adding (for now) hidden switch --tor-http (utilizing Tor proxy bundles)

2025-02-03 13:14:13 +03:00 · 2011-12-14 10:19:45 +00:00 · 2011-12-14 10:19:45 +00:00 · 364113441b
commit 364113441b
parent 73a500833d
4 changed files with 69 additions and 13 deletions
--- a/lib/core/option.py
+++ b/lib/core/option.py
@ -81,6 +81,7 @@ from lib.core.optiondict import optDict
 from lib.core.settings import CODECS_LIST_PAGE
 from lib.core.settings import DEFAULT_GET_POST_DELIMITER
 from lib.core.settings import DEFAULT_PAGE_ENCODING
 from lib.core.settings import DEFAULT_TOR_HTTP_PORTS
 from lib.core.settings import DEFAULT_TOR_SOCKS_PORT
 from lib.core.settings import GENERAL_IP_ADDRESS_REGEX
 from lib.core.settings import IS_WIN
@ -1679,8 +1680,45 @@ def __setTrafficOutputFP():
        conf.trafficFP = openFile(conf.trafficFile, "w+")
 def __setTorHttpProxySettings():
    if not conf.torHttp:
        return
    infoMsg = "setting Tor HTTP proxy settings"
    logger.info(infoMsg)
    found = None
    for port in DEFAULT_TOR_HTTP_PORTS:
        try:
            s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
            s.connect((LOCALHOST, port))
            found = port
            break
        except socket.error:
            pass
    s.close()
    if found:
        conf.proxy = "http://%s:%d" % (LOCALHOST, found)
    else:
        errMsg = "can't establish connection with the Tor proxy. "
        errMsg += "Please make sure that you have Vidalia, Privoxy or "
        errMsg += "Polipo bundle installed for you to be able to "
        errMsg += "successfully use --tor switch "
        if IS_WIN:
            errMsg += "(e.g. https://www.torproject.org/projects/vidalia.html.en)"
        else:
            errMsg += "(e.g. http://www.coresec.org/2011/04/24/sqlmap-with-tor/)"
        raise sqlmapConnectionException, errMsg
    conf.tor = True
 def __setTorSocksProxySettings():
-    if not conf.tor:
+    if not conf.tor or conf.torHttp:
        return
    infoMsg = "setting Tor SOCKS proxy settings"
@ -1691,17 +1729,19 @@ def __setTorSocksProxySettings():
    socks.wrapmodule(urllib2)
 def __checkTor():
-    if conf.checkTor:
+    if not conf.checkTor:
-        infoMsg = "checking Tor connection"
+        return
        logger.info(infoMsg)
-        page, _, _ = Request.getPage(url="https://check.torproject.org/", raise404=False)
+    infoMsg = "checking Tor connection"
-        if not page or 'Congratulations' not in page:
+    logger.info(infoMsg)
-            errMsg = "it seems that Tor is not properly set"
+
-            raise sqlmapConnectionException, errMsg
+    page, _, _ = Request.getPage(url="https://check.torproject.org/", raise404=False)
-        else:
+    if not page or 'Congratulations' not in page:
-            infoMsg = "Tor is properly being used"
+        errMsg = "it seems that Tor is not properly set"
-            logger.info(infoMsg)
+        raise sqlmapConnectionException, errMsg
    else:
        infoMsg = "Tor is properly being used"
        logger.info(infoMsg)
 def __basicOptionValidation():
    if conf.limitStart is not None and not (isinstance(conf.limitStart, int) and conf.limitStart > 0):
@ -1766,7 +1806,11 @@ def __basicOptionValidation():
        errMsg = "switch --tor is incompatible with switch --proxy"
        raise sqlmapSyntaxException, errMsg
-    if conf.checkTor and not (conf.tor or conf.proxy):
+    if conf.torHttp and conf.proxy:
        errMsg = "switch --tor-http is incompatible with switch --proxy"
        raise sqlmapSyntaxException, errMsg
    if conf.checkTor and not any([conf.tor, conf.torHttp, conf.proxy]):
        errMsg = "switch --check-tor requires usage of switch --tor (or --proxy with HTTP proxy address using Tor)"
        raise sqlmapSyntaxException, errMsg
@ -1782,6 +1826,10 @@ def __basicOptionValidation():
        errMsg = "switch --proxy is incompatible with switch --ignore-proxy"
        raise sqlmapSyntaxException, errMsg
    if conf.tor and conf.torHttp:
        errMsg = "switch --tor is incompatible with switch --tor-http"
        raise sqlmapSyntaxException, errMsg
    if conf.forms and any([conf.logFile, conf.bulkFile, conf.direct, conf.requestFile, conf.googleDork]):
        errMsg = "switch --forms is compatible only with -u (--url) target switch"
        raise sqlmapSyntaxException, errMsg
@ -1830,6 +1878,7 @@ def init(inputOptions=AttribDict(), overrideOptions=False):
    __checkDependencies()
    __basicOptionValidation()
    __setTorSocksProxySettings()
    __setTorHttpProxySettings()
    __setMultipleTargets()
    __setTamperingFunctions()
    __setTrafficOutputFP()
--- a/lib/core/settings.py
+++ b/lib/core/settings.py
@ -351,6 +351,9 @@ LOCALHOST = "127.0.0.1"
 # Default port used by Tor
 DEFAULT_TOR_SOCKS_PORT = 9050
 # Default ports used in Tor proxy bundles
 DEFAULT_TOR_HTTP_PORTS = (8123, 8118)
 # Percentage below which comparison engine could have problems
 LOW_TEXT_PERCENT = 20
--- a/lib/parse/cmdline.py
+++ b/lib/parse/cmdline.py
@ -609,6 +609,9 @@ def cmdLineParser():
        parser.add_option("--test-filter", dest="testFilter",
                           help=SUPPRESS_HELP)
        parser.add_option("--tor-http", dest="torHttp", action="store_true",
                           help=SUPPRESS_HELP)
        parser.add_option_group(target)
        parser.add_option_group(request)
        parser.add_option_group(optimization)
--- a/lib/request/connect.py
+++ b/lib/request/connect.py
@ -99,7 +99,8 @@ class Connect:
                warnMsg = "please make sure that you have "
                warnMsg += "Tor installed and running so "
                warnMsg += "you could successfully use "
-                warnMsg += "--tor switch "
+                warnMsg += "--tor switch (or try hidden "
                warnMsg += "switch --tor-http)"
                if IS_WIN:
                    warnMsg += "(e.g. https://www.torproject.org/download/download.html.en)"
                else: