From 5097a2c79eb4664e52f1115ff53f54883bdfda54 Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Fri, 15 Jul 2016 00:33:33 +0200 Subject: [PATCH] Less timeout error messages (because of server dropping of non-active connections) --- lib/core/option.py | 21 ++++++++++++++++----- lib/core/settings.py | 5 ++++- 2 files changed, 20 insertions(+), 6 deletions(-) diff --git a/lib/core/option.py b/lib/core/option.py index f8b91b348..0f56fd6ac 100644 --- a/lib/core/option.py +++ b/lib/core/option.py @@ -120,6 +120,7 @@ from lib.core.settings import MAX_CONNECT_RETRIES from lib.core.settings import MAX_NUMBER_OF_THREADS from lib.core.settings import NULL from lib.core.settings import PARAMETER_SPLITTING_REGEX +from lib.core.settings import PRECONNECT_CANDIDATE_TIMEOUT from lib.core.settings import PROBLEMATIC_CUSTOM_INJECTION_PATTERNS from lib.core.settings import SITE from lib.core.settings import SOCKET_PRE_CONNECT_QUEUE_SIZE @@ -1039,7 +1040,7 @@ def _setSocketPreConnect(): s = socket.socket(family, type, proto) s._connect(address) with kb.locks.socket: - socket._ready[key].append(s._sock) + socket._ready[key].append((s._sock, time.time())) except KeyboardInterrupt: break except: @@ -1054,9 +1055,17 @@ def _setSocketPreConnect(): with kb.locks.socket: if key not in socket._ready: socket._ready[key] = [] - if len(socket._ready[key]) > 0: - self._sock = socket._ready[key].pop(0) - found = True + while len(socket._ready[key]) > 0: + candidate, created = socket._ready[key].pop(0) + if (time.time() - created) < PRECONNECT_CANDIDATE_TIMEOUT: + self._sock = candidate + found = True + break + else: + try: + candidate.close() + except socket.error: + pass if not found: self._connect(address) @@ -2282,6 +2291,7 @@ def _setTorHttpProxySettings(): infoMsg = "setting Tor HTTP proxy settings" logger.info(infoMsg) + s = None found = None for port in (DEFAULT_TOR_HTTP_PORTS if not conf.torPort else (conf.torPort,)): @@ -2293,7 +2303,8 @@ def _setTorHttpProxySettings(): except socket.error: pass - s.close() + if s: + s.close() if found: conf.proxy = "http://%s:%d" % (LOCALHOST, found) diff --git a/lib/core/settings.py b/lib/core/settings.py index c9e092330..41eaac7c3 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -19,7 +19,7 @@ from lib.core.enums import OS from lib.core.revision import getRevisionNumber # sqlmap version (...) -VERSION = "1.0.7.21" +VERSION = "1.0.7.22" REVISION = getRevisionNumber() STABLE = VERSION.count('.') <= 2 VERSION_STRING = "sqlmap/%s#%s" % (VERSION, "stable" if STABLE else "dev") @@ -81,6 +81,9 @@ PERMISSION_DENIED_REGEX = r"(command|permission|access)\s*(was|is)?\s*denied" # Regular expression used for recognition of generic maximum connection messages MAX_CONNECTIONS_REGEX = r"max.+connections" +# Timeout before the pre-connection candidate is being disposed (because of high probability that the web server will reset it) +PRECONNECT_CANDIDATE_TIMEOUT = 10 + # Regular expression used for extracting results from Google search GOOGLE_REGEX = r"webcache\.googleusercontent\.com/search\?q=cache:[^:]+:([^+]+)\+&cd=|url\?\w+=((?![^>]+webcache\.googleusercontent\.com)http[^>]+)&(sa=U|rct=j)"