sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-08-23 21:44:44 +03:00
Code Issues Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'sqlmapproject/master'

Browse Source
This commit is contained in:
cxh852456 2015-10-26 11:17:10 +08:00
commit 3da14fd707
11 changed files with 60 additions and 43 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
lib/core/agent.py
View File

@ -124,11 +124,8 @@ class Agent(object):
if header.upper() == HTTP_HEADER.AUTHORIZATION.upper():
origValue = origValue.split(' ')[-1].split(':')[-1]
if conf.prefix:
value = origValue
if value is None:
if where == PAYLOAD.WHERE.ORIGINAL:
if where == PAYLOAD.WHERE.ORIGINAL or conf.prefix:
value = origValue
elif where == PAYLOAD.WHERE.NEGATIVE:
if conf.invalidLogical:

12
lib/core/common.py
View File

@ -202,7 +202,7 @@ class Format(object):
if versions is None and Backend.getVersionList():
versions = Backend.getVersionList()
return Backend.getDbms() if versions is None else "%s %s" % (Backend.getDbms(), " and ".join(v for v in versions))
return Backend.getDbms() if versions is None else "%s %s" % (Backend.getDbms(), " and ".join(filter(None, versions)))
@staticmethod
def getErrorParsedDBMSes():
@ -471,15 +471,17 @@ class Backend:
@staticmethod
def getVersion():
if len(kb.dbmsVersion) > 0:
return kb.dbmsVersion[0]
versions = filter(None, flattenValue(kb.dbmsVersion))
if not isNoneValue(versions):
return versions[0]
else:
return None
@staticmethod
def getVersionList():
if len(kb.dbmsVersion) > 0:
return kb.dbmsVersion
versions = filter(None, flattenValue(kb.dbmsVersion))
if not isNoneValue(versions):
return versions
else:
return None

2
lib/core/settings.py
View File

@ -563,7 +563,7 @@ VALID_TIME_CHARS_RUN_THRESHOLD = 100
CHECK_ZERO_COLUMNS_THRESHOLD = 10
# Boldify all logger messages containing these "patterns"
BOLD_PATTERNS = ("' injectable", "might be injectable", "' is vulnerable", "is not injectable", "test failed", "test passed", "live test final result", "test shows that", "the back-end DBMS is", "created Github", "blocked by the target server", "protection is involved")
BOLD_PATTERNS = ("' injectable", "provided empty", "leftover chars", "might be injectable", "' is vulnerable", "is not injectable", "test failed", "test passed", "live test final result", "test shows that", "the back-end DBMS is", "created Github", "blocked by the target server", "protection is involved")
# Generic www root directory names
GENERIC_DOC_ROOT_DIRECTORY_NAMES = ("htdocs", "httpdocs", "public", "wwwroot", "www")

17
lib/core/update.py
View File

@ -13,6 +13,7 @@ from subprocess import PIPE
from subprocess import Popen as execute
from lib.core.common import dataToStdout
from lib.core.common import getSafeExString
from lib.core.common import pollProcess
from lib.core.data import conf
from lib.core.data import logger
@ -26,9 +27,8 @@ def update():
return
success = False
rootDir = paths.SQLMAP_ROOT_PATH
if not os.path.exists(os.path.join(rootDir, ".git")):
if not os.path.exists(os.path.join(paths.SQLMAP_ROOT_PATH, ".git")):
errMsg = "not a git repository. Please checkout the 'sqlmapproject/sqlmap' repository "
errMsg += "from GitHub (e.g. 'git clone https://github.com/sqlmapproject/sqlmap.git sqlmap')"
logger.error(errMsg)
@ -41,10 +41,15 @@ def update():
logger.debug(debugMsg)
dataToStdout("\r[%s] [INFO] update in progress " % time.strftime("%X"))
process = execute("git checkout . && git pull %s HEAD" % GIT_REPOSITORY, shell=True, stdout=PIPE, stderr=PIPE)
pollProcess(process, True)
stdout, stderr = process.communicate()
success = not process.returncode
try:
process = execute("git checkout . && git pull %s HEAD" % GIT_REPOSITORY, shell=True, stdout=PIPE, stderr=PIPE, cwd=paths.SQLMAP_ROOT_PATH)
pollProcess(process, True)
stdout, stderr = process.communicate()
success = not process.returncode
except (IOError, OSError), ex:
success = False
stderr = getSafeExString(ex)
if success:
import lib.core.settings

5
lib/parse/payloads.py
View File

@ -9,6 +9,7 @@ import os
from xml.etree import ElementTree as et
from lib.core.common import getSafeExString
from lib.core.data import conf
from lib.core.data import paths
from lib.core.datatype import AttribDict
@ -74,7 +75,7 @@ def loadBoundaries():
doc = et.parse(paths.BOUNDARIES_XML)
except Exception, ex:
errMsg = "something seems to be wrong with "
errMsg += "the file '%s' ('%s'). Please make " % (paths.BOUNDARIES_XML, ex)
errMsg += "the file '%s' ('%s'). Please make " % (paths.BOUNDARIES_XML, getSafeExString(ex))
errMsg += "sure that you haven't made any changes to it"
raise SqlmapInstallationException, errMsg
@ -92,7 +93,7 @@ def loadPayloads():
doc = et.parse(payloadFilePath)
except Exception, ex:
errMsg = "something seems to be wrong with "
errMsg += "the file '%s' ('%s'). Please make " % (payloadFilePath, ex)
errMsg += "the file '%s' ('%s'). Please make " % (payloadFilePath, getSafeExString(ex))
errMsg += "sure that you haven't made any changes to it"
raise SqlmapInstallationException, errMsg

3
lib/request/basic.py
View File

@ -33,6 +33,7 @@ from lib.core.settings import EVENTVALIDATION_REGEX
from lib.core.settings import MAX_CONNECTION_TOTAL_SIZE
from lib.core.settings import META_CHARSET_REGEX
from lib.core.settings import PARSE_HEADERS_LIMIT
from lib.core.settings import UNICODE_ENCODING
from lib.core.settings import VIEWSTATE_REGEX
from lib.parse.headers import headersParser
from lib.parse.html import htmlParser
@ -197,7 +198,7 @@ def checkCharEncoding(encoding, warn=True):
# Reference: http://www.iana.org/assignments/character-sets
# Reference: http://docs.python.org/library/codecs.html
try:
codecs.lookup(encoding)
codecs.lookup(encoding.encode(UNICODE_ENCODING) if isinstance(encoding, unicode) else encoding)
except LookupError:
if warn:
warnMsg = "unknown web page charset '%s'. " % encoding

5
lib/request/comparison.py
View File

@ -53,6 +53,8 @@ def _comparison(page, headers, code, getRatioValue, pageLength):
if page is None and pageLength is None:
return None
count = 0
seqMatcher = threadData.seqMatcher
seqMatcher.set_seq1(kb.pageTemplate)
@ -122,7 +124,6 @@ def _comparison(page, headers, code, getRatioValue, pageLength):
seq1 = seq1.replace(REFLECTED_VALUE_MARKER, "")
seq2 = seq2.replace(REFLECTED_VALUE_MARKER, "")
count = 0
while count < min(len(seq1), len(seq2)):
if seq1[count] == seq2[count]:
count += 1
@ -160,7 +161,7 @@ def _comparison(page, headers, code, getRatioValue, pageLength):
# If the url is stable and we did not set yet the match ratio and the
# current injected value changes the url page content
if kb.matchRatio is None:
if ratio >= LOWER_RATIO_BOUND and ratio <= UPPER_RATIO_BOUND:
if (count or ratio >= LOWER_RATIO_BOUND) and ratio <= UPPER_RATIO_BOUND:
kb.matchRatio = ratio
logger.debug("setting match ratio for current parameter to %.3f" % kb.matchRatio)

2
lib/request/inject.py
View File

@ -190,7 +190,7 @@ def _goInferenceProxy(expression, fromUser=False, batch=False, unpack=True, char
countFirstField = queries[Backend.getIdentifiedDbms()].count.query % expressionFieldsList[0]
countedExpression = expression.replace(expressionFields, countFirstField, 1)
if " ORDER BY " in expression.upper():
if " ORDER BY " in countedExpression.upper():
_ = countedExpression.upper().rindex(" ORDER BY ")
countedExpression = countedExpression[:_]

12
lib/utils/hashdb.py
View File

@ -69,6 +69,7 @@ class HashDB(object):
def retrieve(self, key, unserialize=False):
retVal = None
if key and (self._write_cache or os.path.isfile(self.filepath)):
hash_ = HashDB.hashKey(key)
retVal = self._write_cache.get(hash_)
@ -86,7 +87,16 @@ class HashDB(object):
raise SqlmapDataException, errMsg
else:
break
return retVal if not unserialize else unserializeObject(retVal)
if unserialize:
try:
retVal = unserializeObject(retVal)
except:
warnMsg = "error occurred while unserializing value for session key '%s'. " % key
warnMsg += "If the problem persists please rerun with `--flush-session`"
logger.warn(warnMsg)
return retVal
def write(self, key, value, serialize=False):
if key:

4
xml/payloads/01_boolean_blind.xml
View File

@ -196,7 +196,7 @@ Tag: <test>
<vector>AND [INFERENCE]</vector>
<request>
<payload>AND [RANDNUM]=[RANDNUM]</payload>
<comment>-- </comment>
<comment>-- -</comment>
</request>
<response>
<comparison>AND [RANDNUM]=[RANDNUM1]</comparison>
@ -213,7 +213,7 @@ Tag: <test>
<vector>OR [INFERENCE]</vector>
<request>
<payload>OR [RANDNUM]=[RANDNUM]</payload>
<comment>-- </comment>
<comment>-- -</comment>
</request>
<response>
<comparison>OR [RANDNUM]=[RANDNUM1]</comparison>

36
xml/payloads/06_union_query.xml
View File

@ -12,7 +12,7 @@
<vector>[UNION]</vector>
<request>
<payload/>
<comment>-- </comment>
<comment>-- -</comment>
<char>[CHAR]</char>
<columns>[COLSTART]-[COLSTOP]</columns>
</request>
@ -31,7 +31,7 @@
<vector>[UNION]</vector>
<request>
<payload/>
<comment>-- </comment>
<comment>-- -</comment>
<char>NULL</char>
<columns>[COLSTART]-[COLSTOP]</columns>
</request>
@ -50,7 +50,7 @@
<vector>[UNION]</vector>
<request>
<payload/>
<comment>-- </comment>
<comment>-- -</comment>
<char>[RANDNUM]</char>
<columns>[COLSTART]-[COLSTOP]</columns>
</request>
@ -69,7 +69,7 @@
<vector>[UNION]</vector>
<request>
<payload/>
<comment>-- </comment>
<comment>-- -</comment>
<char>[CHAR]</char>
<columns>1-10</columns>
</request>
@ -88,7 +88,7 @@
<vector>[UNION]</vector>
<request>
<payload/>
<comment>-- </comment>
<comment>-- -</comment>
<char>NULL</char>
<columns>1-10</columns>
</request>
@ -107,7 +107,7 @@
<vector>[UNION]</vector>
<request>
<payload/>
<comment>-- </comment>
<comment>-- -</comment>
<char>[RANDNUM]</char>
<columns>1-10</columns>
</request>
@ -126,7 +126,7 @@
<vector>[UNION]</vector>
<request>
<payload/>
<comment>-- </comment>
<comment>-- -</comment>
<char>[CHAR]</char>
<columns>11-20</columns>
</request>
@ -145,7 +145,7 @@
<vector>[UNION]</vector>
<request>
<payload/>
<comment>-- </comment>
<comment>-- -</comment>
<char>NULL</char>
<columns>11-20</columns>
</request>
@ -164,7 +164,7 @@
<vector>[UNION]</vector>
<request>
<payload/>
<comment>-- </comment>
<comment>-- -</comment>
<char>[RANDNUM]</char>
<columns>11-20</columns>
</request>
@ -183,7 +183,7 @@
<vector>[UNION]</vector>
<request>
<payload/>
<comment>-- </comment>
<comment>-- -</comment>
<char>[CHAR]</char>
<columns>21-30</columns>
</request>
@ -202,7 +202,7 @@
<vector>[UNION]</vector>
<request>
<payload/>
<comment>-- </comment>
<comment>-- -</comment>
<char>NULL</char>
<columns>21-30</columns>
</request>
@ -221,7 +221,7 @@
<vector>[UNION]</vector>
<request>
<payload/>
<comment>-- </comment>
<comment>-- -</comment>
<char>[RANDNUM]</char>
<columns>21-30</columns>
</request>
@ -240,7 +240,7 @@
<vector>[UNION]</vector>
<request>
<payload/>
<comment>-- </comment>
<comment>-- -</comment>
<char>[CHAR]</char>
<columns>31-40</columns>
</request>
@ -259,7 +259,7 @@
<vector>[UNION]</vector>
<request>
<payload/>
<comment>-- </comment>
<comment>-- -</comment>
<char>NULL</char>
<columns>31-40</columns>
</request>
@ -278,7 +278,7 @@
<vector>[UNION]</vector>
<request>
<payload/>
<comment>-- </comment>
<comment>-- -</comment>
<char>[RANDNUM]</char>
<columns>31-40</columns>
</request>
@ -297,7 +297,7 @@
<vector>[UNION]</vector>
<request>
<payload/>
<comment>-- </comment>
<comment>-- -</comment>
<char>[CHAR]</char>
<columns>41-50</columns>
</request>
@ -315,7 +315,7 @@
<vector>[UNION]</vector>
<request>
<payload/>
<comment>-- </comment>
<comment>-- -</comment>
<char>NULL</char>
<columns>41-50</columns>
</request>
@ -334,7 +334,7 @@
<vector>[UNION]</vector>
<request>
<payload/>
<comment>-- </comment>
<comment>-- -</comment>
<char>[RANDNUM]</char>
<columns>41-50</columns>
</request>