sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-05-31 03:03:16 +03:00
Code Issues Packages Projects Releases Wiki Activity

Minor refactoring

Browse Source
This commit is contained in:
Miroslav Stampar 2012-10-29 10:48:49 +01:00
parent 32181d9322
commit 359e734954
4 changed files with 21 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
lib/core/enums.py
View File

@ -229,3 +229,9 @@ class ADJUST_TIME_DELAY:
DISABLE = -1 DISABLE = -1
NO = 0 NO = 0
YES = 1 YES = 1
class WEB_API:
PHP = "php"
ASP = "asp"
ASPX = "aspx"
JSP = "jsp"

4
lib/core/settings.py
View File

@ -469,10 +469,10 @@ MAX_HELP_OPTION_LENGTH = 18
FORMAT_EXCEPTION_STRINGS = ("Type mismatch", "Error converting", "Failed to convert", "System.FormatException", "java.lang.NumberFormatException") FORMAT_EXCEPTION_STRINGS = ("Type mismatch", "Error converting", "Failed to convert", "System.FormatException", "java.lang.NumberFormatException")
# Regular expression used for extracting ASP.NET view state values # Regular expression used for extracting ASP.NET view state values
VIEWSTATE_REGEX = r'(?P<name>__VIEWSTATE[^"]*)[^>]+value="(?P<value>[^"]+)' VIEWSTATE_REGEX = r'(?i)(?P<name>__VIEWSTATE[^"]*)[^>]+value="(?P<result>[^"]+)'
# Regular expression used for extracting ASP.NET event validation values # Regular expression used for extracting ASP.NET event validation values
EVENTVALIDATION_REGEX = r'(?P<name>__EVENTVALIDATION[^"]*)[^>]+value="(?P<value>[^"]+)' EVENTVALIDATION_REGEX = r'(?i)(?P<name>__EVENTVALIDATION[^"]*)[^>]+value="(?P<result>[^"]+)'
# Number of rows to generate inside the full union test for limited output (mustn't be too large to prevent payload length problems) # Number of rows to generate inside the full union test for limited output (mustn't be too large to prevent payload length problems)
LIMITED_ROWS_TEST_NUMBER = 15 LIMITED_ROWS_TEST_NUMBER = 15

2
lib/request/basic.py
View File

@ -265,7 +265,7 @@ def processResponse(page, responseHeaders):
if kb.originalPage is None: if kb.originalPage is None:
for regex in (EVENTVALIDATION_REGEX, VIEWSTATE_REGEX): for regex in (EVENTVALIDATION_REGEX, VIEWSTATE_REGEX):
match = re.search(regex, page, re.I) match = re.search(regex, page)
if match and PLACE.POST in conf.parameters: if match and PLACE.POST in conf.parameters:
name, value = match.groups() name, value = match.groups()
if PLACE.POST in conf.paramDict and name in conf.paramDict[PLACE.POST]: if PLACE.POST in conf.paramDict and name in conf.paramDict[PLACE.POST]:

20
lib/takeover/web.py
View File

@ -19,6 +19,7 @@ from lib.core.common import decloakToNamedTemporaryFile
from lib.core.common import extractRegexResult from lib.core.common import extractRegexResult
from lib.core.common import getDirs from lib.core.common import getDirs
from lib.core.common import getDocRoot from lib.core.common import getDocRoot
from lib.core.common import getPublicTypeMembers
from lib.core.common import getSQLSnippet from lib.core.common import getSQLSnippet
from lib.core.common import ntToPosixSlashes from lib.core.common import ntToPosixSlashes
from lib.core.common import isTechniqueAvailable from lib.core.common import isTechniqueAvailable
@ -37,6 +38,9 @@ from lib.core.data import paths
from lib.core.enums import DBMS from lib.core.enums import DBMS
from lib.core.enums import OS from lib.core.enums import OS
from lib.core.enums import PAYLOAD from lib.core.enums import PAYLOAD
from lib.core.enums import WEB_API
from lib.core.settings import EVENTVALIDATION_REGEX
from lib.core.settings import VIEWSTATE_REGEX
from lib.request.connect import Connect as Request from lib.request.connect import Connect as Request
@ -85,14 +89,14 @@ class Web:
def __webFileStreamUpload(self, stream, destFileName, directory): def __webFileStreamUpload(self, stream, destFileName, directory):
stream.seek(0) # Rewind stream.seek(0) # Rewind
if self.webApi in ("php", "asp", "aspx", "jsp"): if self.webApi in getPublicTypeMembers(WEB_API, True):
multipartParams = { multipartParams = {
"upload": "1", "upload": "1",
"file": stream, "file": stream,
"uploadDir": directory, "uploadDir": directory,
} }
if self.webApi == "aspx": if self.webApi == WEB_API.ASPX:
multipartParams['__EVENTVALIDATION'] = kb.data.__EVENTVALIDATION multipartParams['__EVENTVALIDATION'] = kb.data.__EVENTVALIDATION
multipartParams['__VIEWSTATE'] = kb.data.__VIEWSTATE multipartParams['__VIEWSTATE'] = kb.data.__VIEWSTATE
@ -141,7 +145,7 @@ class Web:
logger.info(infoMsg) logger.info(infoMsg)
default = None default = None
choices = ('asp', 'aspx', 'php', 'jsp') choices = list(getPublicTypeMembers(WEB_API, True))
for ext in choices: for ext in choices:
if conf.url.endswith(ext): if conf.url.endswith(ext):
@ -150,9 +154,9 @@ class Web:
if not default: if not default:
if Backend.isOs(OS.WINDOWS): if Backend.isOs(OS.WINDOWS):
default = "asp" default = WEB_API.ASP
else: else:
default = "php" default = WEB_API.PHP
message = "which web application language does the web server " message = "which web application language does the web server "
message += "support?\n" message += "support?\n"
@ -268,9 +272,9 @@ class Web:
logger.warn(warnMsg) logger.warn(warnMsg)
continue continue
elif self.webApi == "aspx": elif self.webApi == WEB_API.ASPX:
kb.data.__EVENTVALIDATION = extractRegexResult(r"__EVENTVALIDATION[^>]+value=\"(?P<result>[^\"]+)\"", uplPage, re.I) kb.data.__EVENTVALIDATION = extractRegexResult(EVENTVALIDATION_REGEX, uplPage)
kb.data.__VIEWSTATE = extractRegexResult(r"__VIEWSTATE[^>]+value=\"(?P<result>[^\"]+)\"", uplPage, re.I) kb.data.__VIEWSTATE = extractRegexResult(VIEWSTATE_REGEX, uplPage)
infoMsg = "the file stager has been successfully uploaded " infoMsg = "the file stager has been successfully uploaded "
infoMsg += "on '%s' - %s" % (localPath, self.webStagerUrl) infoMsg += "on '%s' - %s" % (localPath, self.webStagerUrl)