diff --git a/lib/controller/checks.py b/lib/controller/checks.py index 21cd0af22..69bbc2fea 100644 --- a/lib/controller/checks.py +++ b/lib/controller/checks.py @@ -78,9 +78,10 @@ from lib.core.settings import DUMMY_NON_SQLI_CHECK_APPENDIX from lib.core.settings import FI_ERROR_REGEX from lib.core.settings import FORMAT_EXCEPTION_STRINGS from lib.core.settings import HEURISTIC_CHECK_ALPHABET +from lib.core.settings import INFERENCE_EQUALS_CHAR from lib.core.settings import IPS_WAF_CHECK_PAYLOAD -from lib.core.settings import IDS_WAF_CHECK_RATIO -from lib.core.settings import IDS_WAF_CHECK_TIMEOUT +from lib.core.settings import IPS_WAF_CHECK_RATIO +from lib.core.settings import IPS_WAF_CHECK_TIMEOUT from lib.core.settings import MAX_DIFFLIB_SEQUENCE_LENGTH from lib.core.settings import NON_SQLI_CHECK_PREFIX_SUFFIX_LENGTH from lib.core.settings import PRECONNECT_INCOMPATIBLE_SERVERS @@ -89,9 +90,8 @@ from lib.core.settings import SLEEP_TIME_MARKER from lib.core.settings import SUHOSIN_MAX_VALUE_LENGTH from lib.core.settings import SUPPORTED_DBMS from lib.core.settings import UNICODE_ENCODING -from lib.core.settings import URI_HTTP_HEADER from lib.core.settings import UPPER_RATIO_BOUND -from lib.core.settings import INFERENCE_EQUALS_CHAR +from lib.core.settings import URI_HTTP_HEADER from lib.core.threads import getCurrentThreadData from lib.request.connect import Connect as Request from lib.request.comparison import comparison @@ -1381,10 +1381,10 @@ def checkWaf(): kb.redirectChoice = REDIRECTION.YES kb.resendPostOnRedirect = False - conf.timeout = IDS_WAF_CHECK_TIMEOUT + conf.timeout = IPS_WAF_CHECK_TIMEOUT try: - retVal = (Request.queryPage(place=place, value=value, getRatioValue=True, noteResponseTime=False, silent=True, raise404=False, disableTampering=True)[1] or 0) < IDS_WAF_CHECK_RATIO + retVal = (Request.queryPage(place=place, value=value, getRatioValue=True, noteResponseTime=False, silent=True, raise404=False, disableTampering=True)[1] or 0) < IPS_WAF_CHECK_RATIO except SqlmapConnectionException: retVal = True finally: diff --git a/lib/controller/controller.py b/lib/controller/controller.py index 95620b801..a17f922e7 100644 --- a/lib/controller/controller.py +++ b/lib/controller/controller.py @@ -12,14 +12,14 @@ import re import time from lib.controller.action import action -from lib.controller.checks import checkSqlInjection -from lib.controller.checks import checkDynParam -from lib.controller.checks import checkStability -from lib.controller.checks import checkString -from lib.controller.checks import checkRegexp from lib.controller.checks import checkConnection +from lib.controller.checks import checkDynParam from lib.controller.checks import checkInternet from lib.controller.checks import checkNullConnection +from lib.controller.checks import checkRegexp +from lib.controller.checks import checkSqlInjection +from lib.controller.checks import checkStability +from lib.controller.checks import checkString from lib.controller.checks import checkWaf from lib.controller.checks import heuristicCheckSqlInjection from lib.core.agent import agent @@ -40,8 +40,8 @@ from lib.core.common import readInput from lib.core.common import removePostHintPrefix from lib.core.common import safeCSValue from lib.core.common import showHttpErrorCodes -from lib.core.common import urlencode from lib.core.common import urldecode +from lib.core.common import urlencode from lib.core.compat import xrange from lib.core.data import conf from lib.core.data import kb @@ -61,16 +61,16 @@ from lib.core.exception import SqlmapNotVulnerableException from lib.core.exception import SqlmapSilentQuitException from lib.core.exception import SqlmapSkipTargetException from lib.core.exception import SqlmapSystemException -from lib.core.exception import SqlmapValueException from lib.core.exception import SqlmapUserQuitException +from lib.core.exception import SqlmapValueException from lib.core.settings import ASP_NET_CONTROL_REGEX from lib.core.settings import CSRF_TOKEN_PARAMETER_INFIXES from lib.core.settings import DEFAULT_GET_POST_DELIMITER from lib.core.settings import EMPTY_FORM_FIELDS_REGEX -from lib.core.settings import IGNORE_PARAMETERS -from lib.core.settings import LOW_TEXT_PERCENT from lib.core.settings import GOOGLE_ANALYTICS_COOKIE_PREFIX from lib.core.settings import HOST_ALIASES +from lib.core.settings import IGNORE_PARAMETERS +from lib.core.settings import LOW_TEXT_PERCENT from lib.core.settings import REFERER_ALIASES from lib.core.settings import USER_AGENT_ALIASES from lib.core.target import initTargetEnv diff --git a/lib/core/common.py b/lib/core/common.py index bfd1aa209..2e11945ba 100644 --- a/lib/core/common.py +++ b/lib/core/common.py @@ -73,8 +73,8 @@ from lib.core.dicts import DEFAULT_DOC_ROOTS from lib.core.dicts import OBSOLETE_OPTIONS from lib.core.dicts import SQL_STATEMENTS from lib.core.enums import ADJUST_TIME_DELAY -from lib.core.enums import CONTENT_STATUS from lib.core.enums import CHARSET_TYPE +from lib.core.enums import CONTENT_STATUS from lib.core.enums import DBMS from lib.core.enums import EXPECTED from lib.core.enums import HEURISTIC_TEST @@ -92,9 +92,9 @@ from lib.core.enums import SORT_ORDER from lib.core.exception import SqlmapBaseException from lib.core.exception import SqlmapDataException from lib.core.exception import SqlmapGenericException -from lib.core.exception import SqlmapNoneDataException from lib.core.exception import SqlmapInstallationException from lib.core.exception import SqlmapMissingDependence +from lib.core.exception import SqlmapNoneDataException from lib.core.exception import SqlmapSilentQuitException from lib.core.exception import SqlmapSyntaxException from lib.core.exception import SqlmapSystemException @@ -110,9 +110,9 @@ from lib.core.settings import BRUTE_DOC_ROOT_SUFFIXES from lib.core.settings import BRUTE_DOC_ROOT_TARGET_MARK from lib.core.settings import BURP_REQUEST_REGEX from lib.core.settings import BURP_XML_HISTORY_REGEX -from lib.core.settings import DBMS_DIRECTORY_DICT from lib.core.settings import CRAWL_EXCLUDE_EXTENSIONS from lib.core.settings import CUSTOM_INJECTION_MARK_CHAR +from lib.core.settings import DBMS_DIRECTORY_DICT from lib.core.settings import DEFAULT_COOKIE_DELIMITER from lib.core.settings import DEFAULT_GET_POST_DELIMITER from lib.core.settings import DEFAULT_MSSQL_SCHEMA diff --git a/lib/core/decorators.py b/lib/core/decorators.py index cab8548f4..6de10a77c 100644 --- a/lib/core/decorators.py +++ b/lib/core/decorators.py @@ -9,9 +9,9 @@ import functools import hashlib import threading +from lib.core.datatype import LRUDict from lib.core.settings import MAX_CACHE_ITEMS from lib.core.settings import UNICODE_ENCODING -from lib.core.datatype import LRUDict from lib.core.threads import getCurrentThreadData _lock = threading.Lock() diff --git a/lib/core/dicts.py b/lib/core/dicts.py index e7b8fbe0f..d0b85ff0c 100644 --- a/lib/core/dicts.py +++ b/lib/core/dicts.py @@ -9,21 +9,21 @@ from lib.core.enums import CONTENT_TYPE from lib.core.enums import DBMS from lib.core.enums import OS from lib.core.enums import POST_HINT +from lib.core.settings import ACCESS_ALIASES from lib.core.settings import BLANK -from lib.core.settings import NULL +from lib.core.settings import DB2_ALIASES +from lib.core.settings import FIREBIRD_ALIASES +from lib.core.settings import H2_ALIASES +from lib.core.settings import HSQLDB_ALIASES +from lib.core.settings import INFORMIX_ALIASES +from lib.core.settings import MAXDB_ALIASES from lib.core.settings import MSSQL_ALIASES from lib.core.settings import MYSQL_ALIASES -from lib.core.settings import PGSQL_ALIASES +from lib.core.settings import NULL from lib.core.settings import ORACLE_ALIASES +from lib.core.settings import PGSQL_ALIASES from lib.core.settings import SQLITE_ALIASES -from lib.core.settings import ACCESS_ALIASES -from lib.core.settings import FIREBIRD_ALIASES -from lib.core.settings import MAXDB_ALIASES from lib.core.settings import SYBASE_ALIASES -from lib.core.settings import DB2_ALIASES -from lib.core.settings import HSQLDB_ALIASES -from lib.core.settings import H2_ALIASES -from lib.core.settings import INFORMIX_ALIASES FIREBIRD_TYPES = { 261: "BLOB", diff --git a/lib/core/dump.py b/lib/core/dump.py index 6c6580075..3fd31b1fb 100644 --- a/lib/core/dump.py +++ b/lib/core/dump.py @@ -13,6 +13,7 @@ import shutil import tempfile import threading +from extra.safe2bin.safe2bin import safechardecode from lib.core.common import Backend from lib.core.common import checkFile from lib.core.common import dataToDumpFile @@ -39,8 +40,8 @@ from lib.core.enums import CONTENT_TYPE from lib.core.enums import DBMS from lib.core.enums import DUMP_FORMAT from lib.core.exception import SqlmapGenericException -from lib.core.exception import SqlmapValueException from lib.core.exception import SqlmapSystemException +from lib.core.exception import SqlmapValueException from lib.core.replication import Replication from lib.core.settings import DUMP_FILE_BUFFER_SIZE from lib.core.settings import HTML_DUMP_CSS_STYLE @@ -55,8 +56,6 @@ from lib.core.settings import WINDOWS_RESERVED_NAMES from thirdparty import six from thirdparty.magic import magic -from extra.safe2bin.safe2bin import safechardecode - class Dump(object): """ This class defines methods used to parse and output the results diff --git a/lib/core/option.py b/lib/core/option.py index 08e1494b3..b132ab2de 100644 --- a/lib/core/option.py +++ b/lib/core/option.py @@ -26,8 +26,6 @@ from lib.core.common import boldifyMessage from lib.core.common import checkFile from lib.core.common import dataToStdout from lib.core.common import decodeStringEscape -from lib.core.common import getPublicTypeMembers -from lib.core.common import getSafeExString from lib.core.common import fetchRandomAgent from lib.core.common import filterNone from lib.core.common import findLocalPort @@ -35,6 +33,8 @@ from lib.core.common import findPageForms from lib.core.common import getConsoleWidth from lib.core.common import getFileItems from lib.core.common import getFileType +from lib.core.common import getPublicTypeMembers +from lib.core.common import getSafeExString from lib.core.common import intersect from lib.core.common import normalizePath from lib.core.common import ntToPosixSlashes @@ -134,19 +134,19 @@ from lib.parse.payloads import loadBoundaries from lib.parse.payloads import loadPayloads from lib.parse.sitemap import parseSitemap from lib.request.basic import checkCharEncoding -from lib.request.connect import Connect as Request -from lib.request.dns import DNSServer from lib.request.basicauthhandler import SmartHTTPBasicAuthHandler from lib.request.chunkedhandler import ChunkedHandler +from lib.request.connect import Connect as Request +from lib.request.dns import DNSServer from lib.request.httpshandler import HTTPSHandler from lib.request.pkihandler import HTTPSPKIAuthHandler from lib.request.rangehandler import HTTPRangeHandler from lib.request.redirecthandler import SmartRedirectHandler -from lib.utils.har import HTTPCollectorFactory from lib.utils.crawler import crawl from lib.utils.deps import checkDependencies -from lib.utils.search import search +from lib.utils.har import HTTPCollectorFactory from lib.utils.purge import purge +from lib.utils.search import search from thirdparty import six from thirdparty.keepalive import keepalive from thirdparty.multipart import multipartpost diff --git a/lib/core/patch.py b/lib/core/patch.py index 874ce8c43..503054ce6 100644 --- a/lib/core/patch.py +++ b/lib/core/patch.py @@ -18,18 +18,17 @@ import lib.utils.sqlalchemy import thirdparty.ansistrm.ansistrm import thirdparty.chardet.universaldetector -from lib.request.templates import getPageTemplate - from lib.core.common import filterNone from lib.core.common import getSafeExString from lib.core.common import isListLike -from lib.core.common import singleTimeWarnMessage from lib.core.common import readInput from lib.core.common import shellExec +from lib.core.common import singleTimeWarnMessage from lib.core.convert import stdoutEncode from lib.core.option import _setHTTPHandlers from lib.core.option import setVerbosity from lib.core.settings import IS_WIN +from lib.request.templates import getPageTemplate from thirdparty.six.moves import http_client as _http_client def dirtyPatches(): diff --git a/lib/core/settings.py b/lib/core/settings.py index 561c6a82d..df60b4a7c 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -18,7 +18,7 @@ from lib.core.enums import OS from thirdparty.six import unichr as _unichr # sqlmap version (...) -VERSION = "1.3.6.11" +VERSION = "1.3.6.12" TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable" TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34} VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE) @@ -46,10 +46,10 @@ DIFF_TOLERANCE = 0.05 CONSTANT_RATIO = 0.9 # Ratio used in heuristic check for WAF/IPS protected targets -IDS_WAF_CHECK_RATIO = 0.5 +IPS_WAF_CHECK_RATIO = 0.5 # Timeout used in heuristic check for WAF/IPS protected targets -IDS_WAF_CHECK_TIMEOUT = 10 +IPS_WAF_CHECK_TIMEOUT = 10 # Lower and upper values for match ratio in case of stable page LOWER_RATIO_BOUND = 0.02 diff --git a/lib/core/target.py b/lib/core/target.py index 604818dd0..89dd44649 100644 --- a/lib/core/target.py +++ b/lib/core/target.py @@ -48,18 +48,18 @@ from lib.core.exception import SqlmapMissingPrivileges from lib.core.exception import SqlmapNoneDataException from lib.core.exception import SqlmapSystemException from lib.core.exception import SqlmapUserQuitException +from lib.core.option import _setAuthCred from lib.core.option import _setDBMS from lib.core.option import _setKnowledgeBaseAttributes -from lib.core.option import _setAuthCred +from lib.core.settings import ARRAY_LIKE_RECOGNITION_REGEX from lib.core.settings import ASTERISK_MARKER from lib.core.settings import CSRF_TOKEN_PARAMETER_INFIXES from lib.core.settings import CUSTOM_INJECTION_MARK_CHAR from lib.core.settings import DEFAULT_GET_POST_DELIMITER from lib.core.settings import HOST_ALIASES -from lib.core.settings import ARRAY_LIKE_RECOGNITION_REGEX from lib.core.settings import INJECT_HERE_REGEX -from lib.core.settings import JSON_RECOGNITION_REGEX from lib.core.settings import JSON_LIKE_RECOGNITION_REGEX +from lib.core.settings import JSON_RECOGNITION_REGEX from lib.core.settings import MULTIPART_RECOGNITION_REGEX from lib.core.settings import PROBLEMATIC_CUSTOM_INJECTION_PATTERNS from lib.core.settings import REFERER_ALIASES diff --git a/lib/core/update.py b/lib/core/update.py index 8b48a6d9b..e844c4a37 100644 --- a/lib/core/update.py +++ b/lib/core/update.py @@ -14,8 +14,8 @@ import time import zipfile from lib.core.common import dataToStdout -from lib.core.common import getSafeExString from lib.core.common import getLatestRevision +from lib.core.common import getSafeExString from lib.core.common import openFile from lib.core.common import pollProcess from lib.core.common import readInput diff --git a/lib/parse/handler.py b/lib/parse/handler.py index ed03812bb..805c756cf 100644 --- a/lib/parse/handler.py +++ b/lib/parse/handler.py @@ -8,6 +8,7 @@ See the file 'LICENSE' for copying permission import re from xml.sax.handler import ContentHandler + from lib.core.common import sanitizeStr class FingerprintHandler(ContentHandler): diff --git a/lib/request/comparison.py b/lib/request/comparison.py index 19157212e..18f37640e 100644 --- a/lib/request/comparison.py +++ b/lib/request/comparison.py @@ -23,11 +23,11 @@ from lib.core.exception import SqlmapNoneDataException from lib.core.settings import DEFAULT_PAGE_ENCODING from lib.core.settings import DIFF_TOLERANCE from lib.core.settings import HTML_TITLE_REGEX -from lib.core.settings import MIN_RATIO +from lib.core.settings import LOWER_RATIO_BOUND from lib.core.settings import MAX_DIFFLIB_SEQUENCE_LENGTH from lib.core.settings import MAX_RATIO +from lib.core.settings import MIN_RATIO from lib.core.settings import REFLECTED_VALUE_MARKER -from lib.core.settings import LOWER_RATIO_BOUND from lib.core.settings import UPPER_RATIO_BOUND from lib.core.settings import URI_HTTP_HEADER from lib.core.threads import getCurrentThreadData diff --git a/lib/request/connect.py b/lib/request/connect.py index 10636fc45..8d7e70d60 100644 --- a/lib/request/connect.py +++ b/lib/request/connect.py @@ -41,8 +41,8 @@ from lib.core.common import getRequestHeader from lib.core.common import getSafeExString from lib.core.common import isMultiThreadMode from lib.core.common import logHTTPTraffic -from lib.core.common import pushValue from lib.core.common import popValue +from lib.core.common import pushValue from lib.core.common import randomizeParameterValue from lib.core.common import randomInt from lib.core.common import randomStr @@ -52,10 +52,10 @@ from lib.core.common import safeVariableNaming from lib.core.common import singleTimeLogMessage from lib.core.common import singleTimeWarnMessage from lib.core.common import stdev -from lib.core.common import wasLastResponseDelayed from lib.core.common import unsafeVariableNaming from lib.core.common import urldecode from lib.core.common import urlencode +from lib.core.common import wasLastResponseDelayed from lib.core.compat import patchHeaders from lib.core.compat import xrange from lib.core.convert import getBytes @@ -92,19 +92,19 @@ from lib.core.settings import DEFAULT_COOKIE_DELIMITER from lib.core.settings import DEFAULT_GET_POST_DELIMITER from lib.core.settings import DEFAULT_USER_AGENT from lib.core.settings import EVALCODE_ENCODED_PREFIX -from lib.core.settings import HTTP_ACCEPT_HEADER_VALUE from lib.core.settings import HTTP_ACCEPT_ENCODING_HEADER_VALUE +from lib.core.settings import HTTP_ACCEPT_HEADER_VALUE +from lib.core.settings import IPS_WAF_CHECK_PAYLOAD +from lib.core.settings import IS_WIN +from lib.core.settings import LARGE_CHUNK_TRIM_MARKER from lib.core.settings import MAX_CONNECTION_CHUNK_SIZE from lib.core.settings import MAX_CONNECTIONS_REGEX from lib.core.settings import MAX_CONNECTION_TOTAL_SIZE from lib.core.settings import MAX_CONSECUTIVE_CONNECTION_ERRORS from lib.core.settings import MAX_MURPHY_SLEEP_TIME from lib.core.settings import META_REFRESH_REGEX -from lib.core.settings import MIN_TIME_RESPONSES from lib.core.settings import MAX_TIME_RESPONSES -from lib.core.settings import IPS_WAF_CHECK_PAYLOAD -from lib.core.settings import IS_WIN -from lib.core.settings import LARGE_CHUNK_TRIM_MARKER +from lib.core.settings import MIN_TIME_RESPONSES from lib.core.settings import PAYLOAD_DELIMITER from lib.core.settings import PERMISSION_DENIED_REGEX from lib.core.settings import PLAIN_TEXT_CONTENT_TYPE @@ -119,8 +119,8 @@ from lib.core.settings import WARN_TIME_STDEV from lib.request.basic import decodePage from lib.request.basic import forgeHeaders from lib.request.basic import processResponse -from lib.request.direct import direct from lib.request.comparison import comparison +from lib.request.direct import direct from lib.request.methodrequest import MethodRequest from thirdparty import six from thirdparty.odict import OrderedDict diff --git a/lib/request/redirecthandler.py b/lib/request/redirecthandler.py index 961db87ad..c85771d64 100644 --- a/lib/request/redirecthandler.py +++ b/lib/request/redirecthandler.py @@ -9,14 +9,14 @@ import io import time import types -from lib.core.data import conf -from lib.core.data import kb -from lib.core.data import logger from lib.core.common import getHostHeader from lib.core.common import getSafeExString from lib.core.common import logHTTPTraffic from lib.core.common import readInput from lib.core.convert import getUnicode +from lib.core.data import conf +from lib.core.data import kb +from lib.core.data import logger from lib.core.enums import CUSTOM_LOGGING from lib.core.enums import HTTP_HEADER from lib.core.enums import HTTPMETHOD diff --git a/lib/takeover/abstraction.py b/lib/takeover/abstraction.py index a00bc2865..ffcd5d89f 100644 --- a/lib/takeover/abstraction.py +++ b/lib/takeover/abstraction.py @@ -10,8 +10,8 @@ from __future__ import print_function import sys from extra.safe2bin.safe2bin import safechardecode -from lib.core.common import dataToStdout from lib.core.common import Backend +from lib.core.common import dataToStdout from lib.core.common import getSQLSnippet from lib.core.common import isStackingAvailable from lib.core.common import readInput diff --git a/lib/takeover/udf.py b/lib/takeover/udf.py index e5ac1f9e5..8657a98fc 100644 --- a/lib/takeover/udf.py +++ b/lib/takeover/udf.py @@ -8,9 +8,9 @@ See the file 'LICENSE' for copying permission import os from lib.core.agent import agent +from lib.core.common import Backend from lib.core.common import checkFile from lib.core.common import dataToStdout -from lib.core.common import Backend from lib.core.common import isStackingAvailable from lib.core.common import readInput from lib.core.common import unArrayizeValue @@ -18,8 +18,8 @@ from lib.core.compat import xrange from lib.core.data import conf from lib.core.data import logger from lib.core.data import queries -from lib.core.enums import DBMS from lib.core.enums import CHARSET_TYPE +from lib.core.enums import DBMS from lib.core.enums import EXPECTED from lib.core.enums import OS from lib.core.exception import SqlmapFilePathException diff --git a/lib/takeover/web.py b/lib/takeover/web.py index 8e14c988e..1904081dc 100644 --- a/lib/takeover/web.py +++ b/lib/takeover/web.py @@ -20,10 +20,10 @@ from lib.core.common import getAutoDirectories from lib.core.common import getManualDirectories from lib.core.common import getPublicTypeMembers from lib.core.common import getSQLSnippet -from lib.core.common import ntToPosixSlashes from lib.core.common import isTechniqueAvailable from lib.core.common import isWindowsDriveLetterPath from lib.core.common import normalizePath +from lib.core.common import ntToPosixSlashes from lib.core.common import openFile from lib.core.common import parseFilePaths from lib.core.common import posixToNtSlashes diff --git a/lib/takeover/xp_cmdshell.py b/lib/takeover/xp_cmdshell.py index 476a7d3dd..1ea8228c2 100644 --- a/lib/takeover/xp_cmdshell.py +++ b/lib/takeover/xp_cmdshell.py @@ -15,8 +15,8 @@ from lib.core.common import isListLike from lib.core.common import isNoneValue from lib.core.common import isNumPosStrValue from lib.core.common import isTechniqueAvailable -from lib.core.common import pushValue from lib.core.common import popValue +from lib.core.common import pushValue from lib.core.common import randomStr from lib.core.common import readInput from lib.core.common import wasLastResponseDelayed diff --git a/lib/techniques/blind/inference.py b/lib/techniques/blind/inference.py index c2dd01b50..71fbe68c9 100644 --- a/lib/techniques/blind/inference.py +++ b/lib/techniques/blind/inference.py @@ -21,8 +21,8 @@ from lib.core.common import decodeIntToUnicode from lib.core.common import filterControlChars from lib.core.common import getCharset from lib.core.common import getCounter -from lib.core.common import goGoodSamaritan from lib.core.common import getPartRun +from lib.core.common import goGoodSamaritan from lib.core.common import hashDBRetrieve from lib.core.common import hashDBWrite from lib.core.common import incrementCounter @@ -39,11 +39,11 @@ from lib.core.enums import PAYLOAD from lib.core.exception import SqlmapThreadException from lib.core.settings import CHAR_INFERENCE_MARK from lib.core.settings import INFERENCE_BLANK_BREAK -from lib.core.settings import INFERENCE_UNKNOWN_CHAR -from lib.core.settings import INFERENCE_GREATER_CHAR from lib.core.settings import INFERENCE_EQUALS_CHAR +from lib.core.settings import INFERENCE_GREATER_CHAR from lib.core.settings import INFERENCE_MARKER from lib.core.settings import INFERENCE_NOT_EQUALS_CHAR +from lib.core.settings import INFERENCE_UNKNOWN_CHAR from lib.core.settings import MAX_BISECTION_LENGTH from lib.core.settings import MAX_REVALIDATION_STEPS from lib.core.settings import NULL diff --git a/lib/techniques/error/use.py b/lib/techniques/error/use.py index 841caea30..22c8fd5de 100644 --- a/lib/techniques/error/use.py +++ b/lib/techniques/error/use.py @@ -45,8 +45,8 @@ from lib.core.enums import HASHDB_KEYS from lib.core.enums import HTTP_HEADER from lib.core.exception import SqlmapDataException from lib.core.settings import CHECK_ZERO_COLUMNS_THRESHOLD -from lib.core.settings import MIN_ERROR_CHUNK_LENGTH from lib.core.settings import MAX_ERROR_CHUNK_LENGTH +from lib.core.settings import MIN_ERROR_CHUNK_LENGTH from lib.core.settings import NULL from lib.core.settings import PARTIAL_VALUE_MARKER from lib.core.settings import ROTATING_CHARS diff --git a/lib/techniques/union/test.py b/lib/techniques/union/test.py index 6f4a65388..ff4bab9b0 100644 --- a/lib/techniques/union/test.py +++ b/lib/techniques/union/test.py @@ -32,14 +32,14 @@ from lib.core.decorators import stackedmethod from lib.core.dicts import FROM_DUMMY_TABLE from lib.core.enums import PAYLOAD from lib.core.settings import LIMITED_ROWS_TEST_NUMBER -from lib.core.settings import UNION_MIN_RESPONSE_CHARS -from lib.core.settings import UNION_STDEV_COEFF -from lib.core.settings import MIN_RATIO from lib.core.settings import MAX_RATIO +from lib.core.settings import MIN_RATIO from lib.core.settings import MIN_STATISTICAL_RANGE from lib.core.settings import MIN_UNION_RESPONSES from lib.core.settings import NULL from lib.core.settings import ORDER_BY_STEP +from lib.core.settings import UNION_MIN_RESPONSE_CHARS +from lib.core.settings import UNION_STDEV_COEFF from lib.core.unescaper import unescaper from lib.request.comparison import comparison from lib.request.connect import Connect as Request diff --git a/lib/techniques/union/use.py b/lib/techniques/union/use.py index 215661ee1..92f6b1be3 100644 --- a/lib/techniques/union/use.py +++ b/lib/techniques/union/use.py @@ -21,7 +21,6 @@ from lib.core.common import dataToStdout from lib.core.common import extractRegexResult from lib.core.common import firstNotNone from lib.core.common import flattenValue -from lib.core.common import safeStringFormat from lib.core.common import getConsoleWidth from lib.core.common import getPartRun from lib.core.common import hashDBRetrieve @@ -34,6 +33,7 @@ from lib.core.common import isNumPosStrValue from lib.core.common import listToStrValue from lib.core.common import parseUnionPage from lib.core.common import removeReflectiveValues +from lib.core.common import safeStringFormat from lib.core.common import singleTimeDebugMessage from lib.core.common import singleTimeWarnMessage from lib.core.common import unArrayizeValue diff --git a/lib/utils/api.py b/lib/utils/api.py index acdb32b85..84d2327e1 100644 --- a/lib/utils/api.py +++ b/lib/utils/api.py @@ -25,15 +25,15 @@ from lib.core.common import openFile from lib.core.common import saveConfig from lib.core.common import unArrayizeValue from lib.core.compat import xrange -from lib.core.convert import encodeBase64 -from lib.core.convert import encodeHex from lib.core.convert import decodeBase64 from lib.core.convert import dejsonize +from lib.core.convert import encodeBase64 +from lib.core.convert import encodeHex from lib.core.convert import jsonize from lib.core.data import conf from lib.core.data import kb -from lib.core.data import paths from lib.core.data import logger +from lib.core.data import paths from lib.core.datatype import AttribDict from lib.core.defaults import _defaults from lib.core.dicts import PART_RUN_CONTENT_TYPES @@ -43,8 +43,8 @@ from lib.core.enums import MKSTEMP_PREFIX from lib.core.exception import SqlmapConnectionException from lib.core.log import LOGGER_HANDLER from lib.core.optiondict import optDict -from lib.core.settings import RESTAPI_DEFAULT_ADAPTER from lib.core.settings import IS_WIN +from lib.core.settings import RESTAPI_DEFAULT_ADAPTER from lib.core.settings import RESTAPI_DEFAULT_ADDRESS from lib.core.settings import RESTAPI_DEFAULT_PORT from lib.core.shell import autoCompletion diff --git a/lib/utils/brute.py b/lib/utils/brute.py index 1334374b0..78dd9ff6c 100644 --- a/lib/utils/brute.py +++ b/lib/utils/brute.py @@ -9,18 +9,18 @@ from __future__ import division import time +from lib.core.common import Backend from lib.core.common import clearConsoleLine from lib.core.common import dataToStdout from lib.core.common import filterListValue from lib.core.common import getFileItems -from lib.core.common import Backend from lib.core.common import getPageWordSet from lib.core.common import hashDBWrite from lib.core.common import randomInt from lib.core.common import randomStr from lib.core.common import readInput -from lib.core.common import safeStringFormat from lib.core.common import safeSQLIdentificatorNaming +from lib.core.common import safeStringFormat from lib.core.common import unsafeSQLIdentificatorNaming from lib.core.data import conf from lib.core.data import kb diff --git a/lib/utils/hash.py b/lib/utils/hash.py index 3b1886130..d392e919f 100644 --- a/lib/utils/hash.py +++ b/lib/utils/hash.py @@ -63,9 +63,9 @@ from lib.core.common import readInput from lib.core.common import singleTimeLogMessage from lib.core.common import singleTimeWarnMessage from lib.core.compat import xrange -from lib.core.convert import encodeHex from lib.core.convert import decodeBase64 from lib.core.convert import decodeHex +from lib.core.convert import encodeHex from lib.core.convert import getBytes from lib.core.convert import getText from lib.core.convert import getUnicode @@ -90,13 +90,13 @@ from lib.core.settings import INVALID_UNICODE_CHAR_FORMAT from lib.core.settings import IS_WIN from lib.core.settings import ITOA64 from lib.core.settings import NULL -from lib.core.settings import UNICODE_ENCODING from lib.core.settings import ROTATING_CHARS +from lib.core.settings import UNICODE_ENCODING from lib.core.wordlist import Wordlist from thirdparty import six from thirdparty.colorama.initialise import init as coloramainit -from thirdparty.pydes.pyDes import des from thirdparty.pydes.pyDes import CBC +from thirdparty.pydes.pyDes import des from thirdparty.six.moves import queue as _queue def mysql_passwd(password, uppercase=True): diff --git a/lib/utils/search.py b/lib/utils/search.py index 811d489cf..5ade9c0be 100644 --- a/lib/utils/search.py +++ b/lib/utils/search.py @@ -25,8 +25,8 @@ from lib.core.exception import SqlmapBaseException from lib.core.exception import SqlmapConnectionException from lib.core.exception import SqlmapUserQuitException from lib.core.settings import BING_REGEX -from lib.core.settings import DUMMY_SEARCH_USER_AGENT from lib.core.settings import DUCKDUCKGO_REGEX +from lib.core.settings import DUMMY_SEARCH_USER_AGENT from lib.core.settings import GOOGLE_REGEX from lib.core.settings import HTTP_ACCEPT_ENCODING_HEADER_VALUE from lib.core.settings import UNICODE_ENCODING diff --git a/plugins/dbms/h2/enumeration.py b/plugins/dbms/h2/enumeration.py index e72cb36bb..fc35f28a6 100644 --- a/plugins/dbms/h2/enumeration.py +++ b/plugins/dbms/h2/enumeration.py @@ -5,15 +5,15 @@ Copyright (c) 2006-2019 sqlmap developers (http://sqlmap.org/) See the file 'LICENSE' for copying permission """ -from plugins.generic.enumeration import Enumeration as GenericEnumeration +from lib.core.common import unArrayizeValue from lib.core.data import conf from lib.core.data import kb from lib.core.data import logger from lib.core.data import queries -from lib.core.common import unArrayizeValue from lib.core.enums import DBMS from lib.core.settings import H2_DEFAULT_SCHEMA from lib.request import inject +from plugins.generic.enumeration import Enumeration as GenericEnumeration class Enumeration(GenericEnumeration): def getBanner(self): diff --git a/plugins/dbms/hsqldb/enumeration.py b/plugins/dbms/hsqldb/enumeration.py index 91ad3d734..6c0fd662f 100644 --- a/plugins/dbms/hsqldb/enumeration.py +++ b/plugins/dbms/hsqldb/enumeration.py @@ -5,15 +5,15 @@ Copyright (c) 2006-2019 sqlmap developers (http://sqlmap.org/) See the file 'LICENSE' for copying permission """ -from plugins.generic.enumeration import Enumeration as GenericEnumeration +from lib.core.common import unArrayizeValue from lib.core.data import conf from lib.core.data import kb from lib.core.data import logger from lib.core.data import queries -from lib.core.common import unArrayizeValue from lib.core.enums import DBMS from lib.core.settings import HSQLDB_DEFAULT_SCHEMA from lib.request import inject +from plugins.generic.enumeration import Enumeration as GenericEnumeration class Enumeration(GenericEnumeration): def getBanner(self): diff --git a/plugins/dbms/mssqlserver/syntax.py b/plugins/dbms/mssqlserver/syntax.py index 5d4082e0c..4100babe3 100644 --- a/plugins/dbms/mssqlserver/syntax.py +++ b/plugins/dbms/mssqlserver/syntax.py @@ -5,8 +5,8 @@ Copyright (c) 2006-2019 sqlmap developers (http://sqlmap.org/) See the file 'LICENSE' for copying permission """ -from plugins.generic.syntax import Syntax as GenericSyntax from lib.core.convert import getOrds +from plugins.generic.syntax import Syntax as GenericSyntax class Syntax(GenericSyntax): @staticmethod diff --git a/plugins/generic/filesystem.py b/plugins/generic/filesystem.py index 008fd075c..224a46ea2 100644 --- a/plugins/generic/filesystem.py +++ b/plugins/generic/filesystem.py @@ -10,13 +10,13 @@ import os import sys from lib.core.agent import agent -from lib.core.common import dataToOutFile from lib.core.common import Backend from lib.core.common import checkFile +from lib.core.common import dataToOutFile from lib.core.common import decloakToTemp from lib.core.common import decodeDbmsHexValue -from lib.core.common import isNumPosStrValue from lib.core.common import isListLike +from lib.core.common import isNumPosStrValue from lib.core.common import isStackingAvailable from lib.core.common import isTechniqueAvailable from lib.core.common import readInput @@ -26,8 +26,8 @@ from lib.core.convert import getUnicode from lib.core.data import conf from lib.core.data import kb from lib.core.data import logger -from lib.core.enums import DBMS from lib.core.enums import CHARSET_TYPE +from lib.core.enums import DBMS from lib.core.enums import EXPECTED from lib.core.enums import PAYLOAD from lib.core.exception import SqlmapUndefinedMethod diff --git a/tamper/charunicodeencode.py b/tamper/charunicodeencode.py index 8bd456fab..ba7a8dea1 100644 --- a/tamper/charunicodeencode.py +++ b/tamper/charunicodeencode.py @@ -8,8 +8,8 @@ See the file 'LICENSE' for copying permission import os import string -from lib.core.enums import PRIORITY from lib.core.common import singleTimeWarnMessage +from lib.core.enums import PRIORITY __priority__ = PRIORITY.LOWEST diff --git a/tamper/multiplespaces.py b/tamper/multiplespaces.py index 96ccb1532..ec8b2d6d3 100644 --- a/tamper/multiplespaces.py +++ b/tamper/multiplespaces.py @@ -9,8 +9,8 @@ import random import re from lib.core.data import kb -from lib.core.enums import PRIORITY from lib.core.datatype import OrderedSet +from lib.core.enums import PRIORITY __priority__ = PRIORITY.NORMAL diff --git a/tamper/percentage.py b/tamper/percentage.py index 71259fd88..a97c96942 100644 --- a/tamper/percentage.py +++ b/tamper/percentage.py @@ -8,8 +8,8 @@ See the file 'LICENSE' for copying permission import os import string -from lib.core.enums import PRIORITY from lib.core.common import singleTimeWarnMessage +from lib.core.enums import PRIORITY __priority__ = PRIORITY.LOW