Fixes #177 - Don't exit at exception if in "multiple targets" mode (-l or -g)

lib/controller/checks.py

@@ -302,11 +302,11 @@ def checkStability():
             logMsg  = "url is stable"
             logger.info(logMsg)
         else:
-            exceptionMsg   = "there was an error checking the stability of page "
+            errMsg  = "there was an error checking the stability of page "
-            exceptionMsg  += "because of lack of content. please check the "
+            errMsg += "because of lack of content. please check the "
-            exceptionMsg  += "page request results (and probable errors) by "
+            errMsg += "page request results (and probable errors) by "
-            exceptionMsg  += "using higher verbosity levels"
+            errMsg += "using higher verbosity levels"
-            raise sqlmapNoneDataException, exceptionMsg
+            raise sqlmapNoneDataException, errMsg
 
     elif not condition:
         warnMsg  = "url is not stable, sqlmap will base the page "
@@ -387,15 +387,8 @@ def checkConnection():
         page, _ = Request.getPage()
         conf.seqMatcher.set_seq1(page)
 
-    except sqlmapConnectionException, exceptionMsg:
+    except sqlmapConnectionException, errMsg:
-        exceptionMsg = str(exceptionMsg)
+        errMsg = str(errMsg)
-
+        raise sqlmapConnectionException, errMsg
-        if conf.multipleTargets:
-            exceptionMsg += ", skipping to next url"
-            logger.warn(exceptionMsg)
-
-            return False
-        else:
-            raise sqlmapConnectionException, exceptionMsg
 
     return True

lib/controller/controller.py

@@ -35,6 +35,7 @@ from lib.core.common import readInput
 from lib.core.data import conf
 from lib.core.data import kb
 from lib.core.data import logger
+from lib.core.exception import exceptionsTuple
 from lib.core.exception import sqlmapNotVulnerableException
 from lib.core.session import setInjection
 from lib.core.target import initTargetEnv
@@ -88,6 +89,9 @@ def start():
     check if they are dynamic and SQL injection affected
     """
 
+    if not conf.start:
+        return
+
     if conf.url:
         kb.targetUrls.add(( conf.url, conf.method, conf.data, conf.cookie ))
 
@@ -105,6 +109,7 @@ def start():
     setCookieAsInjectable   = True
 
     for targetUrl, targetMethod, targetData, targetCookie in kb.targetUrls:
+        try:
             conf.url    = targetUrl
             conf.method = targetMethod
             conf.data   = targetData
@@ -230,10 +235,8 @@ def start():
                 elif len(injData) > 1:
                     injDataSelected = __selectInjection(injData)
 
-            elif conf.multipleTargets:
-                continue
-
                 else:
+                    raise sqlmapNotVulnerableException, "all parameters are not injectable"
                     return
 
                 if injDataSelected == "Quit":
@@ -243,8 +246,6 @@ def start():
                     kb.injPlace, kb.injParameter, kb.injType = injDataSelected
                     setInjection()
 
-        if not conf.multipleTargets and ( not kb.injPlace or not kb.injParameter or not kb.injType ):
-            raise sqlmapNotVulnerableException, "all parameters are not injectable"
             elif kb.injPlace and kb.injParameter and kb.injType:
                 if conf.multipleTargets:
                     message = "do you want to exploit this SQL injection? [Y/n] "
@@ -258,5 +259,15 @@ def start():
                     checkForParenthesis()
                     action()
 
+        except exceptionsTuple, e:
+            e = str(e)
+
+            if conf.multipleTargets:
+                e += ", skipping to next url"
+                logger.error(e)
+            else:
+                logger.error(e)
+                return
+
     if conf.loggedToOut:
         logger.info("Fetched data logged to text files under '%s'" % conf.outputPath)

lib/request/connect.py

@@ -178,12 +178,12 @@ class Connect:
 
         except urllib2.HTTPError, e:
             if e.code == 401:
-                exceptionMsg  = "not authorized, try to provide right HTTP "
+                errMsg  = "not authorized, try to provide right HTTP "
-                exceptionMsg += "authentication type and valid credentials"
+                errMsg += "authentication type and valid credentials"
-                raise sqlmapConnectionException, exceptionMsg
+                raise sqlmapConnectionException, errMsg
             elif e.code == 404 and raise404:
-                exceptionMsg = "page not found"
+                errMsg = "page not found"
-                raise sqlmapConnectionException, exceptionMsg
+                raise sqlmapConnectionException, errMsg
             else:
                 page = e.read()
                 code = e.code
@@ -210,12 +210,6 @@ class Connect:
             if "BadStatusLine" not in tbMsg:
                 warnMsg += " or proxy"
 
-            if conf.multipleTargets:
-                warnMsg += ", skipping to next url"
-                logger.warn(warnMsg)
-
-                return None, None
-
             if silent:
                 return None, None
             elif conf.retriesCount < conf.retries:

sqlmap.py

@@ -72,11 +72,10 @@ def main():
 
     try:
         init(cmdLineOptions)
-
-        if conf.start:
         start()
 
     except exceptionsTuple, e:
+        e = str(e)
         logger.error(e)
 
     except KeyboardInterrupt:
@@ -90,6 +89,7 @@ def main():
         logger.error(errMsg)
 
     except:
+        print
         errMsg = unhandledException()
         logger.error(errMsg)
         traceback.print_exc()