From 29001a4fcecf70bb769a8d292933f8c584d151cb Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Mon, 20 Dec 2010 23:21:01 +0000 Subject: [PATCH] minor update --- lib/request/connect.py | 2 +- lib/techniques/brute/use.py | 61 ++++++++++++++++++++++++++++--------- 2 files changed, 48 insertions(+), 15 deletions(-) diff --git a/lib/request/connect.py b/lib/request/connect.py index 2091e777f..2044c7bef 100644 --- a/lib/request/connect.py +++ b/lib/request/connect.py @@ -287,7 +287,7 @@ class Connect: if silent or (ignoreTimeout and "timeout" in tbMsg): return None, None - elif kb.retriesCount < conf.retries: + elif kb.retriesCount < conf.retries and not conf.threadException: kb.retriesCount += 1 warnMsg += ", sqlmap is going to retry the request" diff --git a/lib/techniques/brute/use.py b/lib/techniques/brute/use.py index a71f1693c..bb95bcbec 100644 --- a/lib/techniques/brute/use.py +++ b/lib/techniques/brute/use.py @@ -7,6 +7,7 @@ Copyright (c) 2006-2010 sqlmap developers (http://sqlmap.sourceforge.net/) See the file 'doc/COPYING' for copying permission """ +import threading import time from lib.core.common import clearConsoleLine @@ -29,27 +30,59 @@ def tableExists(tableFile): infoMsg = "checking table existence using items from '%s'" % tableFile logger.info(infoMsg) - count = 0 + count = [0] length = len(tables) + threads = [] + tbllock = threading.Lock() + iolock = threading.Lock() + kb.locks.seqLock = threading.Lock() + kb.threadContinue = True + + def tableExistsThread(): + while count[0] < length and kb.threadContinue: + tbllock.acquire() + table = tables[count[0]] + count[0] += 1 + tbllock.release() - for table in tables: - if conf.db and not conf.db.endswith(METADB_SUFFIX): - table = "%s.%s" % (conf.db, table) - result = inject.checkBooleanExpression("%s" % safeStringFormat("EXISTS(SELECT %d FROM %s)", (randomInt(1), table))) + if conf.db and not conf.db.endswith(METADB_SUFFIX): + table = "%s.%s" % (conf.db, table) + result = inject.checkBooleanExpression("%s" % safeStringFormat("EXISTS(SELECT %d FROM %s)", (randomInt(1), table))) - if result: - retVal.append(table) + iolock.acquire() + if result: + retVal.append(table) + + if conf.verbose in (1, 2): + clearConsoleLine(True) + infoMsg = "\r[%s] [INFO] retrieved: %s\n" % (time.strftime("%X"), table) + dataToStdout(infoMsg, True) if conf.verbose in (1, 2): - clearConsoleLine(True) - infoMsg = "\r[%s] [INFO] retrieved: %s\n" % (time.strftime("%X"), table) - dataToStdout(infoMsg, True) + status = '%d/%d items (%d%s)' % (count[0], length, round(100.0*count[0]/length), '%') + dataToStdout("\r[%s] [INFO] tried: %s" % (time.strftime("%X"), status), True) + iolock.release() - count += 1 + # Start the threads + for numThread in range(conf.threads): + thread = threading.Thread(target=tableExistsThread, name=str(numThread)) + thread.start() + threads.append(thread) - if conf.verbose in (1, 2): - status = '%d/%d items (%d%s)' % (count, length, round(100.0*count/length), '%') - dataToStdout("\r[%s] [INFO] tried: %s" % (time.strftime("%X"), status), True) + # And wait for them to all finish + try: + alive = True + while alive: + alive = False + for thread in threads: + if thread.isAlive(): + alive = True + thread.join(5) + except KeyboardInterrupt: + kb.threadContinue = False + raise + finally: + kb.locks.seqLock = None clearConsoleLine(True)