mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2024-11-22 01:26:42 +03:00
Minor renaming
This commit is contained in:
parent
02c8f47892
commit
28c5a709bd
File diff suppressed because it is too large
Load Diff
|
@ -220,10 +220,10 @@ def checkSqlInjection(place, parameter, value):
|
|||
|
||||
# Skip test if the user's wants to test only for a specific
|
||||
# technique
|
||||
if conf.tech and isinstance(conf.tech, list) and stype not in conf.tech:
|
||||
if conf.technique and isinstance(conf.technique, list) and stype not in conf.technique:
|
||||
debugMsg = "skipping test '%s' because the user " % title
|
||||
debugMsg += "specified to test only for "
|
||||
debugMsg += "%s techniques" % " & ".join(PAYLOAD.SQLINJECTION[_] for _ in conf.tech)
|
||||
debugMsg += "%s techniques" % " & ".join(PAYLOAD.SQLINJECTION[_] for _ in conf.technique)
|
||||
logger.debug(debugMsg)
|
||||
continue
|
||||
|
||||
|
|
|
@ -429,7 +429,7 @@ def start():
|
|||
|
||||
if (len(kb.injections) == 0 or (len(kb.injections) == 1 and kb.injections[0].place is None)) and (kb.injection.place is None or kb.injection.parameter is None):
|
||||
|
||||
if not any((conf.string, conf.notString, conf.regexp)) and PAYLOAD.TECHNIQUE.BOOLEAN in conf.tech:
|
||||
if not any((conf.string, conf.notString, conf.regexp)) and PAYLOAD.TECHNIQUE.BOOLEAN in conf.technique:
|
||||
# NOTE: this is not needed anymore, leaving only to display
|
||||
# a warning message to the user in case the page is not stable
|
||||
checkStability()
|
||||
|
@ -533,7 +533,7 @@ def start():
|
|||
infoMsg = "ignoring %sparameter '%s'" % ("%s " % paramType if paramType != parameter else "", parameter)
|
||||
logger.info(infoMsg)
|
||||
|
||||
elif PAYLOAD.TECHNIQUE.BOOLEAN in conf.tech or conf.skipStatic:
|
||||
elif PAYLOAD.TECHNIQUE.BOOLEAN in conf.technique or conf.skipStatic:
|
||||
check = checkDynParam(place, parameter, value)
|
||||
|
||||
if not check:
|
||||
|
@ -612,7 +612,7 @@ def start():
|
|||
errMsg += " Try to increase values for '--level'/'--risk' options "
|
||||
errMsg += "if you wish to perform more tests."
|
||||
|
||||
if isinstance(conf.tech, list) and len(conf.tech) < 5:
|
||||
if isinstance(conf.technique, list) and len(conf.technique) < 5:
|
||||
errMsg += " Rerun without providing the option '--technique'."
|
||||
|
||||
if not conf.textOnly and kb.originalPage:
|
||||
|
|
|
@ -3188,7 +3188,7 @@ def isTechniqueAvailable(technique):
|
|||
>>> kb.injection.data = popValue()
|
||||
"""
|
||||
|
||||
if conf.tech and isinstance(conf.tech, list) and technique not in conf.tech:
|
||||
if conf.technique and isinstance(conf.technique, list) and technique not in conf.technique:
|
||||
return False
|
||||
else:
|
||||
return getTechniqueData(technique) is not None
|
||||
|
|
|
@ -20,7 +20,7 @@ _defaults = {
|
|||
"level": 1,
|
||||
"risk": 1,
|
||||
"dumpFormat": "CSV",
|
||||
"tech": "BEUSTQ",
|
||||
"technique": "BEUSTQ",
|
||||
"torType": "SOCKS5",
|
||||
}
|
||||
|
||||
|
|
|
@ -662,10 +662,10 @@ def _setTechnique():
|
|||
validTechniques = sorted(getPublicTypeMembers(PAYLOAD.TECHNIQUE), key=lambda x: x[1])
|
||||
validLetters = [_[0][0].upper() for _ in validTechniques]
|
||||
|
||||
if conf.tech and isinstance(conf.tech, six.string_types):
|
||||
if conf.technique and isinstance(conf.technique, six.string_types):
|
||||
_ = []
|
||||
|
||||
for letter in conf.tech.upper():
|
||||
for letter in conf.technique.upper():
|
||||
if letter not in validLetters:
|
||||
errMsg = "value for --technique must be a string composed "
|
||||
errMsg += "by the letters %s. Refer to the " % ", ".join(validLetters)
|
||||
|
@ -677,7 +677,7 @@ def _setTechnique():
|
|||
_.append(validInt)
|
||||
break
|
||||
|
||||
conf.tech = _
|
||||
conf.technique = _
|
||||
|
||||
def _setDBMS():
|
||||
"""
|
||||
|
@ -2476,7 +2476,7 @@ def _basicOptionValidation():
|
|||
errMsg = "option '-d' is incompatible with switch '--tor'"
|
||||
raise SqlmapSyntaxException(errMsg)
|
||||
|
||||
if not conf.tech:
|
||||
if not conf.technique:
|
||||
errMsg = "option '--technique' can't be empty"
|
||||
raise SqlmapSyntaxException(errMsg)
|
||||
|
||||
|
|
|
@ -105,7 +105,7 @@ optDict = {
|
|||
},
|
||||
|
||||
"Techniques": {
|
||||
"tech": "string",
|
||||
"technique": "string",
|
||||
"timeSec": "integer",
|
||||
"uCols": "string",
|
||||
"uChar": "string",
|
||||
|
|
|
@ -18,7 +18,7 @@ from lib.core.enums import OS
|
|||
from thirdparty.six import unichr as _unichr
|
||||
|
||||
# sqlmap version (<major>.<minor>.<month>.<monthly commit>)
|
||||
VERSION = "1.3.6.29"
|
||||
VERSION = "1.3.6.30"
|
||||
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
|
||||
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
|
||||
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
|
||||
|
@ -296,7 +296,7 @@ BASIC_HELP_ITEMS = (
|
|||
"dbms",
|
||||
"level",
|
||||
"risk",
|
||||
"tech",
|
||||
"technique",
|
||||
"getAll",
|
||||
"getBanner",
|
||||
"getCurrentUser",
|
||||
|
|
|
@ -458,9 +458,9 @@ def _resumeHashDBValues():
|
|||
|
||||
for injection in hashDBRetrieve(HASHDB_KEYS.KB_INJECTIONS, True) or []:
|
||||
if isinstance(injection, InjectionDict) and injection.place in conf.paramDict and injection.parameter in conf.paramDict[injection.place]:
|
||||
if not conf.tech or intersect(conf.tech, injection.data.keys()):
|
||||
if intersect(conf.tech, injection.data.keys()):
|
||||
injection.data = dict(_ for _ in injection.data.items() if _[0] in conf.tech)
|
||||
if not conf.technique or intersect(conf.technique, injection.data.keys()):
|
||||
if intersect(conf.technique, injection.data.keys()):
|
||||
injection.data = dict(_ for _ in injection.data.items() if _[0] in conf.technique)
|
||||
if injection not in kb.injections:
|
||||
kb.injections.append(injection)
|
||||
|
||||
|
|
|
@ -328,8 +328,8 @@ def cmdLineParser(argv=None):
|
|||
# Techniques options
|
||||
techniques = OptionGroup(parser, "Techniques", "These options can be used to tweak testing of specific SQL injection techniques")
|
||||
|
||||
techniques.add_option("--technique", dest="tech",
|
||||
help="SQL injection techniques to use (default \"%s\")" % defaults.tech)
|
||||
techniques.add_option("--technique", dest="technique",
|
||||
help="SQL injection techniques to use (default \"%s\")" % defaults.technique)
|
||||
|
||||
techniques.add_option("--time-sec", dest="timeSec", type="int",
|
||||
help="Seconds to delay the DBMS response (default %d)" % defaults.timeSec)
|
||||
|
|
|
@ -367,7 +367,7 @@ titles = False
|
|||
# Example: ES (means test for error-based and stacked queries SQL
|
||||
# injection types only)
|
||||
# Default: BEUSTQ (means test for all SQL injection types - recommended)
|
||||
tech = BEUSTQ
|
||||
technique = BEUSTQ
|
||||
|
||||
# Seconds to delay the response from the DBMS.
|
||||
# Valid: integer
|
||||
|
|
|
@ -402,7 +402,7 @@ paths:
|
|||
googleDork: null
|
||||
saveConfig: null
|
||||
sqlShell: false
|
||||
tech: BEUSTQ
|
||||
technique: BEUSTQ
|
||||
textOnly: false
|
||||
cookieDel: null
|
||||
commonColumns: false
|
||||
|
@ -456,4 +456,4 @@ paths:
|
|||
timeout: 30
|
||||
externalDocs:
|
||||
description: "Find out more about sqlmap API (REST-JSON)"
|
||||
url: "https://github.com/sqlmapproject/sqlmap/wiki/Usage#api-rest-json"
|
||||
url: "https://github.com/sqlmapproject/sqlmap/wiki/Usage#api-rest-json"
|
||||
|
|
Loading…
Reference in New Issue
Block a user