diff --git a/extra/keepalive/keepalive.py b/extra/keepalive/keepalive.py index 66141389a..d9deb4969 100644 --- a/extra/keepalive/keepalive.py +++ b/extra/keepalive/keepalive.py @@ -422,7 +422,7 @@ def comp(N, url): def fetch(N, url, delay=0): lens = [] starttime = time.time() - for i in range(N): + for i in xrange(N): if delay and i > 0: time.sleep(delay) fo = urllib2.urlopen(url) foo = fo.read() diff --git a/lib/core/agent.py b/lib/core/agent.py index fbed0d024..a832494cc 100644 --- a/lib/core/agent.py +++ b/lib/core/agent.py @@ -562,7 +562,7 @@ class Agent: inbandQuery = self.prefixQuery("UNION ALL SELECT ", prefix=prefix) if limited: - inbandQuery += ",".join(map(lambda x: char if x != position else '(SELECT %s)' % query, range(0, count))) + inbandQuery += ",".join(map(lambda x: char if x != position else '(SELECT %s)' % query, xrange(0, count))) inbandQuery += FROM_TABLE.get(Backend.getIdentifiedDbms(), "") inbandQuery = self.suffixQuery(inbandQuery, comment, suffix) @@ -583,7 +583,7 @@ class Agent: if Backend.getIdentifiedDbms() in FROM_TABLE and inbandQuery.endswith(FROM_TABLE[Backend.getIdentifiedDbms()]): inbandQuery = inbandQuery[:-len(FROM_TABLE[Backend.getIdentifiedDbms()])] - for element in range(0, count): + for element in xrange(0, count): if element > 0: inbandQuery += ", " @@ -610,7 +610,7 @@ class Agent: if multipleUnions: inbandQuery += " UNION ALL SELECT " - for element in range(count): + for element in xrange(count): if element > 0: inbandQuery += ", " diff --git a/lib/core/common.py b/lib/core/common.py index 3ea71ebde..c7f8afb85 100644 --- a/lib/core/common.py +++ b/lib/core/common.py @@ -2817,7 +2817,7 @@ def safeSQLIdentificatorNaming(name, isTable=False): parts = name.split('.') - for i in range(len(parts)): + for i in xrange(len(parts)): if not re.match(r"\A[A-Za-z0-9_]+\Z", parts[i]): if Backend.getIdentifiedDbms() in (DBMS.MYSQL, DBMS.ACCESS): parts[i] = "`%s`" % parts[i].strip("`") diff --git a/lib/core/dump.py b/lib/core/dump.py index 9763064b8..124f2b77c 100644 --- a/lib/core/dump.py +++ b/lib/core/dump.py @@ -414,7 +414,7 @@ class Dump: warnMsg += "due to the large table size" logger.warning(warnMsg) - for i in range(count): + for i in xrange(count): console = (i >= count - TRIM_STDOUT_DUMP_SIZE) field = 1 values = [] diff --git a/lib/core/target.py b/lib/core/target.py index 9814cea74..391b1539d 100644 --- a/lib/core/target.py +++ b/lib/core/target.py @@ -111,10 +111,10 @@ def __setRequestParams(): conf.paramDict[PLACE.URI] = {} parts = conf.url.split(URI_INJECTION_MARK_CHAR) - for i in range(len(parts)-1): + for i in xrange(len(parts)-1): result = str() - for j in range(len(parts)): + for j in xrange(len(parts)): result += parts[j] if i == j: diff --git a/lib/core/threads.py b/lib/core/threads.py index c86f5916c..e55acf983 100644 --- a/lib/core/threads.py +++ b/lib/core/threads.py @@ -110,7 +110,7 @@ def runThreads(numThreads, threadFunction, cleanupFunction=None, forwardExceptio return # Start the threads - for numThread in range(numThreads): + for numThread in xrange(numThreads): thread = threading.Thread(target=exceptionHandledFunction, name=str(numThread), args=[threadFunction]) # Reference: http://stackoverflow.com/questions/190010/daemon-threads-explanation diff --git a/lib/techniques/union/test.py b/lib/techniques/union/test.py index c7e2078cd..66051bd9d 100644 --- a/lib/techniques/union/test.py +++ b/lib/techniques/union/test.py @@ -107,7 +107,7 @@ def __findUnionCharCount(comment, place, parameter, value, prefix, suffix, where min_, max_ = MAX_RATIO, MIN_RATIO pages = {} - for count in range(lowerCount, upperCount+1): + for count in xrange(lowerCount, upperCount+1): query = agent.forgeInbandQuery('', -1, count, comment, prefix, suffix, kb.uChar) payload = agent.payload(place=place, parameter=parameter, newValue=query, where=where) page, headers = Request.queryPage(payload, place=place, content=True, raise404=False) diff --git a/lib/utils/hash.py b/lib/utils/hash.py index 4151b7ad8..cfea8b42d 100644 --- a/lib/utils/hash.py +++ b/lib/utils/hash.py @@ -303,7 +303,7 @@ def attackDumpedTable(): results = dictionaryAttack(attack_dict) for (user, hash_, password) in results: - for i in range(count): + for i in xrange(count): for column in columns: if column == colUser or column == '__infos__': continue diff --git a/plugins/dbms/access/syntax.py b/plugins/dbms/access/syntax.py index e33564e87..193755640 100644 --- a/plugins/dbms/access/syntax.py +++ b/plugins/dbms/access/syntax.py @@ -33,7 +33,7 @@ class Syntax(GenericSyntax): old = "'%s'" % expression[firstIndex:lastIndex] unescaped = "" - for i in range(firstIndex, lastIndex): + for i in xrange(firstIndex, lastIndex): unescaped += "CHR(%d)" % (ord(expression[i])) if i < lastIndex - 1: unescaped += "&" diff --git a/plugins/dbms/db2/syntax.py b/plugins/dbms/db2/syntax.py index fbc65c2a8..6dccf6a23 100644 --- a/plugins/dbms/db2/syntax.py +++ b/plugins/dbms/db2/syntax.py @@ -1,7 +1,7 @@ #!/usr/bin/env python """ -$Id$ +$Id$ Copyright (c) 2006-2011 sqlmap developers (http://www.sqlmap.org/) See the file 'doc/COPYING' for copying permission @@ -34,7 +34,7 @@ class Syntax(GenericSyntax): old = "'%s'" % expression[firstIndex:lastIndex] unescaped = "" - for i in range(firstIndex, lastIndex): + for i in xrange(firstIndex, lastIndex): unescaped += "CHR(%d)" % (ord(expression[i])) if i < lastIndex - 1: unescaped += "||" diff --git a/plugins/dbms/firebird/syntax.py b/plugins/dbms/firebird/syntax.py index cbcbddc2e..e3d5b1324 100644 --- a/plugins/dbms/firebird/syntax.py +++ b/plugins/dbms/firebird/syntax.py @@ -35,7 +35,7 @@ class Syntax(GenericSyntax): old = "'%s'" % expression[firstIndex:lastIndex] unescaped = "" - for i in range(firstIndex, lastIndex): + for i in xrange(firstIndex, lastIndex): unescaped += "ASCII_CHAR(%d)" % (ord(expression[i])) if i < lastIndex - 1: unescaped += "||" diff --git a/plugins/dbms/mssqlserver/enumeration.py b/plugins/dbms/mssqlserver/enumeration.py index 016f18198..830efdbaf 100644 --- a/plugins/dbms/mssqlserver/enumeration.py +++ b/plugins/dbms/mssqlserver/enumeration.py @@ -122,7 +122,7 @@ class Enumeration(GenericEnumeration): tables = [] - for index in range(int(count)): + for index in xrange(int(count)): query = rootQuery.blind.query % (db, index, db) table = inject.getValue(query, inband=False, error=False) kb.hintValue = table diff --git a/plugins/dbms/mssqlserver/filesystem.py b/plugins/dbms/mssqlserver/filesystem.py index 2b798d216..8d8bd3f54 100644 --- a/plugins/dbms/mssqlserver/filesystem.py +++ b/plugins/dbms/mssqlserver/filesystem.py @@ -161,7 +161,7 @@ class Filesystem(GenericFilesystem): counter = 1 - for i in range(0, wFileSize, debugSize): + for i in xrange(0, wFileSize, debugSize): wFileChunk = wFileContent[i:i + debugSize] chunkName = self.updateBinChunk(wFileChunk, tmpPath) diff --git a/plugins/dbms/mssqlserver/syntax.py b/plugins/dbms/mssqlserver/syntax.py index 02c305c4a..0998e6170 100644 --- a/plugins/dbms/mssqlserver/syntax.py +++ b/plugins/dbms/mssqlserver/syntax.py @@ -34,7 +34,7 @@ class Syntax(GenericSyntax): #unescaped = "(" unescaped = "" - for i in range(firstIndex, lastIndex): + for i in xrange(firstIndex, lastIndex): unescaped += "CHAR(%d)" % (ord(expression[i])) if i < lastIndex - 1: unescaped += "+" diff --git a/plugins/dbms/mssqlserver/takeover.py b/plugins/dbms/mssqlserver/takeover.py index a3139a04a..f8b7dbff2 100644 --- a/plugins/dbms/mssqlserver/takeover.py +++ b/plugins/dbms/mssqlserver/takeover.py @@ -70,7 +70,7 @@ class Takeover(GenericTakeover): shellcodeChar = "" hexStr = binascii.hexlify(self.shellcodeString[:-1]) - for hexPair in range(0, len(hexStr), 2): + for hexPair in xrange(0, len(hexStr), 2): shellcodeChar += "CHAR(0x%s)+" % hexStr[hexPair:hexPair+2] shellcodeChar = shellcodeChar[:-1] diff --git a/plugins/dbms/mysql/filesystem.py b/plugins/dbms/mysql/filesystem.py index 8a4dfd103..930c10f68 100644 --- a/plugins/dbms/mysql/filesystem.py +++ b/plugins/dbms/mysql/filesystem.py @@ -65,7 +65,7 @@ class Filesystem(GenericFilesystem): if length > sustrLen: result = [] - for i in range(1, length, sustrLen): + for i in xrange(1, length, sustrLen): chunk = inject.getValue("SELECT MID(%s, %d, %d) FROM %s" % (self.tblField, i, sustrLen, self.fileTblName), unpack=False, sort=False, resumeValue=False, charsetType=3) result.append(chunk) diff --git a/plugins/dbms/mysql/fingerprint.py b/plugins/dbms/mysql/fingerprint.py index cc2b59c3f..6d247ab9f 100644 --- a/plugins/dbms/mysql/fingerprint.py +++ b/plugins/dbms/mysql/fingerprint.py @@ -74,7 +74,7 @@ class Fingerprint(GenericFingerprint): if index >= 0: prevVer = None - for version in range(versions[index][0], versions[index][1] + 1): + for version in xrange(versions[index][0], versions[index][1] + 1): randInt = randomInt() version = getUnicode(version) result = inject.checkBooleanExpression("%d=%d/*!%s AND %d=%d*/" % (randInt, randInt, version, randInt, randInt + 1)) diff --git a/plugins/dbms/mysql/syntax.py b/plugins/dbms/mysql/syntax.py index 98ebc750f..352d0e268 100644 --- a/plugins/dbms/mysql/syntax.py +++ b/plugins/dbms/mysql/syntax.py @@ -33,7 +33,7 @@ class Syntax(GenericSyntax): old = "'%s'" % expression[firstIndex:lastIndex] unescaped = "" - for i in range(firstIndex, lastIndex): + for i in xrange(firstIndex, lastIndex): unescaped += "%d" % (ord(expression[i])) if i < lastIndex - 1: unescaped += "," diff --git a/plugins/dbms/oracle/syntax.py b/plugins/dbms/oracle/syntax.py index f1745bfa1..b7c831b1b 100644 --- a/plugins/dbms/oracle/syntax.py +++ b/plugins/dbms/oracle/syntax.py @@ -33,7 +33,7 @@ class Syntax(GenericSyntax): #unescaped = "(" unescaped = "" - for i in range(firstIndex, lastIndex): + for i in xrange(firstIndex, lastIndex): unescaped += "CHR(%d)" % (ord(expression[i])) if i < lastIndex - 1: unescaped += "||" diff --git a/plugins/dbms/postgresql/syntax.py b/plugins/dbms/postgresql/syntax.py index 852a43643..12af7ed40 100644 --- a/plugins/dbms/postgresql/syntax.py +++ b/plugins/dbms/postgresql/syntax.py @@ -34,7 +34,7 @@ class Syntax(GenericSyntax): #unescaped = "(" unescaped = "" - for i in range(firstIndex, lastIndex): + for i in xrange(firstIndex, lastIndex): unescaped += "CHR(%d)" % (ord(expression[i])) if i < lastIndex - 1: unescaped += "||" diff --git a/plugins/dbms/sqlite/syntax.py b/plugins/dbms/sqlite/syntax.py index 4babe035b..bd5638053 100644 --- a/plugins/dbms/sqlite/syntax.py +++ b/plugins/dbms/sqlite/syntax.py @@ -36,7 +36,7 @@ class Syntax(GenericSyntax): old = "''%s''" % expression[firstIndex:lastIndex] unescaped = "" - for i in range(firstIndex, lastIndex): + for i in xrange(firstIndex, lastIndex): unescaped += "X'%x'" % ord(expression[i]) if i < lastIndex - 1: unescaped += "||" diff --git a/plugins/dbms/sybase/fingerprint.py b/plugins/dbms/sybase/fingerprint.py index e95a69cf7..99e250cfe 100644 --- a/plugins/dbms/sybase/fingerprint.py +++ b/plugins/dbms/sybase/fingerprint.py @@ -104,7 +104,7 @@ class Fingerprint(GenericFingerprint): infoMsg = "actively fingerprinting %s" % DBMS.SYBASE logger.info(infoMsg) - for version in range(12, 16): + for version in xrange(12, 16): result = inject.checkBooleanExpression("@@VERSION_NUMBER/1000=%d" % version) if result: diff --git a/plugins/dbms/sybase/syntax.py b/plugins/dbms/sybase/syntax.py index 9046d42e0..5cefefc3a 100644 --- a/plugins/dbms/sybase/syntax.py +++ b/plugins/dbms/sybase/syntax.py @@ -34,7 +34,7 @@ class Syntax(GenericSyntax): #unescaped = "(" unescaped = "" - for i in range(firstIndex, lastIndex): + for i in xrange(firstIndex, lastIndex): unescaped += "CHAR(%d)" % (ord(expression[i])) if i < lastIndex - 1: unescaped += "+" diff --git a/plugins/generic/filesystem.py b/plugins/generic/filesystem.py index bb07632fb..859bc8b73 100644 --- a/plugins/generic/filesystem.py +++ b/plugins/generic/filesystem.py @@ -75,7 +75,7 @@ class Filesystem: fileLines.append("%x" % fileSize) fileLines.append("f 0100 %x 00" % fileSize) - for fileLine in range(0, len(binaryData), lineLen): + for fileLine in xrange(0, len(binaryData), lineLen): scrString = "" for lineChar in binaryData[fileLine:fileLine+lineLen]: @@ -168,7 +168,7 @@ class Filesystem: fcLength = len(fcEncodedStr) if fcLength > 256: - for i in range(0, fcLength, 256): + for i in xrange(0, fcLength, 256): string = "" if encoding == "hex":