diff --git a/extra/cloak/cloak.py b/extra/cloak/cloak.py index 7c9efc90b..8462dbc12 100644 --- a/extra/cloak/cloak.py +++ b/extra/cloak/cloak.py @@ -16,6 +16,9 @@ import zlib from optparse import OptionError from optparse import OptionParser +if sys.version_info.major > 2: + xrange = range + def hideAscii(data): retVal = "" for i in xrange(len(data)): diff --git a/extra/safe2bin/safe2bin.py b/extra/safe2bin/safe2bin.py index f7c26a0dd..b514c2a2a 100644 --- a/extra/safe2bin/safe2bin.py +++ b/extra/safe2bin/safe2bin.py @@ -18,6 +18,9 @@ import sys from optparse import OptionError from optparse import OptionParser +if sys.version_info.major > 2: + xrange = range + # Regex used for recognition of hex encoded characters HEX_ENCODED_CHAR_REGEX = r"(?P\\x[0-9A-Fa-f]{2})" diff --git a/extra/shutils/duplicates.py b/extra/shutils/duplicates.py index c5fdbaf64..23cc803df 100755 --- a/extra/shutils/duplicates.py +++ b/extra/shutils/duplicates.py @@ -9,21 +9,22 @@ from __future__ import print_function import sys -if len(sys.argv) > 0: - items = list() +if __name__ == "__main__": + if len(sys.argv) > 0: + items = list() - with open(sys.argv[1], 'r') as f: - for item in f.readlines(): - item = item.strip() - try: - str.encode(item) - if item in items: - if item: - print(item) - else: - items.append(item) - except: - pass + with open(sys.argv[1], 'r') as f: + for item in f.readlines(): + item = item.strip() + try: + str.encode(item) + if item in items: + if item: + print(item) + else: + items.append(item) + except: + pass - with open(sys.argv[1], 'w+') as f: - f.writelines("\n".join(items)) + with open(sys.argv[1], 'w+') as f: + f.writelines("\n".join(items)) diff --git a/extra/wafdetectify/__init__.py b/extra/wafdetectify/__init__.py deleted file mode 100644 index 8307a1c28..000000000 --- a/extra/wafdetectify/__init__.py +++ /dev/null @@ -1,8 +0,0 @@ -#!/usr/bin/env python2 - -""" -Copyright (c) 2006-2019 sqlmap developers (http://sqlmap.org/) -See the file 'LICENSE' for copying permission -""" - -pass diff --git a/extra/wafdetectify/wafdetectify.py b/extra/wafdetectify/wafdetectify.py deleted file mode 100755 index 3afe6eb5d..000000000 --- a/extra/wafdetectify/wafdetectify.py +++ /dev/null @@ -1,134 +0,0 @@ -#!/usr/bin/env python2 - -""" -Copyright (c) 2006-2019 sqlmap developers (http://sqlmap.org/) -See the file 'LICENSE' for copying permission -""" - -from __future__ import print_function - -import cookielib -import glob -import httplib -import inspect -import os -import re -import socket -import ssl -import subprocess -import sys -import urllib2 - -sys.dont_write_bytecode = True - -if hasattr(ssl, "_create_unverified_context"): - ssl._create_default_https_context = ssl._create_unverified_context - -NAME, VERSION, AUTHOR = "WAF Detectify", "0.1", "sqlmap developers (@sqlmap)" -TIMEOUT = 10 -HEADERS = {"User-Agent": "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:61.0) Gecko/20100101 Firefox/61.0", "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language": "en-US,en;q=0.5", "Accept-Encoding": "identity", "Cache-Control": "max-age=0"} -SQLMAP_DIR = os.path.abspath(os.path.join(os.path.dirname(__file__), "..", "..")) -SCRIPTS_DIR = os.path.join(SQLMAP_DIR, "waf") -LEVEL_COLORS = {"o": "\033[00;94m", "x": "\033[00;91m", "!": "\033[00;93m", "i": "\033[00;92m"} -CACHE = {} -WAF_FUNCTIONS = [] - -def get_page(get=None, url=None, host=None, data=None): - key = (get, url, host, data) - - if key in CACHE: - return CACHE[key] - - page, headers, code = None, {}, httplib.OK - - url = url or ("%s%s%s" % (sys.argv[1], '?' if '?' not in sys.argv[1] else '&', get) if get else sys.argv[1]) - if not url.startswith("http"): - url = "http://%s" % url - - try: - req = urllib2.Request("".join(url[_].replace(' ', "%20") if _ > url.find('?') else url[_] for _ in xrange(len(url))), data, HEADERS) - conn = urllib2.urlopen(req, timeout=TIMEOUT) - page = conn.read() - headers = conn.info() - except Exception as ex: - code = getattr(ex, "code", None) - page = ex.read() if hasattr(ex, "read") else getattr(ex, "msg", "") - headers = ex.info() if hasattr(ex, "info") else {} - - result = CACHE[key] = page, headers, code - - return result - -def colorize(message): - if not subprocess.mswindows and sys.stdout.isatty(): - message = re.sub(r"\[(.)\]", lambda match: "[%s%s\033[00;49m]" % (LEVEL_COLORS[match.group(1)], match.group(1)), message) - message = message.replace("@sqlmap", "\033[00;96m@sqlmap\033[00;49m") - message = message.replace(NAME, "\033[00;93m%s\033[00;49m" % NAME) - - return message - -def main(): - global WAF_FUNCTIONS - - print(colorize("%s #v%s\n by: %s\n" % (NAME, VERSION, AUTHOR))) - - if len(sys.argv) < 2: - sys.exit(colorize("[x] usage: python %s " % os.path.split(__file__)[-1])) - - cookie_jar = cookielib.CookieJar() - opener = urllib2.build_opener(urllib2.HTTPCookieProcessor(cookie_jar)) - urllib2.install_opener(opener) - - sys.path.insert(0, SQLMAP_DIR) - - for found in glob.glob(os.path.join(SCRIPTS_DIR, "*.py")): - dirname, filename = os.path.split(found) - dirname = os.path.abspath(dirname) - - if filename == "__init__.py": - continue - - if dirname not in sys.path: - sys.path.insert(0, dirname) - - try: - if filename[:-3] in sys.modules: - del sys.modules[filename[:-3]] - module = __import__(filename[:-3].encode(sys.getfilesystemencoding() or "utf8")) - except ImportError as ex: - sys.exit(colorize("[x] cannot import WAF script '%s' (%s)" % (filename[:-3], ex))) - - _ = dict(inspect.getmembers(module)) - if "detect" not in _: - sys.exit(colorize("[x] missing function 'detect(get_page)' in WAF script '%s'" % found)) - else: - WAF_FUNCTIONS.append((_["detect"], _.get("__product__", filename[:-3]))) - - WAF_FUNCTIONS = sorted(WAF_FUNCTIONS, key=lambda _: "generic" in _[1].lower()) - - print(colorize("[i] checking '%s'..." % sys.argv[1])) - - hostname = sys.argv[1].split("//")[-1].split('/')[0] - try: - socket.getaddrinfo(hostname, None) - except socket.gaierror: - print(colorize("[x] host '%s' does not exist" % hostname)) - sys.exit(1) - - found = False - for function, product in WAF_FUNCTIONS: - if found and "unknown" in product.lower(): - continue - - if function(get_page): - sys.exit(colorize("[!] WAF/IPS identified as '%s'" % product)) - - if not found: - print(colorize("[o] nothing found")) - - print() - - sys.exit(int(not found)) - -if __name__ == "__main__": - main() diff --git a/lib/controller/checks.py b/lib/controller/checks.py index ab0110845..20a6af967 100644 --- a/lib/controller/checks.py +++ b/lib/controller/checks.py @@ -105,6 +105,7 @@ from lib.request.inject import checkBooleanExpression from lib.request.templates import getPageTemplate from lib.techniques.union.test import unionTest from lib.techniques.union.use import configUnion +from lib.utils.xrange import xrange from thirdparty import six from thirdparty.six.moves import http_client as _http_client diff --git a/lib/controller/controller.py b/lib/controller/controller.py index 1fc91aba8..3c174618a 100644 --- a/lib/controller/controller.py +++ b/lib/controller/controller.py @@ -72,6 +72,7 @@ from lib.core.settings import USER_AGENT_ALIASES from lib.core.target import initTargetEnv from lib.core.target import setupTargetEnv from lib.utils.hash import crackHashFile +from lib.utils.xrange import xrange def _selectInjection(): """ diff --git a/lib/core/agent.py b/lib/core/agent.py index 91e899275..49c313f3d 100644 --- a/lib/core/agent.py +++ b/lib/core/agent.py @@ -46,6 +46,7 @@ from lib.core.settings import REPLACEMENT_MARKER from lib.core.settings import SINGLE_QUOTE_MARKER from lib.core.settings import SLEEP_TIME_MARKER from lib.core.unescaper import unescaper +from lib.utils.xrange import xrange class Agent(object): """ diff --git a/lib/core/bigarray.py b/lib/core/bigarray.py index 5d8fa21a9..d450d5777 100644 --- a/lib/core/bigarray.py +++ b/lib/core/bigarray.py @@ -20,6 +20,7 @@ from lib.core.enums import MKSTEMP_PREFIX from lib.core.exception import SqlmapSystemException from lib.core.settings import BIGARRAY_CHUNK_SIZE from lib.core.settings import BIGARRAY_COMPRESS_LEVEL +from lib.utils.xrange import xrange DEFAULT_SIZE_OF = sys.getsizeof(object()) diff --git a/lib/core/common.py b/lib/core/common.py index a2d4ccd14..707a1f1fe 100644 --- a/lib/core/common.py +++ b/lib/core/common.py @@ -167,6 +167,7 @@ from lib.core.settings import VERSION_STRING from lib.core.settings import WEBSCARAB_SPLITTER from lib.core.threads import getCurrentThreadData from lib.utils.sqlalchemy import _sqlalchemy +from lib.utils.xrange import xrange from thirdparty import six from thirdparty.clientform.clientform import ParseResponse from thirdparty.clientform.clientform import ParseError diff --git a/lib/core/dump.py b/lib/core/dump.py index 5dd9cec31..eb6777f37 100644 --- a/lib/core/dump.py +++ b/lib/core/dump.py @@ -50,6 +50,7 @@ from lib.core.settings import UNICODE_ENCODING from lib.core.settings import UNSAFE_DUMP_FILEPATH_REPLACEMENT from lib.core.settings import VERSION_STRING from lib.core.settings import WINDOWS_RESERVED_NAMES +from lib.utils.xrange import xrange from thirdparty import six from thirdparty.magic import magic diff --git a/lib/core/option.py b/lib/core/option.py index 72153e0c6..1cf106ec3 100644 --- a/lib/core/option.py +++ b/lib/core/option.py @@ -147,6 +147,7 @@ from lib.utils.crawler import crawl from lib.utils.deps import checkDependencies from lib.utils.search import search from lib.utils.purge import purge +from lib.utils.xrange import xrange from thirdparty import six from thirdparty.keepalive import keepalive from thirdparty.multipart import multipartpost diff --git a/lib/core/settings.py b/lib/core/settings.py index 39bb79183..5e6943d17 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -17,7 +17,7 @@ from lib.core.enums import DBMS_DIRECTORY_NAME from lib.core.enums import OS # sqlmap version (...) -VERSION = "1.3.3.70" +VERSION = "1.3.3.71" TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable" TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34} VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE) diff --git a/lib/core/target.py b/lib/core/target.py index fae71d2c0..45abcc0e8 100644 --- a/lib/core/target.py +++ b/lib/core/target.py @@ -72,6 +72,7 @@ from lib.core.settings import URI_INJECTABLE_REGEX from lib.core.settings import USER_AGENT_ALIASES from lib.core.settings import XML_RECOGNITION_REGEX from lib.utils.hashdb import HashDB +from lib.utils.xrange import xrange from thirdparty.odict import OrderedDict from thirdparty.six.moves import urllib as _urllib diff --git a/lib/core/threads.py b/lib/core/threads.py index 5b2e72797..c32ed0c5e 100644 --- a/lib/core/threads.py +++ b/lib/core/threads.py @@ -25,6 +25,7 @@ from lib.core.exception import SqlmapUserQuitException from lib.core.exception import SqlmapValueException from lib.core.settings import MAX_NUMBER_OF_THREADS from lib.core.settings import PYVERSION +from lib.utils.xrange import xrange shared = AttribDict() diff --git a/lib/parse/cmdline.py b/lib/parse/cmdline.py index 1d29ce4dd..da3edf4b6 100644 --- a/lib/parse/cmdline.py +++ b/lib/parse/cmdline.py @@ -39,6 +39,7 @@ from lib.core.shell import autoCompletion from lib.core.shell import clearHistory from lib.core.shell import loadHistory from lib.core.shell import saveHistory +from lib.utils.xrange import xrange def cmdLineParser(argv=None): """ diff --git a/lib/parse/payloads.py b/lib/parse/payloads.py index 23368f2d4..37addf5d1 100644 --- a/lib/parse/payloads.py +++ b/lib/parse/payloads.py @@ -16,6 +16,7 @@ from lib.core.data import paths from lib.core.datatype import AttribDict from lib.core.exception import SqlmapInstallationException from lib.core.settings import PAYLOAD_XML_FILES +from lib.utils.xrange import xrange def cleanupVals(text, tag): if tag == "clause" and '-' in text: diff --git a/lib/request/connect.py b/lib/request/connect.py index 03b2c1115..ab5ce963e 100644 --- a/lib/request/connect.py +++ b/lib/request/connect.py @@ -118,6 +118,7 @@ from lib.request.basic import processResponse from lib.request.direct import direct from lib.request.comparison import comparison from lib.request.methodrequest import MethodRequest +from lib.utils.xrange import xrange from thirdparty import six from thirdparty.odict import OrderedDict from thirdparty.six.moves import http_client as _http_client diff --git a/lib/request/inject.py b/lib/request/inject.py index f08ffbefa..f9a798d58 100644 --- a/lib/request/inject.py +++ b/lib/request/inject.py @@ -59,6 +59,7 @@ from lib.techniques.dns.test import dnsTest from lib.techniques.dns.use import dnsUse from lib.techniques.error.use import errorUse from lib.techniques.union.use import unionUse +from lib.utils.xrange import xrange from thirdparty import six def _goDns(payload, expression): diff --git a/lib/takeover/udf.py b/lib/takeover/udf.py index 7c744f3b2..787ac481c 100644 --- a/lib/takeover/udf.py +++ b/lib/takeover/udf.py @@ -27,6 +27,7 @@ from lib.core.exception import SqlmapUnsupportedFeatureException from lib.core.exception import SqlmapUserQuitException from lib.core.unescaper import unescaper from lib.request import inject +from lib.utils.xrange import xrange class UDF: """ diff --git a/lib/takeover/web.py b/lib/takeover/web.py index 21b3b5fc7..9102becba 100644 --- a/lib/takeover/web.py +++ b/lib/takeover/web.py @@ -51,6 +51,7 @@ from lib.core.settings import SHELL_RUNCMD_EXE_TAG from lib.core.settings import SHELL_WRITABLE_DIR_TAG from lib.core.settings import VIEWSTATE_REGEX from lib.request.connect import Connect as Request +from lib.utils.xrange import xrange from thirdparty.six.moves import urllib as _urllib class Web: diff --git a/lib/takeover/xp_cmdshell.py b/lib/takeover/xp_cmdshell.py index 61e9dbfda..d50f08116 100644 --- a/lib/takeover/xp_cmdshell.py +++ b/lib/takeover/xp_cmdshell.py @@ -32,6 +32,7 @@ from lib.core.enums import HASHDB_KEYS from lib.core.enums import PAYLOAD from lib.core.exception import SqlmapUnsupportedFeatureException from lib.core.threads import getCurrentThreadData +from lib.utils.xrange import xrange from lib.request import inject class XP_cmdshell: diff --git a/lib/techniques/dns/use.py b/lib/techniques/dns/use.py index e4a2dc470..9d447c7d3 100644 --- a/lib/techniques/dns/use.py +++ b/lib/techniques/dns/use.py @@ -32,6 +32,7 @@ from lib.core.settings import MAX_DNS_LABEL from lib.core.settings import PARTIAL_VALUE_MARKER from lib.core.unescaper import unescaper from lib.request.connect import Connect as Request +from lib.utils.xrange import xrange def dnsUse(payload, expression): """ diff --git a/lib/techniques/error/use.py b/lib/techniques/error/use.py index b68274f12..50a56e5dc 100644 --- a/lib/techniques/error/use.py +++ b/lib/techniques/error/use.py @@ -57,6 +57,7 @@ from lib.core.threads import runThreads from lib.core.unescaper import unescaper from lib.request.connect import Connect as Request from lib.utils.progress import ProgressBar +from lib.utils.xrange import xrange from thirdparty import six def _oneShotErrorUse(expression, field=None, chunkTest=False): diff --git a/lib/techniques/union/test.py b/lib/techniques/union/test.py index f5c2d314e..3d51b7dc6 100644 --- a/lib/techniques/union/test.py +++ b/lib/techniques/union/test.py @@ -42,6 +42,7 @@ from lib.core.settings import ORDER_BY_STEP from lib.core.unescaper import unescaper from lib.request.comparison import comparison from lib.request.connect import Connect as Request +from lib.utils.xrange import xrange def _findUnionCharCount(comment, place, parameter, value, prefix, suffix, where=PAYLOAD.WHERE.ORIGINAL): """ diff --git a/lib/techniques/union/use.py b/lib/techniques/union/use.py index 0611359d6..3800b52ef 100644 --- a/lib/techniques/union/use.py +++ b/lib/techniques/union/use.py @@ -59,6 +59,7 @@ from lib.core.threads import runThreads from lib.core.unescaper import unescaper from lib.request.connect import Connect as Request from lib.utils.progress import ProgressBar +from lib.utils.xrange import xrange from thirdparty import six from thirdparty.odict import OrderedDict diff --git a/lib/utils/api.py b/lib/utils/api.py index 04f93931e..384c84c88 100644 --- a/lib/utils/api.py +++ b/lib/utils/api.py @@ -47,6 +47,7 @@ from lib.core.settings import RESTAPI_DEFAULT_PORT from lib.core.shell import autoCompletion from lib.core.subprocessng import Popen from lib.parse.cmdline import cmdLineParser +from lib.utils.xrange import xrange from thirdparty.bottle.bottle import error as return_error from thirdparty.bottle.bottle import get from thirdparty.bottle.bottle import hook diff --git a/lib/utils/crawler.py b/lib/utils/crawler.py index f6a75f91d..faecf5da7 100644 --- a/lib/utils/crawler.py +++ b/lib/utils/crawler.py @@ -31,6 +31,7 @@ from lib.core.threads import getCurrentThreadData from lib.core.threads import runThreads from lib.parse.sitemap import parseSitemap from lib.request.connect import Connect as Request +from lib.utils.xrange import xrange from thirdparty.beautifulsoup.beautifulsoup import BeautifulSoup from thirdparty.six.moves import http_client as _http_client from thirdparty.six.moves import urllib as _urllib diff --git a/lib/utils/hash.py b/lib/utils/hash.py index ecf43664a..98d76b6df 100644 --- a/lib/utils/hash.py +++ b/lib/utils/hash.py @@ -86,6 +86,7 @@ from lib.core.settings import NULL from lib.core.settings import UNICODE_ENCODING from lib.core.settings import ROTATING_CHARS from lib.core.wordlist import Wordlist +from lib.utils.xrange import xrange from thirdparty import six from thirdparty.colorama.initialise import init as coloramainit from thirdparty.pydes.pyDes import des diff --git a/lib/utils/hashdb.py b/lib/utils/hashdb.py index a51226a78..808cf3b9d 100644 --- a/lib/utils/hashdb.py +++ b/lib/utils/hashdb.py @@ -25,6 +25,7 @@ from lib.core.settings import HASHDB_RETRIEVE_RETRIES from lib.core.settings import UNICODE_ENCODING from lib.core.threads import getCurrentThreadData from lib.core.threads import getCurrentThreadName +from lib.utils.xrange import xrange class HashDB(object): def __init__(self, filepath): diff --git a/lib/utils/pivotdumptable.py b/lib/utils/pivotdumptable.py index ef5947936..f1372ac4f 100644 --- a/lib/utils/pivotdumptable.py +++ b/lib/utils/pivotdumptable.py @@ -31,6 +31,7 @@ from lib.core.settings import MAX_INT from lib.core.settings import NULL from lib.core.unescaper import unescaper from lib.request import inject +from lib.utils.xrange import xrange def pivotDumpTable(table, colList, count=None, blind=True, alias=None): lengths = {} diff --git a/lib/utils/purge.py b/lib/utils/purge.py index d716c2849..fc4ed95a0 100644 --- a/lib/utils/purge.py +++ b/lib/utils/purge.py @@ -13,6 +13,7 @@ import string from lib.core.common import getSafeExString from lib.core.data import logger +from lib.utils.xrange import xrange def purge(directory): """ diff --git a/lib/utils/xrange.py b/lib/utils/xrange.py index 125c8ec07..3e4ca31ef 100644 --- a/lib/utils/xrange.py +++ b/lib/utils/xrange.py @@ -1,10 +1,12 @@ -#!/usr/bin/env python2 +#!/usr/bin/env python """ Copyright (c) 2006-2019 sqlmap developers (http://sqlmap.org/) See the file 'LICENSE' for copying permission """ +import numbers + class xrange(object): """ Advanced (re)implementation of xrange (supports slice/copy/etc.) @@ -68,7 +70,7 @@ class xrange(object): start, stop, step = index.indices(self._len()) return xrange(self._index(start), self._index(stop), step * self.step) - elif isinstance(index, (int, long)): + elif isinstance(index, numbers.Integral): if index < 0: fixed_index = index + self._len() else: diff --git a/plugins/dbms/db2/fingerprint.py b/plugins/dbms/db2/fingerprint.py index 09fc030ff..43c81c2f0 100644 --- a/plugins/dbms/db2/fingerprint.py +++ b/plugins/dbms/db2/fingerprint.py @@ -15,6 +15,7 @@ from lib.core.enums import OS from lib.core.session import setDbms from lib.core.settings import DB2_ALIASES from lib.request import inject +from lib.utils.xrange import xrange from plugins.generic.fingerprint import Fingerprint as GenericFingerprint class Fingerprint(GenericFingerprint): diff --git a/plugins/dbms/firebird/fingerprint.py b/plugins/dbms/firebird/fingerprint.py index 9214190bd..210f35329 100644 --- a/plugins/dbms/firebird/fingerprint.py +++ b/plugins/dbms/firebird/fingerprint.py @@ -19,6 +19,7 @@ from lib.core.session import setDbms from lib.core.settings import FIREBIRD_ALIASES from lib.core.settings import METADB_SUFFIX from lib.request import inject +from lib.utils.xrange import xrange from plugins.generic.fingerprint import Fingerprint as GenericFingerprint class Fingerprint(GenericFingerprint): diff --git a/plugins/dbms/h2/syntax.py b/plugins/dbms/h2/syntax.py index d95e1bcbe..d991f625e 100644 --- a/plugins/dbms/h2/syntax.py +++ b/plugins/dbms/h2/syntax.py @@ -5,6 +5,7 @@ Copyright (c) 2006-2019 sqlmap developers (http://sqlmap.org/) See the file 'LICENSE' for copying permission """ +from lib.utils.xrange import xrange from plugins.generic.syntax import Syntax as GenericSyntax class Syntax(GenericSyntax): diff --git a/plugins/dbms/hsqldb/syntax.py b/plugins/dbms/hsqldb/syntax.py index d95e1bcbe..d991f625e 100644 --- a/plugins/dbms/hsqldb/syntax.py +++ b/plugins/dbms/hsqldb/syntax.py @@ -5,6 +5,7 @@ Copyright (c) 2006-2019 sqlmap developers (http://sqlmap.org/) See the file 'LICENSE' for copying permission """ +from lib.utils.xrange import xrange from plugins.generic.syntax import Syntax as GenericSyntax class Syntax(GenericSyntax): diff --git a/plugins/dbms/maxdb/fingerprint.py b/plugins/dbms/maxdb/fingerprint.py index bbf4186ad..2388bf012 100644 --- a/plugins/dbms/maxdb/fingerprint.py +++ b/plugins/dbms/maxdb/fingerprint.py @@ -16,6 +16,7 @@ from lib.core.session import setDbms from lib.core.settings import MAXDB_ALIASES from lib.request import inject from lib.request.connect import Connect as Request +from lib.utils.xrange import xrange from plugins.generic.fingerprint import Fingerprint as GenericFingerprint class Fingerprint(GenericFingerprint): diff --git a/plugins/dbms/mssqlserver/enumeration.py b/plugins/dbms/mssqlserver/enumeration.py index c949c10b3..b3bee7134 100644 --- a/plugins/dbms/mssqlserver/enumeration.py +++ b/plugins/dbms/mssqlserver/enumeration.py @@ -28,6 +28,7 @@ from lib.core.enums import PAYLOAD from lib.core.exception import SqlmapNoneDataException from lib.core.settings import CURRENT_DB from lib.request import inject +from lib.utils.xrange import xrange from plugins.generic.enumeration import Enumeration as GenericEnumeration from thirdparty import six diff --git a/plugins/dbms/mssqlserver/filesystem.py b/plugins/dbms/mssqlserver/filesystem.py index f7ac1402b..0702a8932 100644 --- a/plugins/dbms/mssqlserver/filesystem.py +++ b/plugins/dbms/mssqlserver/filesystem.py @@ -24,6 +24,7 @@ from lib.core.enums import PAYLOAD from lib.core.exception import SqlmapNoneDataException from lib.core.exception import SqlmapUnsupportedFeatureException from lib.request import inject +from lib.utils.xrange import xrange from plugins.generic.filesystem import Filesystem as GenericFilesystem diff --git a/plugins/dbms/mssqlserver/syntax.py b/plugins/dbms/mssqlserver/syntax.py index a19d3a92e..1cff5e029 100644 --- a/plugins/dbms/mssqlserver/syntax.py +++ b/plugins/dbms/mssqlserver/syntax.py @@ -5,6 +5,7 @@ Copyright (c) 2006-2019 sqlmap developers (http://sqlmap.org/) See the file 'LICENSE' for copying permission """ +from lib.utils.xrange import xrange from plugins.generic.syntax import Syntax as GenericSyntax class Syntax(GenericSyntax): diff --git a/plugins/dbms/mssqlserver/takeover.py b/plugins/dbms/mssqlserver/takeover.py index a7795b523..cde20ca31 100644 --- a/plugins/dbms/mssqlserver/takeover.py +++ b/plugins/dbms/mssqlserver/takeover.py @@ -11,6 +11,7 @@ from lib.core.common import Backend from lib.core.data import logger from lib.core.exception import SqlmapUnsupportedFeatureException from lib.request import inject +from lib.utils.xrange import xrange from plugins.generic.takeover import Takeover as GenericTakeover class Takeover(GenericTakeover): diff --git a/plugins/dbms/mysql/filesystem.py b/plugins/dbms/mysql/filesystem.py index 808575f05..81e80dbc8 100644 --- a/plugins/dbms/mysql/filesystem.py +++ b/plugins/dbms/mysql/filesystem.py @@ -26,6 +26,7 @@ from lib.core.exception import SqlmapNoneDataException from lib.request import inject from lib.request.connect import Connect as Request from lib.techniques.union.use import unionUse +from lib.utils.xrange import xrange from plugins.generic.filesystem import Filesystem as GenericFilesystem class Filesystem(GenericFilesystem): diff --git a/plugins/dbms/mysql/fingerprint.py b/plugins/dbms/mysql/fingerprint.py index 56a8e269b..cc91c50a3 100644 --- a/plugins/dbms/mysql/fingerprint.py +++ b/plugins/dbms/mysql/fingerprint.py @@ -21,6 +21,7 @@ from lib.core.enums import OS from lib.core.session import setDbms from lib.core.settings import MYSQL_ALIASES from lib.request import inject +from lib.utils.xrange import xrange from plugins.generic.fingerprint import Fingerprint as GenericFingerprint class Fingerprint(GenericFingerprint): diff --git a/plugins/dbms/oracle/enumeration.py b/plugins/dbms/oracle/enumeration.py index 805831590..6825697fd 100644 --- a/plugins/dbms/oracle/enumeration.py +++ b/plugins/dbms/oracle/enumeration.py @@ -21,6 +21,7 @@ from lib.core.enums import EXPECTED from lib.core.enums import PAYLOAD from lib.core.exception import SqlmapNoneDataException from lib.request import inject +from lib.utils.xrange import xrange from plugins.generic.enumeration import Enumeration as GenericEnumeration class Enumeration(GenericEnumeration): diff --git a/plugins/dbms/oracle/syntax.py b/plugins/dbms/oracle/syntax.py index 71a43809c..fd407fb59 100644 --- a/plugins/dbms/oracle/syntax.py +++ b/plugins/dbms/oracle/syntax.py @@ -5,6 +5,7 @@ Copyright (c) 2006-2019 sqlmap developers (http://sqlmap.org/) See the file 'LICENSE' for copying permission """ +from lib.utils.xrange import xrange from plugins.generic.syntax import Syntax as GenericSyntax class Syntax(GenericSyntax): diff --git a/plugins/dbms/postgresql/filesystem.py b/plugins/dbms/postgresql/filesystem.py index bed8233b8..0b0045e82 100644 --- a/plugins/dbms/postgresql/filesystem.py +++ b/plugins/dbms/postgresql/filesystem.py @@ -12,6 +12,7 @@ from lib.core.data import logger from lib.core.exception import SqlmapUnsupportedFeatureException from lib.core.settings import LOBLKSIZE from lib.request import inject +from lib.utils.xrange import xrange from plugins.generic.filesystem import Filesystem as GenericFilesystem class Filesystem(GenericFilesystem): diff --git a/plugins/dbms/sybase/fingerprint.py b/plugins/dbms/sybase/fingerprint.py index 5e238a240..1904f6c58 100644 --- a/plugins/dbms/sybase/fingerprint.py +++ b/plugins/dbms/sybase/fingerprint.py @@ -16,6 +16,7 @@ from lib.core.enums import OS from lib.core.session import setDbms from lib.core.settings import SYBASE_ALIASES from lib.request import inject +from lib.utils.xrange import xrange from plugins.generic.fingerprint import Fingerprint as GenericFingerprint class Fingerprint(GenericFingerprint): diff --git a/plugins/dbms/sybase/syntax.py b/plugins/dbms/sybase/syntax.py index a0492a891..533d0ac2f 100644 --- a/plugins/dbms/sybase/syntax.py +++ b/plugins/dbms/sybase/syntax.py @@ -5,6 +5,7 @@ Copyright (c) 2006-2019 sqlmap developers (http://sqlmap.org/) See the file 'LICENSE' for copying permission """ +from lib.utils.xrange import xrange from plugins.generic.syntax import Syntax as GenericSyntax class Syntax(GenericSyntax): diff --git a/plugins/generic/filesystem.py b/plugins/generic/filesystem.py index b77a1f55e..497eb6964 100644 --- a/plugins/generic/filesystem.py +++ b/plugins/generic/filesystem.py @@ -31,6 +31,7 @@ from lib.core.exception import SqlmapUndefinedMethod from lib.core.settings import TAKEOVER_TABLE_PREFIX from lib.core.settings import UNICODE_ENCODING from lib.request import inject +from lib.utils.xrange import xrange class Filesystem: """ @@ -70,7 +71,7 @@ class Filesystem: sameFile = None if isNumPosStrValue(remoteFileSize): - remoteFileSize = long(remoteFileSize) + remoteFileSize = int(remoteFileSize) localFile = getUnicode(localFile, encoding=sys.getfilesystemencoding() or UNICODE_ENCODING) sameFile = False diff --git a/plugins/generic/users.py b/plugins/generic/users.py index 7909fd9db..e0d7d7ff8 100644 --- a/plugins/generic/users.py +++ b/plugins/generic/users.py @@ -42,6 +42,7 @@ from lib.request import inject from lib.utils.hash import attackCachedUsersPasswords from lib.utils.hash import storeHashesToFile from lib.utils.pivotdumptable import pivotDumpTable +from lib.utils.xrange import xrange class Users: """ diff --git a/tamper/ifnull2casewhenisnull.py b/tamper/ifnull2casewhenisnull.py index 6ddaf128e..4947da3d3 100644 --- a/tamper/ifnull2casewhenisnull.py +++ b/tamper/ifnull2casewhenisnull.py @@ -6,6 +6,7 @@ See the file 'doc/COPYING' for copying permission """ from lib.core.enums import PRIORITY +from lib.utils.xrange import xrange __priority__ = PRIORITY.HIGHEST diff --git a/tamper/ifnull2ifisnull.py b/tamper/ifnull2ifisnull.py index 125efd66f..770d6394f 100644 --- a/tamper/ifnull2ifisnull.py +++ b/tamper/ifnull2ifisnull.py @@ -6,6 +6,7 @@ See the file 'LICENSE' for copying permission """ from lib.core.enums import PRIORITY +from lib.utils.xrange import xrange __priority__ = PRIORITY.HIGHEST diff --git a/tamper/luanginx.py b/tamper/luanginx.py index bda883950..308ed9a3b 100644 --- a/tamper/luanginx.py +++ b/tamper/luanginx.py @@ -11,6 +11,7 @@ import random from lib.core.enums import HINT from lib.core.enums import PRIORITY from lib.core.settings import DEFAULT_GET_POST_DELIMITER +from lib.utils.xrange import xrange __priority__ = PRIORITY.NORMAL diff --git a/tamper/plus2concat.py b/tamper/plus2concat.py index 1304c9c5e..12dcc6ebb 100644 --- a/tamper/plus2concat.py +++ b/tamper/plus2concat.py @@ -12,6 +12,7 @@ from lib.core.common import singleTimeWarnMessage from lib.core.common import zeroDepthSearch from lib.core.enums import DBMS from lib.core.enums import PRIORITY +from lib.utils.xrange import xrange __priority__ = PRIORITY.HIGHEST diff --git a/tamper/plus2fnconcat.py b/tamper/plus2fnconcat.py index 4a1bca1e8..693443294 100644 --- a/tamper/plus2fnconcat.py +++ b/tamper/plus2fnconcat.py @@ -12,6 +12,7 @@ from lib.core.common import singleTimeWarnMessage from lib.core.common import zeroDepthSearch from lib.core.enums import DBMS from lib.core.enums import PRIORITY +from lib.utils.xrange import xrange __priority__ = PRIORITY.HIGHEST diff --git a/tamper/randomcase.py b/tamper/randomcase.py index 09303de33..c76452f7b 100644 --- a/tamper/randomcase.py +++ b/tamper/randomcase.py @@ -10,6 +10,7 @@ import re from lib.core.common import randomRange from lib.core.data import kb from lib.core.enums import PRIORITY +from lib.utils.xrange import xrange __priority__ = PRIORITY.NORMAL diff --git a/tamper/randomcomments.py b/tamper/randomcomments.py index 2b45d723c..871716241 100644 --- a/tamper/randomcomments.py +++ b/tamper/randomcomments.py @@ -10,6 +10,7 @@ import re from lib.core.common import randomRange from lib.core.data import kb from lib.core.enums import PRIORITY +from lib.utils.xrange import xrange __priority__ = PRIORITY.LOW diff --git a/tamper/space2comment.py b/tamper/space2comment.py index bd296db90..7b82b4178 100644 --- a/tamper/space2comment.py +++ b/tamper/space2comment.py @@ -6,6 +6,7 @@ See the file 'LICENSE' for copying permission """ from lib.core.enums import PRIORITY +from lib.utils.xrange import xrange __priority__ = PRIORITY.LOW diff --git a/tamper/space2dash.py b/tamper/space2dash.py index 970c71f08..90e941a5f 100644 --- a/tamper/space2dash.py +++ b/tamper/space2dash.py @@ -9,6 +9,7 @@ import random import string from lib.core.enums import PRIORITY +from lib.utils.xrange import xrange __priority__ = PRIORITY.LOW diff --git a/tamper/space2hash.py b/tamper/space2hash.py index ffc0fe06c..9b1aa50e6 100644 --- a/tamper/space2hash.py +++ b/tamper/space2hash.py @@ -12,6 +12,7 @@ import string from lib.core.common import singleTimeWarnMessage from lib.core.enums import DBMS from lib.core.enums import PRIORITY +from lib.utils.xrange import xrange __priority__ = PRIORITY.LOW diff --git a/tamper/space2morecomment.py b/tamper/space2morecomment.py index 379667382..848a9dae8 100644 --- a/tamper/space2morecomment.py +++ b/tamper/space2morecomment.py @@ -6,6 +6,7 @@ See the file 'LICENSE' for copying permission """ from lib.core.enums import PRIORITY +from lib.utils.xrange import xrange __priority__ = PRIORITY.LOW diff --git a/tamper/space2morehash.py b/tamper/space2morehash.py index b941feec1..93f8b43eb 100644 --- a/tamper/space2morehash.py +++ b/tamper/space2morehash.py @@ -15,6 +15,7 @@ from lib.core.data import kb from lib.core.enums import DBMS from lib.core.enums import PRIORITY from lib.core.settings import IGNORE_SPACE_AFFECTED_KEYWORDS +from lib.utils.xrange import xrange __priority__ = PRIORITY.LOW diff --git a/tamper/space2mssqlblank.py b/tamper/space2mssqlblank.py index b581984aa..754955f71 100644 --- a/tamper/space2mssqlblank.py +++ b/tamper/space2mssqlblank.py @@ -11,6 +11,7 @@ import random from lib.core.common import singleTimeWarnMessage from lib.core.enums import DBMS from lib.core.enums import PRIORITY +from lib.utils.xrange import xrange __priority__ = PRIORITY.LOW diff --git a/tamper/space2mssqlhash.py b/tamper/space2mssqlhash.py index 4d7796e18..f9d6f75d0 100644 --- a/tamper/space2mssqlhash.py +++ b/tamper/space2mssqlhash.py @@ -6,6 +6,7 @@ See the file 'LICENSE' for copying permission """ from lib.core.enums import PRIORITY +from lib.utils.xrange import xrange __priority__ = PRIORITY.LOW diff --git a/tamper/space2mysqlblank.py b/tamper/space2mysqlblank.py index aca3bf978..83742a180 100644 --- a/tamper/space2mysqlblank.py +++ b/tamper/space2mysqlblank.py @@ -11,6 +11,7 @@ import random from lib.core.common import singleTimeWarnMessage from lib.core.enums import DBMS from lib.core.enums import PRIORITY +from lib.utils.xrange import xrange __priority__ = PRIORITY.LOW diff --git a/tamper/space2mysqldash.py b/tamper/space2mysqldash.py index 72ca303b8..26284e051 100644 --- a/tamper/space2mysqldash.py +++ b/tamper/space2mysqldash.py @@ -10,6 +10,7 @@ import os from lib.core.common import singleTimeWarnMessage from lib.core.enums import DBMS from lib.core.enums import PRIORITY +from lib.utils.xrange import xrange __priority__ = PRIORITY.LOW diff --git a/tamper/space2plus.py b/tamper/space2plus.py index d14201a20..df8ce1c87 100644 --- a/tamper/space2plus.py +++ b/tamper/space2plus.py @@ -6,6 +6,7 @@ See the file 'LICENSE' for copying permission """ from lib.core.enums import PRIORITY +from lib.utils.xrange import xrange __priority__ = PRIORITY.LOW diff --git a/tamper/space2randomblank.py b/tamper/space2randomblank.py index 15623fa6a..e6271cb1e 100644 --- a/tamper/space2randomblank.py +++ b/tamper/space2randomblank.py @@ -8,6 +8,7 @@ See the file 'LICENSE' for copying permission import random from lib.core.enums import PRIORITY +from lib.utils.xrange import xrange __priority__ = PRIORITY.LOW diff --git a/tamper/unmagicquotes.py b/tamper/unmagicquotes.py index 1b45bcfdd..cb86e7820 100644 --- a/tamper/unmagicquotes.py +++ b/tamper/unmagicquotes.py @@ -8,6 +8,7 @@ See the file 'LICENSE' for copying permission import re from lib.core.enums import PRIORITY +from lib.utils.xrange import xrange __priority__ = PRIORITY.NORMAL diff --git a/tamper/xforwardedfor.py b/tamper/xforwardedfor.py index e3b331118..4bbbae5f4 100644 --- a/tamper/xforwardedfor.py +++ b/tamper/xforwardedfor.py @@ -5,8 +5,11 @@ Copyright (c) 2006-2019 sqlmap developers (http://sqlmap.org/) See the file 'LICENSE' for copying permission """ +import random + from lib.core.enums import PRIORITY -from random import sample +from lib.utils.xrange import xrange + __priority__ = PRIORITY.NORMAL def dependencies(): @@ -16,7 +19,7 @@ def randomIP(): numbers = [] while not numbers or numbers[0] in (10, 172, 192): - numbers = sample(xrange(1, 255), 4) + numbers = random.sample(xrange(1, 255), 4) return '.'.join(str(_) for _ in numbers) diff --git a/thirdparty/beautifulsoup/beautifulsoup.py b/thirdparty/beautifulsoup/beautifulsoup.py index b6910f27c..347118990 100644 --- a/thirdparty/beautifulsoup/beautifulsoup.py +++ b/thirdparty/beautifulsoup/beautifulsoup.py @@ -87,6 +87,10 @@ __license__ = "New-style BSD" import codecs import types import re +import sys + +if sys.version_info.major > 2: + xrange = range try: from htmlentitydefs import name2codepoint diff --git a/thirdparty/chardet/eucjpprober.py b/thirdparty/chardet/eucjpprober.py index 2d5b2701c..2d4944c27 100644 --- a/thirdparty/chardet/eucjpprober.py +++ b/thirdparty/chardet/eucjpprober.py @@ -33,6 +33,8 @@ from .chardistribution import EUCJPDistributionAnalysis from .jpcntx import EUCJPContextAnalysis from .mbcssm import EUCJPSMModel +if sys.version_info.major > 2: + xrange = range class EUCJPProber(MultiByteCharSetProber): def __init__(self): diff --git a/thirdparty/chardet/mbcharsetprober.py b/thirdparty/chardet/mbcharsetprober.py index c98cc6228..45487f2d0 100644 --- a/thirdparty/chardet/mbcharsetprober.py +++ b/thirdparty/chardet/mbcharsetprober.py @@ -31,6 +31,8 @@ import sys from . import constants from .charsetprober import CharSetProber +if sys.version_info.major > 2: + xrange = range class MultiByteCharSetProber(CharSetProber): def __init__(self): diff --git a/thirdparty/chardet/sjisprober.py b/thirdparty/chardet/sjisprober.py index 4edb6df9b..98d6ecac8 100644 --- a/thirdparty/chardet/sjisprober.py +++ b/thirdparty/chardet/sjisprober.py @@ -33,6 +33,8 @@ from .jpcntx import SJISContextAnalysis from .mbcssm import SJISSMModel from . import constants +if sys.version_info.major > 2: + xrange = range class SJISProber(MultiByteCharSetProber): def __init__(self): diff --git a/thirdparty/chardet/utf8prober.py b/thirdparty/chardet/utf8prober.py index 42d32ec3a..edbac1200 100644 --- a/thirdparty/chardet/utf8prober.py +++ b/thirdparty/chardet/utf8prober.py @@ -25,11 +25,15 @@ # 02110-1301 USA ######################### END LICENSE BLOCK ######################### +import sys from . import constants from .charsetprober import CharSetProber from .codingstatemachine import CodingStateMachine from .mbcssm import UTF8SMModel +if sys.version_info.major > 2: + xrange = range + ONE_CHAR_PROB = 0.5 diff --git a/thirdparty/clientform/clientform.py b/thirdparty/clientform/clientform.py index 46b6f18f2..808973632 100644 --- a/thirdparty/clientform/clientform.py +++ b/thirdparty/clientform/clientform.py @@ -109,6 +109,9 @@ except ImportError: import sys, types, copy, re, random +if sys.version_info.major > 2: + xrange = range + # monkeypatch to fix http://www.python.org/sf/803422 :-( sgmllib.charref = re.compile("&#(x?[0-9a-fA-F]+)[^0-9a-fA-F]") diff --git a/thirdparty/fcrypt/fcrypt.py b/thirdparty/fcrypt/fcrypt.py index bd6c970ba..c7ff3d063 100644 --- a/thirdparty/fcrypt/fcrypt.py +++ b/thirdparty/fcrypt/fcrypt.py @@ -119,8 +119,10 @@ __all__ = ['crypt'] # ----- END fcrypt.c LICENSE ----- -import string, struct +import string, struct, sys +if sys.version_info.major > 2: + xrange = range _ITERATIONS = 16 diff --git a/thirdparty/gprof2dot/gprof2dot.py b/thirdparty/gprof2dot/gprof2dot.py index acb7b95e8..c907cbda4 100644 --- a/thirdparty/gprof2dot/gprof2dot.py +++ b/thirdparty/gprof2dot/gprof2dot.py @@ -29,8 +29,11 @@ import os.path import re import textwrap import optparse +import sys import xml.parsers.expat +if sys.version_info.major > 2: + xrange = range try: # Debugging helper module diff --git a/thirdparty/keepalive/keepalive.py b/thirdparty/keepalive/keepalive.py index 248f9686c..784925523 100644 --- a/thirdparty/keepalive/keepalive.py +++ b/thirdparty/keepalive/keepalive.py @@ -113,7 +113,7 @@ except ImportError: from six.moves import urllib as _urllib import socket -import thread +import threading DEBUG = None @@ -127,7 +127,7 @@ class ConnectionManager: * keep track of all existing """ def __init__(self): - self._lock = thread.allocate_lock() + self._lock = threading.Lock() self._hostmap = {} # map hosts to a list of connections self._connmap = {} # map connections to host self._readymap = {} # map connection to ready state diff --git a/thirdparty/xdot/xdot.py b/thirdparty/xdot/xdot.py index beb536442..edbb486b7 100644 --- a/thirdparty/xdot/xdot.py +++ b/thirdparty/xdot/xdot.py @@ -29,6 +29,7 @@ import colorsys import time import re import optparse +import sys import gobject import gtk @@ -38,6 +39,8 @@ import cairo import pango import pangocairo +if sys.version_info.major > 2: + xrange = range # See http://www.graphviz.org/pub/scm/graphviz-cairo/plugin/cairo/gvrender_cairo.c