mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2024-11-25 11:03:47 +03:00
some minor range to xrange conversion (where safe to do)
This commit is contained in:
parent
eb240243ea
commit
25f0ec3597
|
@ -422,7 +422,7 @@ def comp(N, url):
|
||||||
def fetch(N, url, delay=0):
|
def fetch(N, url, delay=0):
|
||||||
lens = []
|
lens = []
|
||||||
starttime = time.time()
|
starttime = time.time()
|
||||||
for i in range(N):
|
for i in xrange(N):
|
||||||
if delay and i > 0: time.sleep(delay)
|
if delay and i > 0: time.sleep(delay)
|
||||||
fo = urllib2.urlopen(url)
|
fo = urllib2.urlopen(url)
|
||||||
foo = fo.read()
|
foo = fo.read()
|
||||||
|
|
|
@ -562,7 +562,7 @@ class Agent:
|
||||||
inbandQuery = self.prefixQuery("UNION ALL SELECT ", prefix=prefix)
|
inbandQuery = self.prefixQuery("UNION ALL SELECT ", prefix=prefix)
|
||||||
|
|
||||||
if limited:
|
if limited:
|
||||||
inbandQuery += ",".join(map(lambda x: char if x != position else '(SELECT %s)' % query, range(0, count)))
|
inbandQuery += ",".join(map(lambda x: char if x != position else '(SELECT %s)' % query, xrange(0, count)))
|
||||||
inbandQuery += FROM_TABLE.get(Backend.getIdentifiedDbms(), "")
|
inbandQuery += FROM_TABLE.get(Backend.getIdentifiedDbms(), "")
|
||||||
inbandQuery = self.suffixQuery(inbandQuery, comment, suffix)
|
inbandQuery = self.suffixQuery(inbandQuery, comment, suffix)
|
||||||
|
|
||||||
|
@ -583,7 +583,7 @@ class Agent:
|
||||||
if Backend.getIdentifiedDbms() in FROM_TABLE and inbandQuery.endswith(FROM_TABLE[Backend.getIdentifiedDbms()]):
|
if Backend.getIdentifiedDbms() in FROM_TABLE and inbandQuery.endswith(FROM_TABLE[Backend.getIdentifiedDbms()]):
|
||||||
inbandQuery = inbandQuery[:-len(FROM_TABLE[Backend.getIdentifiedDbms()])]
|
inbandQuery = inbandQuery[:-len(FROM_TABLE[Backend.getIdentifiedDbms()])]
|
||||||
|
|
||||||
for element in range(0, count):
|
for element in xrange(0, count):
|
||||||
if element > 0:
|
if element > 0:
|
||||||
inbandQuery += ", "
|
inbandQuery += ", "
|
||||||
|
|
||||||
|
@ -610,7 +610,7 @@ class Agent:
|
||||||
if multipleUnions:
|
if multipleUnions:
|
||||||
inbandQuery += " UNION ALL SELECT "
|
inbandQuery += " UNION ALL SELECT "
|
||||||
|
|
||||||
for element in range(count):
|
for element in xrange(count):
|
||||||
if element > 0:
|
if element > 0:
|
||||||
inbandQuery += ", "
|
inbandQuery += ", "
|
||||||
|
|
||||||
|
|
|
@ -2817,7 +2817,7 @@ def safeSQLIdentificatorNaming(name, isTable=False):
|
||||||
|
|
||||||
parts = name.split('.')
|
parts = name.split('.')
|
||||||
|
|
||||||
for i in range(len(parts)):
|
for i in xrange(len(parts)):
|
||||||
if not re.match(r"\A[A-Za-z0-9_]+\Z", parts[i]):
|
if not re.match(r"\A[A-Za-z0-9_]+\Z", parts[i]):
|
||||||
if Backend.getIdentifiedDbms() in (DBMS.MYSQL, DBMS.ACCESS):
|
if Backend.getIdentifiedDbms() in (DBMS.MYSQL, DBMS.ACCESS):
|
||||||
parts[i] = "`%s`" % parts[i].strip("`")
|
parts[i] = "`%s`" % parts[i].strip("`")
|
||||||
|
|
|
@ -414,7 +414,7 @@ class Dump:
|
||||||
warnMsg += "due to the large table size"
|
warnMsg += "due to the large table size"
|
||||||
logger.warning(warnMsg)
|
logger.warning(warnMsg)
|
||||||
|
|
||||||
for i in range(count):
|
for i in xrange(count):
|
||||||
console = (i >= count - TRIM_STDOUT_DUMP_SIZE)
|
console = (i >= count - TRIM_STDOUT_DUMP_SIZE)
|
||||||
field = 1
|
field = 1
|
||||||
values = []
|
values = []
|
||||||
|
|
|
@ -111,10 +111,10 @@ def __setRequestParams():
|
||||||
conf.paramDict[PLACE.URI] = {}
|
conf.paramDict[PLACE.URI] = {}
|
||||||
parts = conf.url.split(URI_INJECTION_MARK_CHAR)
|
parts = conf.url.split(URI_INJECTION_MARK_CHAR)
|
||||||
|
|
||||||
for i in range(len(parts)-1):
|
for i in xrange(len(parts)-1):
|
||||||
result = str()
|
result = str()
|
||||||
|
|
||||||
for j in range(len(parts)):
|
for j in xrange(len(parts)):
|
||||||
result += parts[j]
|
result += parts[j]
|
||||||
|
|
||||||
if i == j:
|
if i == j:
|
||||||
|
|
|
@ -110,7 +110,7 @@ def runThreads(numThreads, threadFunction, cleanupFunction=None, forwardExceptio
|
||||||
return
|
return
|
||||||
|
|
||||||
# Start the threads
|
# Start the threads
|
||||||
for numThread in range(numThreads):
|
for numThread in xrange(numThreads):
|
||||||
thread = threading.Thread(target=exceptionHandledFunction, name=str(numThread), args=[threadFunction])
|
thread = threading.Thread(target=exceptionHandledFunction, name=str(numThread), args=[threadFunction])
|
||||||
|
|
||||||
# Reference: http://stackoverflow.com/questions/190010/daemon-threads-explanation
|
# Reference: http://stackoverflow.com/questions/190010/daemon-threads-explanation
|
||||||
|
|
|
@ -107,7 +107,7 @@ def __findUnionCharCount(comment, place, parameter, value, prefix, suffix, where
|
||||||
min_, max_ = MAX_RATIO, MIN_RATIO
|
min_, max_ = MAX_RATIO, MIN_RATIO
|
||||||
pages = {}
|
pages = {}
|
||||||
|
|
||||||
for count in range(lowerCount, upperCount+1):
|
for count in xrange(lowerCount, upperCount+1):
|
||||||
query = agent.forgeInbandQuery('', -1, count, comment, prefix, suffix, kb.uChar)
|
query = agent.forgeInbandQuery('', -1, count, comment, prefix, suffix, kb.uChar)
|
||||||
payload = agent.payload(place=place, parameter=parameter, newValue=query, where=where)
|
payload = agent.payload(place=place, parameter=parameter, newValue=query, where=where)
|
||||||
page, headers = Request.queryPage(payload, place=place, content=True, raise404=False)
|
page, headers = Request.queryPage(payload, place=place, content=True, raise404=False)
|
||||||
|
|
|
@ -303,7 +303,7 @@ def attackDumpedTable():
|
||||||
results = dictionaryAttack(attack_dict)
|
results = dictionaryAttack(attack_dict)
|
||||||
|
|
||||||
for (user, hash_, password) in results:
|
for (user, hash_, password) in results:
|
||||||
for i in range(count):
|
for i in xrange(count):
|
||||||
for column in columns:
|
for column in columns:
|
||||||
if column == colUser or column == '__infos__':
|
if column == colUser or column == '__infos__':
|
||||||
continue
|
continue
|
||||||
|
|
|
@ -33,7 +33,7 @@ class Syntax(GenericSyntax):
|
||||||
old = "'%s'" % expression[firstIndex:lastIndex]
|
old = "'%s'" % expression[firstIndex:lastIndex]
|
||||||
unescaped = ""
|
unescaped = ""
|
||||||
|
|
||||||
for i in range(firstIndex, lastIndex):
|
for i in xrange(firstIndex, lastIndex):
|
||||||
unescaped += "CHR(%d)" % (ord(expression[i]))
|
unescaped += "CHR(%d)" % (ord(expression[i]))
|
||||||
if i < lastIndex - 1:
|
if i < lastIndex - 1:
|
||||||
unescaped += "&"
|
unescaped += "&"
|
||||||
|
|
|
@ -34,7 +34,7 @@ class Syntax(GenericSyntax):
|
||||||
old = "'%s'" % expression[firstIndex:lastIndex]
|
old = "'%s'" % expression[firstIndex:lastIndex]
|
||||||
unescaped = ""
|
unescaped = ""
|
||||||
|
|
||||||
for i in range(firstIndex, lastIndex):
|
for i in xrange(firstIndex, lastIndex):
|
||||||
unescaped += "CHR(%d)" % (ord(expression[i]))
|
unescaped += "CHR(%d)" % (ord(expression[i]))
|
||||||
if i < lastIndex - 1:
|
if i < lastIndex - 1:
|
||||||
unescaped += "||"
|
unescaped += "||"
|
||||||
|
|
|
@ -35,7 +35,7 @@ class Syntax(GenericSyntax):
|
||||||
old = "'%s'" % expression[firstIndex:lastIndex]
|
old = "'%s'" % expression[firstIndex:lastIndex]
|
||||||
unescaped = ""
|
unescaped = ""
|
||||||
|
|
||||||
for i in range(firstIndex, lastIndex):
|
for i in xrange(firstIndex, lastIndex):
|
||||||
unescaped += "ASCII_CHAR(%d)" % (ord(expression[i]))
|
unescaped += "ASCII_CHAR(%d)" % (ord(expression[i]))
|
||||||
if i < lastIndex - 1:
|
if i < lastIndex - 1:
|
||||||
unescaped += "||"
|
unescaped += "||"
|
||||||
|
|
|
@ -122,7 +122,7 @@ class Enumeration(GenericEnumeration):
|
||||||
|
|
||||||
tables = []
|
tables = []
|
||||||
|
|
||||||
for index in range(int(count)):
|
for index in xrange(int(count)):
|
||||||
query = rootQuery.blind.query % (db, index, db)
|
query = rootQuery.blind.query % (db, index, db)
|
||||||
table = inject.getValue(query, inband=False, error=False)
|
table = inject.getValue(query, inband=False, error=False)
|
||||||
kb.hintValue = table
|
kb.hintValue = table
|
||||||
|
|
|
@ -161,7 +161,7 @@ class Filesystem(GenericFilesystem):
|
||||||
|
|
||||||
counter = 1
|
counter = 1
|
||||||
|
|
||||||
for i in range(0, wFileSize, debugSize):
|
for i in xrange(0, wFileSize, debugSize):
|
||||||
wFileChunk = wFileContent[i:i + debugSize]
|
wFileChunk = wFileContent[i:i + debugSize]
|
||||||
chunkName = self.updateBinChunk(wFileChunk, tmpPath)
|
chunkName = self.updateBinChunk(wFileChunk, tmpPath)
|
||||||
|
|
||||||
|
|
|
@ -34,7 +34,7 @@ class Syntax(GenericSyntax):
|
||||||
#unescaped = "("
|
#unescaped = "("
|
||||||
unescaped = ""
|
unescaped = ""
|
||||||
|
|
||||||
for i in range(firstIndex, lastIndex):
|
for i in xrange(firstIndex, lastIndex):
|
||||||
unescaped += "CHAR(%d)" % (ord(expression[i]))
|
unescaped += "CHAR(%d)" % (ord(expression[i]))
|
||||||
if i < lastIndex - 1:
|
if i < lastIndex - 1:
|
||||||
unescaped += "+"
|
unescaped += "+"
|
||||||
|
|
|
@ -70,7 +70,7 @@ class Takeover(GenericTakeover):
|
||||||
shellcodeChar = ""
|
shellcodeChar = ""
|
||||||
hexStr = binascii.hexlify(self.shellcodeString[:-1])
|
hexStr = binascii.hexlify(self.shellcodeString[:-1])
|
||||||
|
|
||||||
for hexPair in range(0, len(hexStr), 2):
|
for hexPair in xrange(0, len(hexStr), 2):
|
||||||
shellcodeChar += "CHAR(0x%s)+" % hexStr[hexPair:hexPair+2]
|
shellcodeChar += "CHAR(0x%s)+" % hexStr[hexPair:hexPair+2]
|
||||||
|
|
||||||
shellcodeChar = shellcodeChar[:-1]
|
shellcodeChar = shellcodeChar[:-1]
|
||||||
|
|
|
@ -65,7 +65,7 @@ class Filesystem(GenericFilesystem):
|
||||||
if length > sustrLen:
|
if length > sustrLen:
|
||||||
result = []
|
result = []
|
||||||
|
|
||||||
for i in range(1, length, sustrLen):
|
for i in xrange(1, length, sustrLen):
|
||||||
chunk = inject.getValue("SELECT MID(%s, %d, %d) FROM %s" % (self.tblField, i, sustrLen, self.fileTblName), unpack=False, sort=False, resumeValue=False, charsetType=3)
|
chunk = inject.getValue("SELECT MID(%s, %d, %d) FROM %s" % (self.tblField, i, sustrLen, self.fileTblName), unpack=False, sort=False, resumeValue=False, charsetType=3)
|
||||||
|
|
||||||
result.append(chunk)
|
result.append(chunk)
|
||||||
|
|
|
@ -74,7 +74,7 @@ class Fingerprint(GenericFingerprint):
|
||||||
if index >= 0:
|
if index >= 0:
|
||||||
prevVer = None
|
prevVer = None
|
||||||
|
|
||||||
for version in range(versions[index][0], versions[index][1] + 1):
|
for version in xrange(versions[index][0], versions[index][1] + 1):
|
||||||
randInt = randomInt()
|
randInt = randomInt()
|
||||||
version = getUnicode(version)
|
version = getUnicode(version)
|
||||||
result = inject.checkBooleanExpression("%d=%d/*!%s AND %d=%d*/" % (randInt, randInt, version, randInt, randInt + 1))
|
result = inject.checkBooleanExpression("%d=%d/*!%s AND %d=%d*/" % (randInt, randInt, version, randInt, randInt + 1))
|
||||||
|
|
|
@ -33,7 +33,7 @@ class Syntax(GenericSyntax):
|
||||||
old = "'%s'" % expression[firstIndex:lastIndex]
|
old = "'%s'" % expression[firstIndex:lastIndex]
|
||||||
unescaped = ""
|
unescaped = ""
|
||||||
|
|
||||||
for i in range(firstIndex, lastIndex):
|
for i in xrange(firstIndex, lastIndex):
|
||||||
unescaped += "%d" % (ord(expression[i]))
|
unescaped += "%d" % (ord(expression[i]))
|
||||||
if i < lastIndex - 1:
|
if i < lastIndex - 1:
|
||||||
unescaped += ","
|
unescaped += ","
|
||||||
|
|
|
@ -33,7 +33,7 @@ class Syntax(GenericSyntax):
|
||||||
#unescaped = "("
|
#unescaped = "("
|
||||||
unescaped = ""
|
unescaped = ""
|
||||||
|
|
||||||
for i in range(firstIndex, lastIndex):
|
for i in xrange(firstIndex, lastIndex):
|
||||||
unescaped += "CHR(%d)" % (ord(expression[i]))
|
unescaped += "CHR(%d)" % (ord(expression[i]))
|
||||||
if i < lastIndex - 1:
|
if i < lastIndex - 1:
|
||||||
unescaped += "||"
|
unescaped += "||"
|
||||||
|
|
|
@ -34,7 +34,7 @@ class Syntax(GenericSyntax):
|
||||||
#unescaped = "("
|
#unescaped = "("
|
||||||
unescaped = ""
|
unescaped = ""
|
||||||
|
|
||||||
for i in range(firstIndex, lastIndex):
|
for i in xrange(firstIndex, lastIndex):
|
||||||
unescaped += "CHR(%d)" % (ord(expression[i]))
|
unescaped += "CHR(%d)" % (ord(expression[i]))
|
||||||
if i < lastIndex - 1:
|
if i < lastIndex - 1:
|
||||||
unescaped += "||"
|
unescaped += "||"
|
||||||
|
|
|
@ -36,7 +36,7 @@ class Syntax(GenericSyntax):
|
||||||
old = "''%s''" % expression[firstIndex:lastIndex]
|
old = "''%s''" % expression[firstIndex:lastIndex]
|
||||||
unescaped = ""
|
unescaped = ""
|
||||||
|
|
||||||
for i in range(firstIndex, lastIndex):
|
for i in xrange(firstIndex, lastIndex):
|
||||||
unescaped += "X'%x'" % ord(expression[i])
|
unescaped += "X'%x'" % ord(expression[i])
|
||||||
if i < lastIndex - 1:
|
if i < lastIndex - 1:
|
||||||
unescaped += "||"
|
unescaped += "||"
|
||||||
|
|
|
@ -104,7 +104,7 @@ class Fingerprint(GenericFingerprint):
|
||||||
infoMsg = "actively fingerprinting %s" % DBMS.SYBASE
|
infoMsg = "actively fingerprinting %s" % DBMS.SYBASE
|
||||||
logger.info(infoMsg)
|
logger.info(infoMsg)
|
||||||
|
|
||||||
for version in range(12, 16):
|
for version in xrange(12, 16):
|
||||||
result = inject.checkBooleanExpression("@@VERSION_NUMBER/1000=%d" % version)
|
result = inject.checkBooleanExpression("@@VERSION_NUMBER/1000=%d" % version)
|
||||||
|
|
||||||
if result:
|
if result:
|
||||||
|
|
|
@ -34,7 +34,7 @@ class Syntax(GenericSyntax):
|
||||||
#unescaped = "("
|
#unescaped = "("
|
||||||
unescaped = ""
|
unescaped = ""
|
||||||
|
|
||||||
for i in range(firstIndex, lastIndex):
|
for i in xrange(firstIndex, lastIndex):
|
||||||
unescaped += "CHAR(%d)" % (ord(expression[i]))
|
unescaped += "CHAR(%d)" % (ord(expression[i]))
|
||||||
if i < lastIndex - 1:
|
if i < lastIndex - 1:
|
||||||
unescaped += "+"
|
unescaped += "+"
|
||||||
|
|
|
@ -75,7 +75,7 @@ class Filesystem:
|
||||||
fileLines.append("%x" % fileSize)
|
fileLines.append("%x" % fileSize)
|
||||||
fileLines.append("f 0100 %x 00" % fileSize)
|
fileLines.append("f 0100 %x 00" % fileSize)
|
||||||
|
|
||||||
for fileLine in range(0, len(binaryData), lineLen):
|
for fileLine in xrange(0, len(binaryData), lineLen):
|
||||||
scrString = ""
|
scrString = ""
|
||||||
|
|
||||||
for lineChar in binaryData[fileLine:fileLine+lineLen]:
|
for lineChar in binaryData[fileLine:fileLine+lineLen]:
|
||||||
|
@ -168,7 +168,7 @@ class Filesystem:
|
||||||
fcLength = len(fcEncodedStr)
|
fcLength = len(fcEncodedStr)
|
||||||
|
|
||||||
if fcLength > 256:
|
if fcLength > 256:
|
||||||
for i in range(0, fcLength, 256):
|
for i in xrange(0, fcLength, 256):
|
||||||
string = ""
|
string = ""
|
||||||
|
|
||||||
if encoding == "hex":
|
if encoding == "hex":
|
||||||
|
|
Loading…
Reference in New Issue
Block a user