sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-02-04 05:34:12 +03:00
Code Issues Packages Projects Releases Wiki Activity

Adding more info if --vuln fails

Browse Source
This commit is contained in:
Miroslav Stampar 2019-05-09 16:38:44 +02:00
parent 3f91f025db
commit 4b7f27263b
2 changed files with 6 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/core/settings.py
View File

@ -18,7 +18,7 @@ from lib.core.enums import OS
from thirdparty import six from thirdparty import six
# sqlmap version (<major>.<minor>.<month>.<monthly commit>) # sqlmap version (<major>.<minor>.<month>.<monthly commit>)
VERSION = "1.3.5.74" VERSION = "1.3.5.75"
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable" TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34} TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE) VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)

6
lib/core/testing.py
View File

@ -21,6 +21,7 @@ import traceback
from extra.beep.beep import beep from extra.beep.beep import beep
from extra.vulnserver import vulnserver from extra.vulnserver import vulnserver
from lib.controller.controller import start from lib.controller.controller import start
from lib.core.common import clearColors
from lib.core.common import clearConsoleLine from lib.core.common import clearConsoleLine
from lib.core.common import dataToStdout from lib.core.common import dataToStdout
from lib.core.common import randomStr from lib.core.common import randomStr
@ -77,10 +78,13 @@ def vulnTest():
("--technique=B --hex --fresh-queries --threads=4 --sql-query='SELECT 987654321'", ("length of query output", ": '987654321'",)), ("--technique=B --hex --fresh-queries --threads=4 --sql-query='SELECT 987654321'", ("length of query output", ": '987654321'",)),
("--technique=T --fresh-queries --sql-query='SELECT 1234'", (": '1234'",)), ("--technique=T --fresh-queries --sql-query='SELECT 1234'", (": '1234'",)),
): ):
output = shellExec("%s %s -u http://%s:%d/?id=1 --batch %s" % (sys.executable, os.path.join(os.path.dirname(__file__), "..", "..", "sqlmap.py"), address, port, options)) cmd = "%s %s -u http://%s:%d/?id=1 --batch %s" % (sys.executable, os.path.join(os.path.dirname(__file__), "..", "..", "sqlmap.py"), address, port, options)
output = shellExec(cmd)
output = getUnicode(output) output = getUnicode(output)
if not all(check in output for check in checks): if not all(check in output for check in checks):
dataToStdout("---\n\n$ %s\n" % cmd)
dataToStdout("%s---\n" % clearColors(output))
retVal = False retVal = False
count += 1 count += 1