%s" % randomStr(length=3, alphabet=DNS_BOUNDARIES_ALPHABET) for _ in xrange(2))
|
||||
chunk_length = MAX_DNS_LABEL / 2 if Backend.getIdentifiedDbms() in (DBMS.ORACLE, DBMS.MYSQL, DBMS.PGSQL) else MAX_DNS_LABEL / 4 - 2
|
||||
_, _, _, _, _, _, fieldToCastStr, _ = agent.getFields(expression)
|
||||
nulledCastedField = agent.nullAndCastField(fieldToCastStr)
|
||||
|
|
Loading…
Reference in New Issue
Block a user