asking and skipping to the next google result page if no usable links found

2025-04-16 23:22:02 +03:00 · 2011-06-07 23:24:17 +00:00 · 2011-06-07 23:24:17 +00:00 · 4eeeb3655e
commit 4eeeb3655e
parent 1c633b7351
2 changed files with 32 additions and 20 deletions
--- a/lib/core/option.py
+++ b/lib/core/option.py
@ -420,31 +420,43 @@ def __setGoogleDorking():
    googleObj = Google(handlers)
    googleObj.getCookie()

-    matches = googleObj.search(conf.googleDork)
+    def search():
+        matches = googleObj.search(conf.googleDork)

-    if not matches:
-        errMsg = "unable to find results for your "
-        errMsg += "Google dork expression"
-        raise sqlmapGenericException, errMsg
+        if not matches:
+            errMsg = "unable to find results for your "
+            errMsg += "Google dork expression"
+            raise sqlmapGenericException, errMsg

-    googleObj.getTargetUrls()
+        googleObj.getTargetUrls()
+        return matches

-    if kb.targetUrls:
-        infoMsg = "sqlmap got %d results for your " % len(matches)
-        infoMsg += "Google dork expression, "
+    while True:
+        matches = search()
+        if kb.targetUrls:
+            infoMsg = "sqlmap got %d results for your " % len(matches)
+            infoMsg += "Google dork expression, "
+
+            if len(matches) == len(kb.targetUrls):
+                infoMsg += "all "
+            else:
+                infoMsg += "%d " % len(kb.targetUrls)
+
+            infoMsg += "of them are testable targets"
+            logger.info(infoMsg)
+            break

-        if len(matches) == len(kb.targetUrls):
-            infoMsg += "all "
        else:
-            infoMsg += "%d " % len(kb.targetUrls)
+            message = "sqlmap got %d results " % len(matches)
+            message += "for your Google dork expression, but none of them "
+            message += "have GET parameters to test for SQL injection. "
+            message += "do you want to skip to the next result page? [Y/n]"
+            test = readInput(message, default="Y")

-        infoMsg += "of them are testable targets"
-        logger.info(infoMsg)
-    else:
-        errMsg = "sqlmap got %d results " % len(matches)
-        errMsg += "for your Google dork expression, but none of them "
-        errMsg += "have GET parameters to test for SQL injection"
-        raise sqlmapGenericException, errMsg
+            if test[0] in ("n", "N"):
+                raise sqlmapSilentQuitException
+            else:
+                conf.googlePage += 1

 def __setBulkMultipleTargets():
    if not conf.bulkFile:
--- a/lib/parse/cmdline.py
+++ b/lib/parse/cmdline.py
@ -503,7 +503,7 @@ def cmdLineParser():
                                  action="store_true", default=False,
                                  help="Parse and test forms on target url")

-        miscellaneous.add_option("--gpage", dest="googlePage", type="int",
+        miscellaneous.add_option("--gpage", dest="googlePage", default=1, type="int",
                                  help="Use Google dork results from specified page number")

        miscellaneous.add_option("--mobile", dest="mobile",