mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2025-02-16 19:40:37 +03:00
solve problem of saving result of --sql-query in CSV file
This commit is contained in:
parent
853cb3fa06
commit
4851c69b2a
|
@ -1,45 +1,45 @@
|
|||
icmpsh - simple reverse ICMP shell
|
||||
|
||||
icmpsh is a simple reverse ICMP shell with a win32 slave and a POSIX compatible master in C or Perl.
|
||||
|
||||
|
||||
--- Running the Master ---
|
||||
|
||||
The master is straight forward to use. There are no extra libraries required for the C version.
|
||||
The Perl master however has the following dependencies:
|
||||
|
||||
* IO::Socket
|
||||
* NetPacket::IP
|
||||
* NetPacket::ICMP
|
||||
|
||||
|
||||
When running the master, don't forget to disable ICMP replies by the OS. For example:
|
||||
|
||||
sysctl -w net.ipv4.icmp_echo_ignore_all=1
|
||||
|
||||
If you miss doing that, you will receive information from the slave, but the slave is unlikely to receive
|
||||
commands send from the master.
|
||||
|
||||
|
||||
--- Running the Slave ---
|
||||
|
||||
The slave comes with a few command line options as outlined below:
|
||||
|
||||
|
||||
-t host host ip address to send ping requests to. This option is mandatory!
|
||||
|
||||
-r send a single test icmp request containing the string "Test1234" and then quit.
|
||||
This is for testing the connection.
|
||||
|
||||
-d milliseconds delay between requests in milliseconds
|
||||
|
||||
-o milliseconds timeout of responses in milliseconds. If a response has not received in time,
|
||||
the slave will increase a counter of blanks. If that counter reaches a limit, the slave will quit.
|
||||
The counter is set back to 0 if a response was received.
|
||||
|
||||
-b num limit of blanks (unanswered icmp requests before quitting
|
||||
|
||||
-s bytes maximal data buffer size in bytes
|
||||
|
||||
|
||||
In order to improve the speed, lower the delay (-d) between requests or increase the size (-s) of the data buffer.
|
||||
icmpsh - simple reverse ICMP shell
|
||||
|
||||
icmpsh is a simple reverse ICMP shell with a win32 slave and a POSIX compatible master in C or Perl.
|
||||
|
||||
|
||||
--- Running the Master ---
|
||||
|
||||
The master is straight forward to use. There are no extra libraries required for the C version.
|
||||
The Perl master however has the following dependencies:
|
||||
|
||||
* IO::Socket
|
||||
* NetPacket::IP
|
||||
* NetPacket::ICMP
|
||||
|
||||
|
||||
When running the master, don't forget to disable ICMP replies by the OS. For example:
|
||||
|
||||
sysctl -w net.ipv4.icmp_echo_ignore_all=1
|
||||
|
||||
If you miss doing that, you will receive information from the slave, but the slave is unlikely to receive
|
||||
commands send from the master.
|
||||
|
||||
|
||||
--- Running the Slave ---
|
||||
|
||||
The slave comes with a few command line options as outlined below:
|
||||
|
||||
|
||||
-t host host ip address to send ping requests to. This option is mandatory!
|
||||
|
||||
-r send a single test icmp request containing the string "Test1234" and then quit.
|
||||
This is for testing the connection.
|
||||
|
||||
-d milliseconds delay between requests in milliseconds
|
||||
|
||||
-o milliseconds timeout of responses in milliseconds. If a response has not received in time,
|
||||
the slave will increase a counter of blanks. If that counter reaches a limit, the slave will quit.
|
||||
The counter is set back to 0 if a response was received.
|
||||
|
||||
-b num limit of blanks (unanswered icmp requests before quitting
|
||||
|
||||
-s bytes maximal data buffer size in bytes
|
||||
|
||||
|
||||
In order to improve the speed, lower the delay (-d) between requests or increase the size (-s) of the data buffer.
|
||||
|
|
142
ok.py
Normal file
142
ok.py
Normal file
|
@ -0,0 +1,142 @@
|
|||
import subprocess
|
||||
from datetime import datetime
|
||||
import sys
|
||||
import os
|
||||
import csv
|
||||
import re
|
||||
from urllib.parse import urlparse
|
||||
|
||||
#****************************************************************************************
|
||||
# this function verify if the argument given is an URL
|
||||
def est_url(url):
|
||||
try:
|
||||
result=urlparse(url)
|
||||
return all([result.scheme, result.netloc])
|
||||
except Exception as e:
|
||||
return False
|
||||
|
||||
# this function verify if the argument given is a request
|
||||
def est_requete(req):
|
||||
exp_reg= expression_reguliere = re.compile(
|
||||
r'\b(SELECT|UPDATE|DELETE|INSERT INTO|CREATE|ALTER|DROP|GRANT|REVOKE)\b',
|
||||
re.IGNORECASE)
|
||||
return re.search(exp_reg,req) is not None
|
||||
|
||||
#*****************************************************************************************
|
||||
|
||||
# read the arguements
|
||||
arg=sys.argv
|
||||
|
||||
#*****************************************************************************************
|
||||
#verify if the arguments given are correct or not
|
||||
|
||||
if (('-u' in arg)and('--sql-query' in arg)):
|
||||
if (est_url(arg[2])):
|
||||
if (est_requete(arg[-1])):
|
||||
commande_sqlmap = ['python','sqlmap.py']+arg[1:]
|
||||
else:
|
||||
print("verify your request")
|
||||
exit()
|
||||
else:
|
||||
print("verify your URL")
|
||||
exit()
|
||||
else:
|
||||
print("Verify that you input correctly -u or --sql-query")
|
||||
exit()
|
||||
|
||||
#*****************************************************************************************
|
||||
|
||||
#*****************************************************************************************
|
||||
#extract the name of columns from the request
|
||||
deb="SELECT"
|
||||
fin="FROM"
|
||||
|
||||
#find the start point of the ""deb"" variable in the request
|
||||
temp1=(arg[-1].upper()).find(deb)
|
||||
|
||||
#find the start point of the ""fin"" variable in the request
|
||||
temp2=(arg[-1].upper()).find(fin)
|
||||
|
||||
#select the request from the arguments given bu the user in command line
|
||||
temp_res=arg[-1]
|
||||
|
||||
#start selection of the columns names after the ""deb"" variable
|
||||
T=len(deb)-temp1+1
|
||||
temp_res=temp_res[T:temp2]
|
||||
|
||||
#split the String that contains columns name
|
||||
temp_res=(temp_res.strip()).split(',')
|
||||
|
||||
#******************************************************************************************
|
||||
|
||||
#******************************************************************************************
|
||||
#process the request
|
||||
|
||||
res=subprocess.check_output(commande_sqlmap)
|
||||
|
||||
#res=subprocess.run(commande_sqlmap,capture_output=True, text=True)
|
||||
|
||||
#view the result of processing the resquest
|
||||
res = res.decode('utf-8')
|
||||
print(res)
|
||||
|
||||
|
||||
# Select actuel time
|
||||
heure_actuelle = datetime.now()
|
||||
heure_formattee = heure_actuelle.strftime("%H:%M:%S")
|
||||
|
||||
# ""m_deb"" variable is a string that represents the start point of showing the result of the request
|
||||
m_deb="["+str(heure_formattee)+"]"+" [INFO] fetching SQL SELECT statement query output:"
|
||||
|
||||
# ""m_fin"" variable is a string that represents the end point point of showing the result of the request
|
||||
m_fin="["+str(heure_formattee)+"]"+" [INFO] fetched data logged to text files under"
|
||||
|
||||
#""debut_message"" contains the position of the ""m_deb"" variable in the result
|
||||
debut_message = res.find(m_deb)
|
||||
|
||||
#""fin_message"" contains the position of the ""m_fin"" variable in the result
|
||||
fin_message = res.find(m_fin)
|
||||
|
||||
#select a part of the result that is between ""m_deb"" variable and ""m_fin"" variable
|
||||
message = res[debut_message:fin_message].strip()
|
||||
|
||||
|
||||
lignes = message.splitlines()
|
||||
|
||||
# ""donnees_sauvegarder"" variable is a list of dictionaries
|
||||
donnees_sauvegarder = []
|
||||
|
||||
# loop on the ""lignes"" variable
|
||||
for ligne in lignes:
|
||||
# verify if this line contain [*]
|
||||
if ligne.startswith("[*]"):
|
||||
# extract data after '[*]'
|
||||
v_temp=(ligne[4:].strip()).split(',')
|
||||
d_temp={}
|
||||
for i in range(len(temp_res)):
|
||||
# add for every column from ""temp_res"" variable a value from ""v_temp"" variable
|
||||
d_temp.update({temp_res[i]:v_temp[i]})
|
||||
|
||||
# add the dictionarie in the list
|
||||
donnees_sauvegarder.append(d_temp)
|
||||
|
||||
#*****************************************************************************************************
|
||||
|
||||
# create a file named ""data_save.csv"" in same repositories with this script file
|
||||
|
||||
file_csv="data_save.csv"
|
||||
|
||||
if(len(donnees_sauvegarder)!=0):# if the process of the request send data
|
||||
with open(file_csv,mode='w',newline='') as file_csv:
|
||||
# write the header of this CSV file
|
||||
writer=csv.DictWriter(file_csv,fieldnames=temp_res)
|
||||
writer.writeheader()
|
||||
# loop on the list of dictionaries named ""donnees_sauvegarder"" to wite its content on the CSV file
|
||||
for part in donnees_sauvegarder:
|
||||
writer.writerow(part)
|
||||
# if the data is successfully saved in the CSV file this message show the place of the file
|
||||
print("data saved in csv format under "+"'"+os.path.realpath("data_save.csv")+"'")
|
||||
else:
|
||||
print("data don't exist to create CSV file")
|
||||
|
||||
#********************************************************************************************************
|
Loading…
Reference in New Issue
Block a user