From 526aacb640f9ac2e9be07084c031467e82e3ba8b Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Wed, 21 Dec 2011 22:59:23 +0000 Subject: [PATCH] code cleanup --- extra/icmpsh/icmpsh_m.py | 2 +- extra/shutils/duplicates.py | 39 +++++++++++++++---------------- extra/socks/socks.py | 1 - lib/core/agent.py | 2 +- lib/core/common.py | 9 +++---- lib/core/settings.py | 2 -- lib/request/comparison.py | 2 -- lib/request/connect.py | 6 +++-- lib/techniques/blind/inference.py | 1 - lib/techniques/union/test.py | 11 ++++----- lib/techniques/union/use.py | 1 - lib/utils/hashdb.py | 2 +- plugins/generic/enumeration.py | 2 +- tamper/securesphere.py | 2 -- tamper/space2dash.py | 1 - tamper/space2mssqlhash.py | 2 -- tamper/unmagicquotes.py | 2 -- 17 files changed, 35 insertions(+), 52 deletions(-) diff --git a/extra/icmpsh/icmpsh_m.py b/extra/icmpsh/icmpsh_m.py index 9bd5acfc7..36fe44982 100755 --- a/extra/icmpsh/icmpsh_m.py +++ b/extra/icmpsh/icmpsh_m.py @@ -57,7 +57,7 @@ def main(src, dst): # with the returned data try: sock = socket.socket(socket.AF_INET, socket.SOCK_RAW, socket.IPPROTO_ICMP) - except socket.error, e: + except socket.error: sys.stderr.write('You need to run icmpsh master with administrator privileges\n') sys.exit(1) diff --git a/extra/shutils/duplicates.py b/extra/shutils/duplicates.py index 2181aa7af..e12ca0702 100644 --- a/extra/shutils/duplicates.py +++ b/extra/shutils/duplicates.py @@ -1,11 +1,11 @@ #!/usr/bin/env python + """ $Id$ Copyright (c) 2006-2011 sqlmap developers (http://www.sqlmap.org/) See the file 'doc/COPYING' for copying permission -""" # Removes duplicate entries in wordlist like files @@ -13,25 +13,24 @@ import sys if len(sys.argv) > 0: - items = list() - f = open(sys.argv[1], 'r') +items = list() +f = open(sys.argv[1], 'r') - for item in f.readlines(): - item = item.strip() - try: - str.encode(item) - if item in items: - if item: - print item - else: - items.append(item) +for item in f.readlines(): +item = item.strip() +try: +str.encode(item) +if item in items: +if item: +print item +else: +items.append(item) - if not item: - items.append('') - except: - pass - f.close() +if not item: +items.append('') +except: +pass +f.close() - f = open(sys.argv[1], 'w+') - f.writelines("\n".join(items)) - f.close() +f = open(sys.argv[1], 'w+') +f.writelines("\n".join(items)) \ No newline at end of file diff --git a/extra/socks/socks.py b/extra/socks/socks.py index 3bb9126ea..1e1d1a884 100644 --- a/extra/socks/socks.py +++ b/extra/socks/socks.py @@ -46,7 +46,6 @@ mainly to merge bug fixes found in Sourceforge import socket import struct -import sys PROXY_TYPE_SOCKS4 = 1 PROXY_TYPE_SOCKS5 = 2 diff --git a/lib/core/agent.py b/lib/core/agent.py index 43841febd..ee8178d14 100644 --- a/lib/core/agent.py +++ b/lib/core/agent.py @@ -559,7 +559,7 @@ class Agent: inbandQuery = self.prefixQuery("UNION ALL SELECT ", prefix=prefix) if limited: - inbandQuery += ",".join(map(lambda x: char if x != position else '(SELECT %s)' % query, xrange(0, count))) + inbandQuery += ",".join(char if _ != position else '(SELECT %s)' % query for _ in xrange(0, count)) inbandQuery += FROM_TABLE.get(Backend.getIdentifiedDbms(), "") inbandQuery = self.suffixQuery(inbandQuery, comment, suffix) diff --git a/lib/core/common.py b/lib/core/common.py index 9e049499a..8c3db4a12 100644 --- a/lib/core/common.py +++ b/lib/core/common.py @@ -2346,15 +2346,12 @@ def findDynamicContent(firstPage, secondPage): kb.dynamicMarkings = [] # Removing too small matching blocks - while block in blocks[:]: + for block in blocks[:]: (_, _, length) = block if length <= DYNAMICITY_MARK_LENGTH: blocks.remove(block) - else: - i += 1 - # Making of dynamic markings based on prefix/suffix principle if len(blocks) > 0: blocks.insert(0, None) @@ -2965,7 +2962,7 @@ def safeCSValue(value): if retVal and isinstance(retVal, basestring): if not (retVal[0] == retVal[-1] == '"'): - if any(map(lambda x: x in retVal, (conf.csvDel, '"', '\n'))): + if any(_ in retVal for _ in (conf.csvDel, '"', '\n')): retVal = '"%s"' % retVal.replace('"', '""') return retVal @@ -3124,7 +3121,7 @@ def findPageForms(content, url, raise_=False, addToTargets=False): def getHostHeader(url): retVal = urlparse.urlparse(url).netloc - if any(map(lambda x: retVal.endswith(':%d' % x), [80, 443])): + if any(retVal.endswith(':%d' % _) for _ in [80, 443]): retVal = retVal.split(':')[0] return retVal diff --git a/lib/core/settings.py b/lib/core/settings.py index 55d2671ff..64092edff 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -9,8 +9,6 @@ See the file 'doc/COPYING' for copying permission import logging import os -import _socket -import socket import subprocess import sys diff --git a/lib/request/comparison.py b/lib/request/comparison.py index a39cef43a..bd93beae8 100644 --- a/lib/request/comparison.py +++ b/lib/request/comparison.py @@ -32,8 +32,6 @@ def comparison(page, headers, code=None, getRatioValue=False, pageLength=None): if page is None and pageLength is None: return None - regExpResults = None - seqMatcher = getCurrentThreadData().seqMatcher seqMatcher.set_seq1(kb.pageTemplate) diff --git a/lib/request/connect.py b/lib/request/connect.py index 3a2ac424f..5c4bf3508 100644 --- a/lib/request/connect.py +++ b/lib/request/connect.py @@ -339,7 +339,9 @@ class Connect: return conn, None, None # Get HTTP response - page = conn.read() if page is None else page + if page is None: + page = conn.read() + code = redirecting or conn.code responseHeaders = conn.info() responseHeaders[URI_HTTP_HEADER] = conn.geturl() @@ -486,7 +488,7 @@ class Connect: if "forcibly closed" in tbMsg: logger.critical(warnMsg) return None, None, None - elif silent or (ignoreTimeout and any(map(lambda x: x in tbMsg, ["timed out", "IncompleteRead"]))): + elif silent or (ignoreTimeout and any(_ in tbMsg for _ in ("timed out", "IncompleteRead"))): return None, None, None elif threadData.retriesCount < conf.retries and not kb.threadException and not conf.realTest: warnMsg += ", sqlmap is going to retry the request" diff --git a/lib/techniques/blind/inference.py b/lib/techniques/blind/inference.py index 54c399313..498945160 100644 --- a/lib/techniques/blind/inference.py +++ b/lib/techniques/blind/inference.py @@ -102,7 +102,6 @@ def bisection(payload, expression, length=None, charsetType=None, firstChar=None showEta = conf.eta and isinstance(length, int) numThreads = min(conf.threads, length) - threads = [] if showEta: progress = ProgressBar(maxValue=length) diff --git a/lib/techniques/union/test.py b/lib/techniques/union/test.py index 0dcb5d1e0..64ae094c1 100644 --- a/lib/techniques/union/test.py +++ b/lib/techniques/union/test.py @@ -161,7 +161,7 @@ def __findUnionCharCount(comment, place, parameter, value, prefix, suffix, where return retVal -def __unionPosition(comment, place, parameter, value, prefix, suffix, count, where=PAYLOAD.WHERE.ORIGINAL): +def __unionPosition(comment, place, parameter, prefix, suffix, count, where=PAYLOAD.WHERE.ORIGINAL): validPayload = None vector = None @@ -224,18 +224,18 @@ def __unionPosition(comment, place, parameter, value, prefix, suffix, count, whe return validPayload, vector -def __unionConfirm(comment, place, parameter, value, prefix, suffix, count): +def __unionConfirm(comment, place, parameter, prefix, suffix, count): validPayload = None vector = None # Confirm the inband SQL injection and get the exact column # position which can be used to extract data - validPayload, vector = __unionPosition(comment, place, parameter, value, prefix, suffix, count) + validPayload, vector = __unionPosition(comment, place, parameter, prefix, suffix, count) # Assure that the above function found the exploitable full inband # SQL injection position if not validPayload: - validPayload, vector = __unionPosition(comment, place, parameter, value, prefix, suffix, count, where=PAYLOAD.WHERE.NEGATIVE) + validPayload, vector = __unionPosition(comment, place, parameter, prefix, suffix, count, where=PAYLOAD.WHERE.NEGATIVE) return validPayload, vector @@ -249,7 +249,6 @@ def __unionTestByCharBruteforce(comment, place, parameter, value, prefix, suffix validPayload = None vector = None query = agent.prefixQuery("UNION ALL SELECT %s" % kb.uChar) - total = conf.uColsStop+1 - conf.uColsStart # In case that user explicitly stated number of columns affected if conf.uColsStop == conf.uColsStart: @@ -267,7 +266,7 @@ def __unionTestByCharBruteforce(comment, place, parameter, value, prefix, suffix if Backend.getIdentifiedDbms() in FROM_TABLE: query += FROM_TABLE[Backend.getIdentifiedDbms()] - validPayload, vector = __unionConfirm(comment, place, parameter, value, prefix, suffix, count) + validPayload, vector = __unionConfirm(comment, place, parameter, prefix, suffix, count) if not all([validPayload, vector]) and not all([conf.uChar, conf.dbms]): warnMsg = "if UNION based SQL injection is not detected, " diff --git a/lib/techniques/union/use.py b/lib/techniques/union/use.py index a00434423..86c68fbd6 100644 --- a/lib/techniques/union/use.py +++ b/lib/techniques/union/use.py @@ -145,7 +145,6 @@ def unionUse(expression, unpack=True, dump=False): origExpr = expression startLimit = 0 stopLimit = None - test = True value = "" width = getConsoleWidth() diff --git a/lib/utils/hashdb.py b/lib/utils/hashdb.py index 1e30a1445..262b45bc6 100644 --- a/lib/utils/hashdb.py +++ b/lib/utils/hashdb.py @@ -118,7 +118,7 @@ class HashDB(object): if threadData.inTransaction: try: self.cursor.execute('END TRANSACTION') - except sqlite3.OperationalError, ex: + except sqlite3.OperationalError: pass finally: threadData.inTransaction = False diff --git a/plugins/generic/enumeration.py b/plugins/generic/enumeration.py index 606fe972c..011551fbe 100644 --- a/plugins/generic/enumeration.py +++ b/plugins/generic/enumeration.py @@ -1594,7 +1594,7 @@ class Enumeration: randStr, randStr2 = randomStr(), randomStr() filterFunction = "REPLACE(REPLACE(IFNULL(%s, ' '),'%s','%s'),'%s','%s')"\ % ('%s', CONCAT_VALUE_DELIMITER, randStr, CONCAT_ROW_DELIMITER, randStr2) - concats = ",".join(map(lambda x: "CONCAT(%s, '|')" % (filterFunction % x), colList[:-1])) + concats = ",".join("CONCAT(%s, '|')" % (filterFunction % _) for _ in colList[:-1]) concats += ",%s" % (filterFunction % colList[-1]) query = "SELECT GROUP_CONCAT(%s) FROM %s.%s" % (concats, conf.db, tbl) value = inject.getValue(query, blind=False) diff --git a/tamper/securesphere.py b/tamper/securesphere.py index f9e9ccd03..06d787ac3 100644 --- a/tamper/securesphere.py +++ b/tamper/securesphere.py @@ -7,8 +7,6 @@ Copyright (c) 2006-2011 sqlmap developers (http://www.sqlmap.org/) See the file 'doc/COPYING' for copying permission """ -import re - from lib.core.common import randomRange from lib.core.data import kb from lib.core.enums import PRIORITY diff --git a/tamper/space2dash.py b/tamper/space2dash.py index 62b065d3c..c50f15997 100644 --- a/tamper/space2dash.py +++ b/tamper/space2dash.py @@ -7,7 +7,6 @@ Copyright (c) 2006-2011 sqlmap developers (http://www.sqlmap.org/) See the file 'doc/COPYING' for copying permission """ -import os import random import string diff --git a/tamper/space2mssqlhash.py b/tamper/space2mssqlhash.py index a7db9fb5a..ec5d66590 100644 --- a/tamper/space2mssqlhash.py +++ b/tamper/space2mssqlhash.py @@ -7,8 +7,6 @@ Copyright (c) 2006-2011 sqlmap developers (http://www.sqlmap.org/) See the file 'doc/COPYING' for copying permission """ -import os - from lib.core.common import singleTimeWarnMessage from lib.core.enums import DBMS from lib.core.enums import PRIORITY diff --git a/tamper/unmagicquotes.py b/tamper/unmagicquotes.py index 98b588d7d..2af530ac4 100644 --- a/tamper/unmagicquotes.py +++ b/tamper/unmagicquotes.py @@ -8,8 +8,6 @@ See the file 'doc/COPYING' for copying permission """ import re -import os -import random from lib.core.common import singleTimeWarnMessage from lib.core.enums import DBMS