mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2024-11-29 04:53:48 +03:00
update with a feature request (file with list of wordlist files)
This commit is contained in:
parent
366c2d279d
commit
43db6b03a7
|
@ -752,7 +752,7 @@ def readInput(message, default=None, checkBatch=True):
|
||||||
"""
|
"""
|
||||||
|
|
||||||
if "\n" in message:
|
if "\n" in message:
|
||||||
message += "\n> "
|
message += "%s> " % ("\n" if message.count("\n") > 1 else "")
|
||||||
elif message[-1] == ']':
|
elif message[-1] == ']':
|
||||||
message += " "
|
message += " "
|
||||||
|
|
||||||
|
|
|
@ -40,6 +40,7 @@ from lib.core.data import kb
|
||||||
from lib.core.data import logger
|
from lib.core.data import logger
|
||||||
from lib.core.enums import DBMS
|
from lib.core.enums import DBMS
|
||||||
from lib.core.enums import HASH
|
from lib.core.enums import HASH
|
||||||
|
from lib.core.exception import sqlmapFilePathException
|
||||||
from lib.core.exception import sqlmapUserQuitException
|
from lib.core.exception import sqlmapUserQuitException
|
||||||
from lib.core.settings import COMMON_PASSWORD_SUFFIXES
|
from lib.core.settings import COMMON_PASSWORD_SUFFIXES
|
||||||
from lib.core.settings import DUMMY_USER_PREFIX
|
from lib.core.settings import DUMMY_USER_PREFIX
|
||||||
|
@ -362,19 +363,43 @@ def dictionaryAttack(attack_dict):
|
||||||
continue
|
continue
|
||||||
|
|
||||||
if not kb.wordlist:
|
if not kb.wordlist:
|
||||||
if hash_regex == HASH.ORACLE_OLD: #it's the slowest of all methods hence smaller default dict
|
|
||||||
message = "what's the dictionary's location? [%s]" % paths.ORACLE_DEFAULT_PASSWD
|
|
||||||
dictpath = readInput(message, default=paths.ORACLE_DEFAULT_PASSWD)
|
|
||||||
|
|
||||||
else:
|
while not kb.wordlist:
|
||||||
message = "what's the dictionary's location? [%s]" % paths.WORDLIST
|
message = "what dictionary do you want to use?\n"
|
||||||
dictpath = readInput(message, default=paths.WORDLIST)
|
message += "[1] Default (Press Enter)\n"
|
||||||
|
message += "[2] Custom\n"
|
||||||
|
message += "[3] File with list of dictionary files"
|
||||||
|
choice = readInput(message, default="1")
|
||||||
|
|
||||||
checkFile(dictpath)
|
try:
|
||||||
|
if choice == "2":
|
||||||
|
message = "what's the custom dictionary's location?\n"
|
||||||
|
dictPaths = [readInput(message)]
|
||||||
|
elif choice == "3":
|
||||||
|
message = "what's the list file location?\n"
|
||||||
|
listPath = readInput(message)
|
||||||
|
checkFile(listPath)
|
||||||
|
dictPaths = getFileItems(listPath)
|
||||||
|
else:
|
||||||
|
if hash_regex == HASH.ORACLE_OLD: #it's the slowest of all methods hence smaller default dict
|
||||||
|
dictPaths = [paths.ORACLE_DEFAULT_PASSWD]
|
||||||
|
else:
|
||||||
|
dictPaths = [paths.WORDLIST]
|
||||||
|
|
||||||
infoMsg = "loading dictionary from: '%s'" % dictpath
|
kb.wordlist = []
|
||||||
logger.info(infoMsg)
|
|
||||||
kb.wordlist = getFileItems(dictpath, None, False)
|
for dictPath in dictPaths:
|
||||||
|
checkFile(dictPath)
|
||||||
|
|
||||||
|
infoMsg = "loading dictionary from: '%s'" % dictPath
|
||||||
|
logger.info(infoMsg)
|
||||||
|
|
||||||
|
kb.wordlist.extend(getFileItems(dictPath, None, False))
|
||||||
|
|
||||||
|
except sqlmapFilePathException, msg:
|
||||||
|
warnMsg = "there was a problem while loading dictionaries"
|
||||||
|
warnMsg += " ('%s')" % msg
|
||||||
|
logger.critical(warnMsg)
|
||||||
|
|
||||||
message = "do you want to use common password suffixes? (slow!) [y/N] "
|
message = "do you want to use common password suffixes? (slow!) [y/N] "
|
||||||
test = readInput(message, default="N")
|
test = readInput(message, default="N")
|
||||||
|
|
Loading…
Reference in New Issue
Block a user