mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2025-03-03 11:45:46 +03:00
Minor beautification (e.g. HTTP header cases like Host parameter 'Host')
This commit is contained in:
parent
23d0a04f32
commit
36f2bb5390
|
@ -575,7 +575,7 @@ def checkSqlInjection(place, parameter, value):
|
|||
conf.string = candidate
|
||||
injectable = True
|
||||
|
||||
infoMsg = "%s parameter '%s' appears to be '%s' injectable (with --string=\"%s\")" % (paramType, parameter, title, repr(conf.string).lstrip('u').strip("'"))
|
||||
infoMsg = "%sparameter '%s' appears to be '%s' injectable (with --string=\"%s\")" % ("%s " % paramType if paramType != parameter else "", parameter, title, repr(conf.string).lstrip('u').strip("'"))
|
||||
logger.info(infoMsg)
|
||||
|
||||
break
|
||||
|
@ -585,7 +585,7 @@ def checkSqlInjection(place, parameter, value):
|
|||
if all((falseCode, trueCode)) and falseCode != trueCode:
|
||||
conf.code = trueCode
|
||||
|
||||
infoMsg = "%s parameter '%s' appears to be '%s' injectable (with --code=%d)" % (paramType, parameter, title, conf.code)
|
||||
infoMsg = "%sparameter '%s' appears to be '%s' injectable (with --code=%d)" % ("%s " % paramType if paramType != parameter else "", parameter, title, conf.code)
|
||||
logger.info(infoMsg)
|
||||
else:
|
||||
trueSet = set(extractTextTagContent(trueRawResponse))
|
||||
|
@ -610,7 +610,7 @@ def checkSqlInjection(place, parameter, value):
|
|||
|
||||
conf.string = candidate
|
||||
|
||||
infoMsg = "%s parameter '%s' appears to be '%s' injectable (with --string=\"%s\")" % (paramType, parameter, title, repr(conf.string).lstrip('u').strip("'"))
|
||||
infoMsg = "%sparameter '%s' appears to be '%s' injectable (with --string=\"%s\")" % ("%s " % paramType if paramType != parameter else "", parameter, title, repr(conf.string).lstrip('u').strip("'"))
|
||||
logger.info(infoMsg)
|
||||
|
||||
if not any((conf.string, conf.notString)):
|
||||
|
@ -624,11 +624,11 @@ def checkSqlInjection(place, parameter, value):
|
|||
|
||||
conf.notString = candidate
|
||||
|
||||
infoMsg = "%s parameter '%s' appears to be '%s' injectable (with --not-string=\"%s\")" % (paramType, parameter, title, repr(conf.notString).lstrip('u').strip("'"))
|
||||
infoMsg = "%sparameter '%s' appears to be '%s' injectable (with --not-string=\"%s\")" % ("%s " % paramType if paramType != parameter else "", parameter, title, repr(conf.notString).lstrip('u').strip("'"))
|
||||
logger.info(infoMsg)
|
||||
|
||||
if not any((conf.string, conf.notString, conf.code)):
|
||||
infoMsg = "%s parameter '%s' appears to be '%s' injectable " % (paramType, parameter, title)
|
||||
infoMsg = "%sparameter '%s' appears to be '%s' injectable " % ("%s " % paramType if paramType != parameter else "", parameter, title)
|
||||
singleTimeLogMessage(infoMsg)
|
||||
|
||||
# In case of error-based SQL injection
|
||||
|
@ -646,7 +646,7 @@ def checkSqlInjection(place, parameter, value):
|
|||
result = output == "1"
|
||||
|
||||
if result:
|
||||
infoMsg = "%s parameter '%s' is '%s' injectable " % (paramType, parameter, title)
|
||||
infoMsg = "%sparameter '%s' is '%s' injectable " % ("%s " % paramType if paramType != parameter else "", parameter, title)
|
||||
logger.info(infoMsg)
|
||||
|
||||
injectable = True
|
||||
|
@ -675,7 +675,7 @@ def checkSqlInjection(place, parameter, value):
|
|||
trueResult = Request.queryPage(reqPayload, place, timeBasedCompare=True, raise404=False)
|
||||
|
||||
if trueResult:
|
||||
infoMsg = "%s parameter '%s' appears to be '%s' injectable " % (paramType, parameter, title)
|
||||
infoMsg = "%sparameter '%s' appears to be '%s' injectable " % ("%s " % paramType if paramType != parameter else "", parameter, title)
|
||||
logger.info(infoMsg)
|
||||
|
||||
injectable = True
|
||||
|
@ -714,7 +714,7 @@ def checkSqlInjection(place, parameter, value):
|
|||
reqPayload, vector = unionTest(comment, place, parameter, value, prefix, suffix)
|
||||
|
||||
if isinstance(reqPayload, six.string_types):
|
||||
infoMsg = "%s parameter '%s' is '%s' injectable" % (paramType, parameter, title)
|
||||
infoMsg = "%sparameter '%s' is '%s' injectable" % ("%s " % paramType if paramType != parameter else "", parameter, title)
|
||||
logger.info(infoMsg)
|
||||
|
||||
injectable = True
|
||||
|
@ -1053,8 +1053,7 @@ def heuristicCheckSqlInjection(place, parameter):
|
|||
parseFilePaths(page)
|
||||
result = wasLastResponseDBMSError()
|
||||
|
||||
infoMsg = "heuristic (basic) test shows that %s parameter " % paramType
|
||||
infoMsg += "'%s' might " % parameter
|
||||
infoMsg = "heuristic (basic) test shows that %sparameter '%s' might " % ("%s " % paramType if paramType != parameter else "", parameter)
|
||||
|
||||
def _(page):
|
||||
return any(_ in (page or "") for _ in FORMAT_EXCEPTION_STRINGS)
|
||||
|
@ -1116,14 +1115,12 @@ def heuristicCheckSqlInjection(place, parameter):
|
|||
paramType = conf.method if conf.method not in (None, HTTPMETHOD.GET, HTTPMETHOD.POST) else place
|
||||
|
||||
if value.lower() in (page or "").lower():
|
||||
infoMsg = "heuristic (XSS) test shows that %s parameter " % paramType
|
||||
infoMsg += "'%s' might be vulnerable to cross-site scripting (XSS) attacks" % parameter
|
||||
infoMsg = "heuristic (XSS) test shows that %sparameter '%s' might be vulnerable to cross-site scripting (XSS) attacks" % ("%s " % paramType if paramType != parameter else "", parameter)
|
||||
logger.info(infoMsg)
|
||||
|
||||
for match in re.finditer(FI_ERROR_REGEX, page or ""):
|
||||
if randStr1.lower() in match.group(0).lower():
|
||||
infoMsg = "heuristic (FI) test shows that %s parameter " % paramType
|
||||
infoMsg += "'%s' might be vulnerable to file inclusion (FI) attacks" % parameter
|
||||
infoMsg = "heuristic (FI) test shows that %sparameter '%s' might be vulnerable to file inclusion (FI) attacks" % ("%s " % paramType if paramType != parameter else "", parameter)
|
||||
logger.info(infoMsg)
|
||||
break
|
||||
|
||||
|
@ -1147,7 +1144,7 @@ def checkDynParam(place, parameter, value):
|
|||
|
||||
paramType = conf.method if conf.method not in (None, HTTPMETHOD.GET, HTTPMETHOD.POST) else place
|
||||
|
||||
infoMsg = "testing if %s parameter '%s' is dynamic" % (paramType, parameter)
|
||||
infoMsg = "testing if %sparameter '%s' is dynamic" % ("%s " % paramType if paramType != parameter else "", parameter)
|
||||
logger.info(infoMsg)
|
||||
|
||||
try:
|
||||
|
|
|
@ -498,7 +498,7 @@ def start():
|
|||
if paramKey in kb.testedParams:
|
||||
testSqlInj = False
|
||||
|
||||
infoMsg = "skipping previously processed %s parameter '%s'" % (paramType, parameter)
|
||||
infoMsg = "skipping previously processed %sparameter '%s'" % ("%s " % paramType if paramType != parameter else "", parameter)
|
||||
logger.info(infoMsg)
|
||||
|
||||
elif any(_ in conf.testParameter for _ in (parameter, removePostHintPrefix(parameter))):
|
||||
|
@ -507,19 +507,19 @@ def start():
|
|||
elif parameter in conf.rParam:
|
||||
testSqlInj = False
|
||||
|
||||
infoMsg = "skipping randomizing %s parameter '%s'" % (paramType, parameter)
|
||||
infoMsg = "skipping randomizing %sparameter '%s'" % ("%s " % paramType if paramType != parameter else "", parameter)
|
||||
logger.info(infoMsg)
|
||||
|
||||
elif parameter in conf.skip or kb.postHint and parameter.split(' ')[-1] in conf.skip:
|
||||
testSqlInj = False
|
||||
|
||||
infoMsg = "skipping %s parameter '%s'" % (paramType, parameter)
|
||||
infoMsg = "skipping %sparameter '%s'" % ("%s " % paramType if paramType != parameter else "", parameter)
|
||||
logger.info(infoMsg)
|
||||
|
||||
elif conf.paramExclude and (re.search(conf.paramExclude, parameter, re.I) or kb.postHint and re.search(conf.paramExclude, parameter.split(' ')[-1], re.I)):
|
||||
testSqlInj = False
|
||||
|
||||
infoMsg = "skipping %s parameter '%s'" % (paramType, parameter)
|
||||
infoMsg = "skipping %sparameter '%s'" % ("%s " % paramType if paramType != parameter else "", parameter)
|
||||
logger.info(infoMsg)
|
||||
|
||||
elif conf.csrfToken and re.search(conf.csrfToken, parameter, re.I):
|
||||
|
@ -532,23 +532,23 @@ def start():
|
|||
elif conf.level < 4 and (parameter.upper() in IGNORE_PARAMETERS or any(_ in parameter.lower() for _ in CSRF_TOKEN_PARAMETER_INFIXES) or parameter.upper().startswith(GOOGLE_ANALYTICS_COOKIE_PREFIX)):
|
||||
testSqlInj = False
|
||||
|
||||
infoMsg = "ignoring %s parameter '%s'" % (paramType, parameter)
|
||||
infoMsg = "ignoring %sparameter '%s'" % ("%s " % paramType if paramType != parameter else "", parameter)
|
||||
logger.info(infoMsg)
|
||||
|
||||
elif PAYLOAD.TECHNIQUE.BOOLEAN in conf.tech or conf.skipStatic:
|
||||
check = checkDynParam(place, parameter, value)
|
||||
|
||||
if not check:
|
||||
warnMsg = "%s parameter '%s' does not appear to be dynamic" % (paramType, parameter)
|
||||
warnMsg = "%sparameter '%s' does not appear to be dynamic" % ("%s " % paramType if paramType != parameter else "", parameter)
|
||||
logger.warn(warnMsg)
|
||||
|
||||
if conf.skipStatic:
|
||||
infoMsg = "skipping static %s parameter '%s'" % (paramType, parameter)
|
||||
infoMsg = "skipping static %sparameter '%s'" % ("%s " % paramType if paramType != parameter else "", parameter)
|
||||
logger.info(infoMsg)
|
||||
|
||||
testSqlInj = False
|
||||
else:
|
||||
infoMsg = "%s parameter '%s' appears to be dynamic" % (paramType, parameter)
|
||||
infoMsg = "%sparameter '%s' appears to be dynamic" % ("%s " % paramType if paramType != parameter else "", parameter)
|
||||
logger.info(infoMsg)
|
||||
|
||||
kb.testedParams.add(paramKey)
|
||||
|
@ -563,12 +563,11 @@ def start():
|
|||
|
||||
if check != HEURISTIC_TEST.POSITIVE:
|
||||
if conf.smart or (kb.ignoreCasted and check == HEURISTIC_TEST.CASTED):
|
||||
infoMsg = "skipping %s parameter '%s'" % (paramType, parameter)
|
||||
infoMsg = "skipping %sparameter '%s'" % ("%s " % paramType if paramType != parameter else "", parameter)
|
||||
logger.info(infoMsg)
|
||||
continue
|
||||
|
||||
infoMsg = "testing for SQL injection on %s " % paramType
|
||||
infoMsg += "parameter '%s'" % parameter
|
||||
infoMsg = "testing for SQL injection on %sparameter '%s'" % ("%s " % paramType if paramType != parameter else "", parameter)
|
||||
logger.info(infoMsg)
|
||||
|
||||
injection = checkSqlInjection(place, parameter, value)
|
||||
|
@ -587,7 +586,7 @@ def start():
|
|||
if not proceed:
|
||||
break
|
||||
|
||||
msg = "%s parameter '%s' " % (injection.place, injection.parameter)
|
||||
msg = "%sparameter '%s' " % ("%s " % injection.place if injection.place != injection.parameter else "", injection.parameter)
|
||||
msg += "is vulnerable. Do you want to keep testing the others (if any)? [y/N] "
|
||||
|
||||
if not readInput(msg, default='N', boolean=True):
|
||||
|
@ -596,8 +595,7 @@ def start():
|
|||
kb.testedParams.add(paramKey)
|
||||
|
||||
if not injectable:
|
||||
warnMsg = "%s parameter '%s' does not seem to be " % (paramType, parameter)
|
||||
warnMsg += "injectable"
|
||||
warnMsg = "%sparameter '%s' does not seem to be injectable" % ("%s " % paramType if paramType != parameter else "", parameter)
|
||||
logger.warn(warnMsg)
|
||||
|
||||
finally:
|
||||
|
|
|
@ -679,7 +679,7 @@ def paramToDict(place, parameters=None):
|
|||
walk(deserialized)
|
||||
|
||||
if candidates:
|
||||
message = "it appears that provided value for %s parameter '%s' " % (place, parameter)
|
||||
message = "it appears that provided value for %sparameter '%s' " % ("%s " % place if place != parameter else "", parameter)
|
||||
message += "is JSON deserializable. Do you want to inject inside? [y/N] "
|
||||
|
||||
if readInput(message, default='N', boolean=True):
|
||||
|
@ -692,7 +692,7 @@ def paramToDict(place, parameters=None):
|
|||
pass
|
||||
|
||||
_ = re.sub(regex, r"\g<1>%s\g<%d>" % (kb.customInjectionMark, len(match.groups())), testableParameters[parameter])
|
||||
message = "it appears that provided value for %s parameter '%s' " % (place, parameter)
|
||||
message = "it appears that provided value for %sparameter '%s' " % ("%s " % place if place != parameter else "", parameter)
|
||||
message += "has boundaries. Do you want to inject inside? ('%s') [y/N] " % getUnicode(_)
|
||||
|
||||
if readInput(message, default='N', boolean=True):
|
||||
|
|
|
@ -18,7 +18,7 @@ from lib.core.enums import OS
|
|||
from thirdparty.six import unichr as _unichr
|
||||
|
||||
# sqlmap version (<major>.<minor>.<month>.<monthly commit>)
|
||||
VERSION = "1.3.5.121"
|
||||
VERSION = "1.3.5.122"
|
||||
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
|
||||
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
|
||||
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
|
||||
|
|
|
@ -407,7 +407,7 @@ def _setRequestParams():
|
|||
|
||||
for parameter in conf.paramDict.get(place, {}):
|
||||
if any(parameter.lower().count(_) for _ in CSRF_TOKEN_PARAMETER_INFIXES):
|
||||
message = "%s parameter '%s' appears to hold anti-CSRF token. " % (place, parameter)
|
||||
message = "%sparameter '%s' appears to hold anti-CSRF token. " % ("%s " % place if place != parameter else "", parameter)
|
||||
message += "Do you want sqlmap to automatically update it in further requests? [y/N] "
|
||||
|
||||
if readInput(message, default='N', boolean=True):
|
||||
|
|
Loading…
Reference in New Issue
Block a user