mirror of
				https://github.com/sqlmapproject/sqlmap.git
				synced 2025-10-26 05:31:04 +03:00 
			
		
		
		
	Adding a more user friendly (copy-pastable) client example for sqlmapapi client
This commit is contained in:
		
							parent
							
								
									59a3407322
								
							
						
					
					
						commit
						3c23d616e7
					
				|  | @ -103,7 +103,6 @@ class Database(object): | ||||||
| class Task(object): | class Task(object): | ||||||
|     def __init__(self, taskid): |     def __init__(self, taskid): | ||||||
|         self.process = None |         self.process = None | ||||||
|         self.temporary_directory = False |  | ||||||
|         self.output_directory = None |         self.output_directory = None | ||||||
|         self.options = None |         self.options = None | ||||||
|         self._original_options = None |         self._original_options = None | ||||||
|  | @ -143,26 +142,6 @@ class Task(object): | ||||||
|     def reset_options(self): |     def reset_options(self): | ||||||
|         self.options = AttribDict(self._original_options) |         self.options = AttribDict(self._original_options) | ||||||
| 
 | 
 | ||||||
|     def set_output_directory(self): |  | ||||||
|         if self.get_option("outputDir"): |  | ||||||
|             if os.path.isdir(self.get_option("outputDir")): |  | ||||||
|                 self.output_directory = self.get_option("outputDir") |  | ||||||
|             else: |  | ||||||
|                 try: |  | ||||||
|                     os.makedirs(self.get_option("outputDir")) |  | ||||||
|                     self.output_directory = self.get_option("outputDir") |  | ||||||
|                 except OSError: |  | ||||||
|                     pass |  | ||||||
| 
 |  | ||||||
|         if not self.output_directory or not os.path.isdir(self.output_directory): |  | ||||||
|             self.output_directory = tempfile.mkdtemp(prefix="sqlmapoutput-") |  | ||||||
|             self.temporary_directory = True |  | ||||||
|             self.set_option("outputDir", self.output_directory) |  | ||||||
| 
 |  | ||||||
|     def clean_filesystem(self): |  | ||||||
|         if self.output_directory and self.temporary_directory: |  | ||||||
|             shutil.rmtree(self.output_directory) |  | ||||||
| 
 |  | ||||||
|     def engine_start(self): |     def engine_start(self): | ||||||
|         self.process = Popen(["python", "sqlmap.py", "--pickled-options", base64pickle(self.options)], |         self.process = Popen(["python", "sqlmap.py", "--pickled-options", base64pickle(self.options)], | ||||||
|                              shell=False, stdin=PIPE, close_fds=False) |                              shell=False, stdin=PIPE, close_fds=False) | ||||||
|  | @ -354,7 +333,6 @@ def task_delete(taskid): | ||||||
|     Delete own task ID |     Delete own task ID | ||||||
|     """ |     """ | ||||||
|     if taskid in DataStore.tasks: |     if taskid in DataStore.tasks: | ||||||
|         DataStore.tasks[taskid].clean_filesystem() |  | ||||||
|         DataStore.tasks.pop(taskid) |         DataStore.tasks.pop(taskid) | ||||||
| 
 | 
 | ||||||
|         logger.debug("[%s] Deleted task" % taskid) |         logger.debug("[%s] Deleted task" % taskid) | ||||||
|  | @ -388,9 +366,6 @@ def task_flush(taskid): | ||||||
|     Flush task spool (delete all tasks) |     Flush task spool (delete all tasks) | ||||||
|     """ |     """ | ||||||
|     if is_admin(taskid): |     if is_admin(taskid): | ||||||
|         for task in DataStore.tasks: |  | ||||||
|             DataStore.tasks[task].clean_filesystem() |  | ||||||
| 
 |  | ||||||
|         DataStore.tasks = dict() |         DataStore.tasks = dict() | ||||||
|         logger.debug("[%s] Flushed task pool" % taskid) |         logger.debug("[%s] Flushed task pool" % taskid) | ||||||
|         return jsonize({"success": True}) |         return jsonize({"success": True}) | ||||||
|  | @ -466,9 +441,6 @@ def scan_start(taskid): | ||||||
|     for option, value in request.json.items(): |     for option, value in request.json.items(): | ||||||
|         DataStore.tasks[taskid].set_option(option, value) |         DataStore.tasks[taskid].set_option(option, value) | ||||||
| 
 | 
 | ||||||
|     # Overwrite output directory value to a temporary directory |  | ||||||
|     DataStore.tasks[taskid].set_output_directory() |  | ||||||
| 
 |  | ||||||
|     # Launch sqlmap engine in a separate process |     # Launch sqlmap engine in a separate process | ||||||
|     DataStore.tasks[taskid].engine_start() |     DataStore.tasks[taskid].engine_start() | ||||||
| 
 | 
 | ||||||
|  | @ -663,9 +635,9 @@ def client(host=RESTAPI_SERVER_HOST, port=RESTAPI_SERVER_PORT): | ||||||
| 
 | 
 | ||||||
|     # TODO: write a simple client with requests, for now use curl from command line |     # TODO: write a simple client with requests, for now use curl from command line | ||||||
|     logger.error("Not yet implemented, use curl from command line instead for now, for example:") |     logger.error("Not yet implemented, use curl from command line instead for now, for example:") | ||||||
|     print "\n\t$ curl http://%s:%d/task/new" % (host, port) |     print "\n\t$ taskid=$(curl http://%s:%d/task/new 2>1 | grep -o -I '[a-f0-9]\{16\}') && echo $taskid" % (host, port) | ||||||
|     print ("\t$ curl -H \"Content-Type: application/json\" " |     print ("\t$ curl -H \"Content-Type: application/json\" " | ||||||
|            "-X POST -d '{\"url\": \"http://testphp.vulnweb.com/artists.php?artist=1\"}' " |            "-X POST -d '{\"url\": \"http://testphp.vulnweb.com/artists.php?artist=1\"}' " | ||||||
|            "http://%s:%d/scan/:taskid/start") % (host, port) |            "http://%s:%d/scan/$taskid/start") % (host, port) | ||||||
|     print "\t$ curl http://%s:%d/scan/:taskid/data" % (host, port) |     print "\t$ curl http://%s:%d/scan/$taskid/data" % (host, port) | ||||||
|     print "\t$ curl http://%s:%d/scan/:taskid/log\n" % (host, port) |     print "\t$ curl http://%s:%d/scan/$taskid/log\n" % (host, port) | ||||||
|  |  | ||||||
		Loading…
	
		Reference in New Issue
	
	Block a user