Implementing support for piped input of targets

This commit is contained in:
Miroslav Stampar 2020-10-14 11:34:52 +02:00
parent 0585a55ee0
commit 2bf22df53a
4 changed files with 36 additions and 20 deletions

View File

@ -291,7 +291,7 @@ def start():
logger.error(errMsg) logger.error(errMsg)
return False return False
if kb.targets and len(kb.targets) > 1: if kb.targets and isListLike(kb.targets) and len(kb.targets) > 1:
infoMsg = "found a total of %d targets" % len(kb.targets) infoMsg = "found a total of %d targets" % len(kb.targets)
logger.info(infoMsg) logger.info(infoMsg)

View File

@ -8,6 +8,7 @@ See the file 'LICENSE' for copying permission
from __future__ import division from __future__ import division
import codecs import codecs
import collections
import functools import functools
import glob import glob
import inspect import inspect
@ -416,6 +417,17 @@ def _setBulkMultipleTargets():
if not conf.bulkFile: if not conf.bulkFile:
return return
if isinstance(conf.bulkFile, collections.Iterable):
def _():
for line in conf.bulkFile:
if line:
match = re.search(r"\bhttps?://[^\s'\"]+", line, re.I)
if match:
yield (match.group(0), conf.method, conf.data, conf.cookie, None)
else:
break
kb.targets = _()
else:
conf.bulkFile = safeExpandUser(conf.bulkFile) conf.bulkFile = safeExpandUser(conf.bulkFile)
infoMsg = "parsing multiple targets list from '%s'" % conf.bulkFile infoMsg = "parsing multiple targets list from '%s'" % conf.bulkFile
@ -1631,6 +1643,7 @@ def _cleanupOptions():
for key, value in conf.items(): for key, value in conf.items():
if value and any(key.endswith(_) for _ in ("Path", "File", "Dir")): if value and any(key.endswith(_) for _ in ("Path", "File", "Dir")):
if isinstance(value, str):
conf[key] = safeExpandUser(value) conf[key] = safeExpandUser(value)
if conf.testParameter: if conf.testParameter:

View File

@ -18,7 +18,7 @@ from lib.core.enums import OS
from thirdparty.six import unichr as _unichr from thirdparty.six import unichr as _unichr
# sqlmap version (<major>.<minor>.<month>.<monthly commit>) # sqlmap version (<major>.<minor>.<month>.<monthly commit>)
VERSION = "1.4.10.5" VERSION = "1.4.10.6"
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable" TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34} TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE) VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)

View File

@ -1035,6 +1035,9 @@ def cmdLineParser(argv=None):
if args.dummy: if args.dummy:
args.url = args.url or DUMMY_URL args.url = args.url or DUMMY_URL
if hasattr(sys.stdin, "fileno") and not os.isatty(sys.stdin.fileno()) and '-' not in sys.argv:
args.bulkFile = iter(sys.stdin.readline, None)
if not any((args.direct, args.url, args.logFile, args.bulkFile, args.googleDork, args.configFile, args.requestFile, args.updateAll, args.smokeTest, args.vulnTest, args.bedTest, args.fuzzTest, args.wizard, args.dependencies, args.purge, args.listTampers, args.hashFile)): if not any((args.direct, args.url, args.logFile, args.bulkFile, args.googleDork, args.configFile, args.requestFile, args.updateAll, args.smokeTest, args.vulnTest, args.bedTest, args.fuzzTest, args.wizard, args.dependencies, args.purge, args.listTampers, args.hashFile)):
errMsg = "missing a mandatory option (-d, -u, -l, -m, -r, -g, -c, --list-tampers, --wizard, --update, --purge or --dependencies). " errMsg = "missing a mandatory option (-d, -u, -l, -m, -r, -g, -c, --list-tampers, --wizard, --update, --purge or --dependencies). "
errMsg += "Use -h for basic and -hh for advanced help\n" errMsg += "Use -h for basic and -hh for advanced help\n"