sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-11-22 09:36:35 +03:00
Code Issues Packages Projects Releases Wiki Activity

Minor renaming

Browse Source
This commit is contained in:
Miroslav Stampar 2019-06-07 00:21:43 +02:00
parent 02c8f47892
commit 28c5a709bd
12 changed files with 230 additions and 230 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

416
data/xml/livetests.xml
View File

File diff suppressed because it is too large Load Diff

4
lib/controller/checks.py
View File

@ -220,10 +220,10 @@ def checkSqlInjection(place, parameter, value):
# Skip test if the user's wants to test only for a specific # Skip test if the user's wants to test only for a specific
# technique # technique
if conf.tech and isinstance(conf.tech, list) and stype not in conf.tech: if conf.technique and isinstance(conf.technique, list) and stype not in conf.technique:
debugMsg = "skipping test '%s' because the user " % title debugMsg = "skipping test '%s' because the user " % title
debugMsg += "specified to test only for " debugMsg += "specified to test only for "
debugMsg += "%s techniques" % " & ".join(PAYLOAD.SQLINJECTION[_] for _ in conf.tech) debugMsg += "%s techniques" % " & ".join(PAYLOAD.SQLINJECTION[_] for _ in conf.technique)
logger.debug(debugMsg) logger.debug(debugMsg)
continue continue

6
lib/controller/controller.py
View File

@ -429,7 +429,7 @@ def start():
if (len(kb.injections) == 0 or (len(kb.injections) == 1 and kb.injections[0].place is None)) and (kb.injection.place is None or kb.injection.parameter is None): if (len(kb.injections) == 0 or (len(kb.injections) == 1 and kb.injections[0].place is None)) and (kb.injection.place is None or kb.injection.parameter is None):
if not any((conf.string, conf.notString, conf.regexp)) and PAYLOAD.TECHNIQUE.BOOLEAN in conf.tech: if not any((conf.string, conf.notString, conf.regexp)) and PAYLOAD.TECHNIQUE.BOOLEAN in conf.technique:
# NOTE: this is not needed anymore, leaving only to display # NOTE: this is not needed anymore, leaving only to display
# a warning message to the user in case the page is not stable # a warning message to the user in case the page is not stable
checkStability() checkStability()
@ -533,7 +533,7 @@ def start():
infoMsg = "ignoring %sparameter '%s'" % ("%s " % paramType if paramType != parameter else "", parameter) infoMsg = "ignoring %sparameter '%s'" % ("%s " % paramType if paramType != parameter else "", parameter)
logger.info(infoMsg) logger.info(infoMsg)
elif PAYLOAD.TECHNIQUE.BOOLEAN in conf.tech or conf.skipStatic: elif PAYLOAD.TECHNIQUE.BOOLEAN in conf.technique or conf.skipStatic:
check = checkDynParam(place, parameter, value) check = checkDynParam(place, parameter, value)
if not check: if not check:
@ -612,7 +612,7 @@ def start():
errMsg += " Try to increase values for '--level'/'--risk' options " errMsg += " Try to increase values for '--level'/'--risk' options "
errMsg += "if you wish to perform more tests." errMsg += "if you wish to perform more tests."
if isinstance(conf.tech, list) and len(conf.tech) < 5: if isinstance(conf.technique, list) and len(conf.technique) < 5:
errMsg += " Rerun without providing the option '--technique'." errMsg += " Rerun without providing the option '--technique'."
if not conf.textOnly and kb.originalPage: if not conf.textOnly and kb.originalPage:

2
lib/core/common.py
View File

@ -3188,7 +3188,7 @@ def isTechniqueAvailable(technique):
>>> kb.injection.data = popValue() >>> kb.injection.data = popValue()
""" """
if conf.tech and isinstance(conf.tech, list) and technique not in conf.tech: if conf.technique and isinstance(conf.technique, list) and technique not in conf.technique:
return False return False
else: else:
return getTechniqueData(technique) is not None return getTechniqueData(technique) is not None

2
lib/core/defaults.py
View File

@ -20,7 +20,7 @@ _defaults = {
"level": 1, "level": 1,
"risk": 1, "risk": 1,
"dumpFormat": "CSV", "dumpFormat": "CSV",
"tech": "BEUSTQ", "technique": "BEUSTQ",
"torType": "SOCKS5", "torType": "SOCKS5",
} }

8
lib/core/option.py
View File

@ -662,10 +662,10 @@ def _setTechnique():
validTechniques = sorted(getPublicTypeMembers(PAYLOAD.TECHNIQUE), key=lambda x: x[1]) validTechniques = sorted(getPublicTypeMembers(PAYLOAD.TECHNIQUE), key=lambda x: x[1])
validLetters = [_[0][0].upper() for _ in validTechniques] validLetters = [_[0][0].upper() for _ in validTechniques]
if conf.tech and isinstance(conf.tech, six.string_types): if conf.technique and isinstance(conf.technique, six.string_types):
_ = [] _ = []
for letter in conf.tech.upper(): for letter in conf.technique.upper():
if letter not in validLetters: if letter not in validLetters:
errMsg = "value for --technique must be a string composed " errMsg = "value for --technique must be a string composed "
errMsg += "by the letters %s. Refer to the " % ", ".join(validLetters) errMsg += "by the letters %s. Refer to the " % ", ".join(validLetters)
@ -677,7 +677,7 @@ def _setTechnique():
_.append(validInt) _.append(validInt)
break break
conf.tech = _ conf.technique = _
def _setDBMS(): def _setDBMS():
""" """
@ -2476,7 +2476,7 @@ def _basicOptionValidation():
errMsg = "option '-d' is incompatible with switch '--tor'" errMsg = "option '-d' is incompatible with switch '--tor'"
raise SqlmapSyntaxException(errMsg) raise SqlmapSyntaxException(errMsg)
if not conf.tech: if not conf.technique:
errMsg = "option '--technique' can't be empty" errMsg = "option '--technique' can't be empty"
raise SqlmapSyntaxException(errMsg) raise SqlmapSyntaxException(errMsg)

2
lib/core/optiondict.py
View File

@ -105,7 +105,7 @@ optDict = {
}, },
"Techniques": { "Techniques": {
"tech": "string", "technique": "string",
"timeSec": "integer", "timeSec": "integer",
"uCols": "string", "uCols": "string",
"uChar": "string", "uChar": "string",

4
lib/core/settings.py
View File

@ -18,7 +18,7 @@ from lib.core.enums import OS
from thirdparty.six import unichr as _unichr from thirdparty.six import unichr as _unichr
# sqlmap version (<major>.<minor>.<month>.<monthly commit>) # sqlmap version (<major>.<minor>.<month>.<monthly commit>)
VERSION = "1.3.6.29" VERSION = "1.3.6.30"
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable" TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34} TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE) VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
@ -296,7 +296,7 @@ BASIC_HELP_ITEMS = (
"dbms", "dbms",
"level", "level",
"risk", "risk",
"tech", "technique",
"getAll", "getAll",
"getBanner", "getBanner",
"getCurrentUser", "getCurrentUser",

6
lib/core/target.py
View File

@ -458,9 +458,9 @@ def _resumeHashDBValues():
for injection in hashDBRetrieve(HASHDB_KEYS.KB_INJECTIONS, True) or []: for injection in hashDBRetrieve(HASHDB_KEYS.KB_INJECTIONS, True) or []:
if isinstance(injection, InjectionDict) and injection.place in conf.paramDict and injection.parameter in conf.paramDict[injection.place]: if isinstance(injection, InjectionDict) and injection.place in conf.paramDict and injection.parameter in conf.paramDict[injection.place]:
if not conf.tech or intersect(conf.tech, injection.data.keys()): if not conf.technique or intersect(conf.technique, injection.data.keys()):
if intersect(conf.tech, injection.data.keys()): if intersect(conf.technique, injection.data.keys()):
injection.data = dict(_ for _ in injection.data.items() if _[0] in conf.tech) injection.data = dict(_ for _ in injection.data.items() if _[0] in conf.technique)
if injection not in kb.injections: if injection not in kb.injections:
kb.injections.append(injection) kb.injections.append(injection)

4
lib/parse/cmdline.py
View File

@ -328,8 +328,8 @@ def cmdLineParser(argv=None):
# Techniques options # Techniques options
techniques = OptionGroup(parser, "Techniques", "These options can be used to tweak testing of specific SQL injection techniques") techniques = OptionGroup(parser, "Techniques", "These options can be used to tweak testing of specific SQL injection techniques")
techniques.add_option("--technique", dest="tech", techniques.add_option("--technique", dest="technique",
help="SQL injection techniques to use (default \"%s\")" % defaults.tech) help="SQL injection techniques to use (default \"%s\")" % defaults.technique)
techniques.add_option("--time-sec", dest="timeSec", type="int", techniques.add_option("--time-sec", dest="timeSec", type="int",
help="Seconds to delay the DBMS response (default %d)" % defaults.timeSec) help="Seconds to delay the DBMS response (default %d)" % defaults.timeSec)

2
sqlmap.conf
View File

@ -367,7 +367,7 @@ titles = False
# Example: ES (means test for error-based and stacked queries SQL # Example: ES (means test for error-based and stacked queries SQL
# injection types only) # injection types only)
# Default: BEUSTQ (means test for all SQL injection types - recommended) # Default: BEUSTQ (means test for all SQL injection types - recommended)
tech = BEUSTQ technique = BEUSTQ
# Seconds to delay the response from the DBMS. # Seconds to delay the response from the DBMS.
# Valid: integer # Valid: integer

4
swagger.yaml
View File

@ -402,7 +402,7 @@ paths:
googleDork: null googleDork: null
saveConfig: null saveConfig: null
sqlShell: false sqlShell: false
tech: BEUSTQ technique: BEUSTQ
textOnly: false textOnly: false
cookieDel: null cookieDel: null
commonColumns: false commonColumns: false
@ -456,4 +456,4 @@ paths:
timeout: 30 timeout: 30
externalDocs: externalDocs:
description: "Find out more about sqlmap API (REST-JSON)" description: "Find out more about sqlmap API (REST-JSON)"
url: "https://github.com/sqlmapproject/sqlmap/wiki/Usage#api-rest-json" url: "https://github.com/sqlmapproject/sqlmap/wiki/Usage#api-rest-json"