sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-11-25 11:03:47 +03:00
Code Issues Packages Projects Releases Wiki Activity

update with a feature request (file with list of wordlist files)

Browse Source
This commit is contained in:
Miroslav Stampar 2011-06-30 08:42:43 +00:00
parent 366c2d279d
commit 43db6b03a7
2 changed files with 36 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/core/common.py
View File

@ -752,7 +752,7 @@ def readInput(message, default=None, checkBatch=True):
""" """
if "\n" in message: if "\n" in message:
message += "\n> " message += "%s> " % ("\n" if message.count("\n") > 1 else "")
elif message[-1] == ']': elif message[-1] == ']':
message += " " message += " "

41
lib/utils/hash.py
View File

@ -40,6 +40,7 @@ from lib.core.data import kb
from lib.core.data import logger from lib.core.data import logger
from lib.core.enums import DBMS from lib.core.enums import DBMS
from lib.core.enums import HASH from lib.core.enums import HASH
from lib.core.exception import sqlmapFilePathException
from lib.core.exception import sqlmapUserQuitException from lib.core.exception import sqlmapUserQuitException
from lib.core.settings import COMMON_PASSWORD_SUFFIXES from lib.core.settings import COMMON_PASSWORD_SUFFIXES
from lib.core.settings import DUMMY_USER_PREFIX from lib.core.settings import DUMMY_USER_PREFIX
@ -362,19 +363,43 @@ def dictionaryAttack(attack_dict):
continue continue
if not kb.wordlist: if not kb.wordlist:
if hash_regex == HASH.ORACLE_OLD: #it's the slowest of all methods hence smaller default dict
message = "what's the dictionary's location? [%s]" % paths.ORACLE_DEFAULT_PASSWD
dictpath = readInput(message, default=paths.ORACLE_DEFAULT_PASSWD)
while not kb.wordlist:
message = "what dictionary do you want to use?\n"
message += "[1] Default (Press Enter)\n"
message += "[2] Custom\n"
message += "[3] File with list of dictionary files"
choice = readInput(message, default="1")
try:
if choice == "2":
message = "what's the custom dictionary's location?\n"
dictPaths = [readInput(message)]
elif choice == "3":
message = "what's the list file location?\n"
listPath = readInput(message)
checkFile(listPath)
dictPaths = getFileItems(listPath)
else: else:
message = "what's the dictionary's location? [%s]" % paths.WORDLIST if hash_regex == HASH.ORACLE_OLD: #it's the slowest of all methods hence smaller default dict
dictpath = readInput(message, default=paths.WORDLIST) dictPaths = [paths.ORACLE_DEFAULT_PASSWD]
else:
dictPaths = [paths.WORDLIST]
checkFile(dictpath) kb.wordlist = []
infoMsg = "loading dictionary from: '%s'" % dictpath for dictPath in dictPaths:
checkFile(dictPath)
infoMsg = "loading dictionary from: '%s'" % dictPath
logger.info(infoMsg) logger.info(infoMsg)
kb.wordlist = getFileItems(dictpath, None, False)
kb.wordlist.extend(getFileItems(dictPath, None, False))
except sqlmapFilePathException, msg:
warnMsg = "there was a problem while loading dictionaries"
warnMsg += " ('%s')" % msg
logger.critical(warnMsg)
message = "do you want to use common password suffixes? (slow!) [y/N] " message = "do you want to use common password suffixes? (slow!) [y/N] "
test = readInput(message, default="N") test = readInput(message, default="N")