From 496075ef205cc9f8150072cd32b52641e0be3df1 Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Tue, 31 Oct 2017 10:10:22 +0100 Subject: [PATCH] Trivial refactoring --- lib/controller/checks.py | 3 ++- lib/core/common.py | 5 +++-- lib/core/settings.py | 1 + lib/request/basic.py | 3 ++- lib/utils/hash.py | 5 +++-- 5 files changed, 11 insertions(+), 6 deletions(-) diff --git a/lib/controller/checks.py b/lib/controller/checks.py index 12c89d212..3f92695c2 100644 --- a/lib/controller/checks.py +++ b/lib/controller/checks.py @@ -73,6 +73,7 @@ from lib.core.settings import CANDIDATE_SENTENCE_MIN_LENGTH from lib.core.settings import CHECK_INTERNET_ADDRESS from lib.core.settings import CHECK_INTERNET_VALUE from lib.core.settings import DEFAULT_GET_POST_DELIMITER +from lib.core.settings import DEV_EMAIL_ADDRESS from lib.core.settings import DUMMY_NON_SQLI_CHECK_APPENDIX from lib.core.settings import FI_ERROR_REGEX from lib.core.settings import FORMAT_EXCEPTION_STRINGS @@ -1411,7 +1412,7 @@ def identifyWaf(): message = "WAF/IPS/IDS specific response can be found in '%s'. " % filename message += "If you know the details on used protection please " message += "report it along with specific response " - message += "to 'dev@sqlmap.org'" + message += "to '%s'" % DEV_EMAIL_ADDRESS logger.warn(message) message = "are you sure that you want to " diff --git a/lib/core/common.py b/lib/core/common.py index 576b8d5c2..5626f1139 100644 --- a/lib/core/common.py +++ b/lib/core/common.py @@ -102,6 +102,7 @@ from lib.core.settings import CUSTOM_INJECTION_MARK_CHAR from lib.core.settings import DEFAULT_COOKIE_DELIMITER from lib.core.settings import DEFAULT_GET_POST_DELIMITER from lib.core.settings import DEFAULT_MSSQL_SCHEMA +from lib.core.settings import DEV_EMAIL_ADDRESS from lib.core.settings import DUMMY_USER_INJECTION from lib.core.settings import DYNAMICITY_MARK_LENGTH from lib.core.settings import ERROR_PARSING_REGEXES @@ -1768,7 +1769,7 @@ def safeStringFormat(format_, params): if isinstance(params, basestring): retVal = retVal.replace("%s", params, 1) elif not isListLike(params): - retVal = retVal.replace("%s", str(params), 1) + retVal = retVal.replace("%s", getUnicode(params), 1) else: start, end = 0, len(retVal) match = re.search(r"%s(.+)%s" % (PAYLOAD_DELIMITER, PAYLOAD_DELIMITER), retVal) @@ -1794,7 +1795,7 @@ def safeStringFormat(format_, params): if match: if count >= len(params): warnMsg = "wrong number of parameters during string formatting. " - warnMsg += "Please report by e-mail content \"%r | %r | %r\" to 'dev@sqlmap.org'" % (format_, params, retVal) + warnMsg += "Please report by e-mail content \"%r | %r | %r\" to '%s'" % (format_, params, retVal, DEV_EMAIL_ADDRESS) raise SqlmapValueException(warnMsg) else: retVal = re.sub(r"(\A|[^A-Za-z0-9])(%s)([^A-Za-z0-9]|\Z)", r"\g<1>%s\g<3>" % params[count], retVal, 1) diff --git a/lib/core/settings.py b/lib/core/settings.py index 6c46beb51..f12522bb3 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -25,6 +25,7 @@ TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34} VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE) DESCRIPTION = "automatic SQL injection and database takeover tool" SITE = "http://sqlmap.org" +DEV_EMAIL_ADDRESS = "dev@sqlmap.org" ISSUES_PAGE = "https://github.com/sqlmapproject/sqlmap/issues/new" GIT_REPOSITORY = "git://github.com/sqlmapproject/sqlmap.git" GIT_PAGE = "https://github.com/sqlmapproject/sqlmap" diff --git a/lib/request/basic.py b/lib/request/basic.py index e7bf3a8b5..ab7cf8607 100644 --- a/lib/request/basic.py +++ b/lib/request/basic.py @@ -33,6 +33,7 @@ from lib.core.enums import PLACE from lib.core.exception import SqlmapCompressionException from lib.core.settings import BLOCKED_IP_REGEX from lib.core.settings import DEFAULT_COOKIE_DELIMITER +from lib.core.settings import DEV_EMAIL_ADDRESS from lib.core.settings import EVENTVALIDATION_REGEX from lib.core.settings import MAX_CONNECTION_TOTAL_SIZE from lib.core.settings import META_CHARSET_REGEX @@ -214,7 +215,7 @@ def checkCharEncoding(encoding, warn=True): except (LookupError, ValueError): if warn: warnMsg = "unknown web page charset '%s'. " % encoding - warnMsg += "Please report by e-mail to 'dev@sqlmap.org'" + warnMsg += "Please report by e-mail to '%s'" % DEV_EMAIL_ADDRESS singleTimeLogMessage(warnMsg, logging.WARN, encoding) encoding = None diff --git a/lib/utils/hash.py b/lib/utils/hash.py index 332df974b..2cd6934e7 100644 --- a/lib/utils/hash.py +++ b/lib/utils/hash.py @@ -70,6 +70,7 @@ from lib.core.exception import SqlmapDataException from lib.core.exception import SqlmapUserQuitException from lib.core.settings import COMMON_PASSWORD_SUFFIXES from lib.core.settings import COMMON_USER_COLUMNS +from lib.core.settings import DEV_EMAIL_ADDRESS from lib.core.settings import DUMMY_USER_PREFIX from lib.core.settings import HASH_MOD_ITEM_DISPLAY from lib.core.settings import HASH_RECOGNITION_QUIT_THRESHOLD @@ -763,7 +764,7 @@ def _bruteProcessVariantA(attack_info, hash_regex, suffix, retVal, proc_id, proc except Exception, e: warnMsg = "there was a problem while hashing entry: %s (%s). " % (repr(word), e) - warnMsg += "Please report by e-mail to 'dev@sqlmap.org'" + warnMsg += "Please report by e-mail to '%s'" % DEV_EMAIL_ADDRESS logger.critical(warnMsg) except KeyboardInterrupt: @@ -837,7 +838,7 @@ def _bruteProcessVariantB(user, hash_, kwargs, hash_regex, suffix, retVal, found except Exception, e: warnMsg = "there was a problem while hashing entry: %s (%s). " % (repr(word), e) - warnMsg += "Please report by e-mail to 'dev@sqlmap.org'" + warnMsg += "Please report by e-mail to '%s'" % DEV_EMAIL_ADDRESS logger.critical(warnMsg) except KeyboardInterrupt: