Implementation for an Issue #292

2024-11-22 09:36:35 +03:00 · 2012-12-11 12:02:06 +01:00 · 2012-12-11 12:02:06 +01:00 · 562044577b
commit 562044577b
parent 9e38ccbc3d
10 changed files with 113 additions and 50 deletions
--- a/extra/beep/init.py
+++ b/extra/beep/init.py
@ -0,0 +1,8 @@
+#!/usr/bin/env python
+
+"""
+Copyright (c) 2006-2012 sqlmap developers (http://sqlmap.org/)
+See the file 'doc/COPYING' for copying permission
+"""
+
+pass
--- a/extra/beep/beep.py
+++ b/extra/beep/beep.py
@ -0,0 +1,92 @@
+#!/usr/bin/env python
+
+"""
+beep.py - Make a beep sound
+
+Copyright (c) 2006-2012 sqlmap developers (http://sqlmap.org/)
+See the file 'doc/COPYING' for copying permission
+"""
+
+import os
+import subprocess
+import sys
+import wave
+
+BEEP_WAV_FILENAME = os.path.join(os.path.dirname(__file__), "beep.wav")
+
+def beep():
+    try:
+        if subprocess.mswindows:
+            _win_wav_play(BEEP_WAV_FILENAME)
+        elif sys.platform == "darwin":
+            _mac_beep()
+        elif sys.platform == "linux2":
+            _linux_wav_play(BEEP_WAV_FILENAME)
+        else:
+            _speaker_beep()
+    except Exception:
+        _speaker_beep()
+
+def _speaker_beep():
+    sys.stdout.write('\a')  # doesn't work on modern Linux systems
+
+    try:
+        sys.stdout.flush()
+    except IOError:
+        pass
+
+def _mac_beep():
+    import Carbon.Snd
+    Carbon.Snd.SysBeep(1)
+
+def _win_wav_play(filename):
+    import winsound
+
+    winsound.PlaySound(filename, winsound.SND_FILENAME)
+
+def _linux_wav_play(filename):
+    import ctypes
+
+    PA_STREAM_PLAYBACK = 1
+    PA_SAMPLE_S16LE = 3
+    BUFFSIZE = 1024
+
+    class struct_pa_sample_spec(ctypes.Structure):
+        _fields_ = [("format", ctypes.c_int), ("rate", ctypes.c_uint32), ("channels", ctypes.c_uint8)]
+
+    pa = ctypes.cdll.LoadLibrary("libpulse-simple.so.0")
+
+    wave_file = wave.open(filename, "rb")
+
+    pa_sample_spec = struct_pa_sample_spec()
+    pa_sample_spec.rate = wave_file.getframerate()
+    pa_sample_spec.channels = wave_file.getnchannels()
+    pa_sample_spec.format = PA_SAMPLE_S16LE
+
+    error = ctypes.c_int(0)
+
+    pa_stream = pa.pa_simple_new(None, filename, PA_STREAM_PLAYBACK, None, "playback", ctypes.byref(pa_sample_spec), None, None, ctypes.byref(error))
+    if not pa_stream:
+        raise Exception("Could not create pulse audio stream: %s" % pa.strerror(ctypes.byref(error)))
+
+    while True:
+        latency = pa.pa_simple_get_latency(pa_stream, error)
+        if latency == -1:
+            raise Exception("Getting latency failed")
+
+        buf = wave_file.readframes(BUFFSIZE)
+        if not buf:
+            break
+
+        if pa.pa_simple_write(pa_stream, buf, len(buf), error):
+            raise Exception("Could not play file")
+
+    wave_file.close()
+
+    if pa.pa_simple_drain(pa_stream, error):
+        raise Exception("Could not simple drain")
+
+    pa.pa_simple_free(pa_stream)
+
+if __name__ == "__main__":
+    beep()
--- a/extra/beep/beep.wav
+++ b/extra/beep/beep.wav
--- a/lib/controller/checks.py
+++ b/lib/controller/checks.py
@ -12,10 +12,10 @@ import re
 import socket
 import time

+from extra.beep.beep import beep
 from lib.core.agent import agent
 from lib.core.common import arrayizeValue
 from lib.core.common import Backend
-from lib.core.common import beep
 from lib.core.common import extractRegexResult
 from lib.core.common import extractTextTagContent
 from lib.core.common import findDynamicContent
--- a/lib/core/common.py
+++ b/lib/core/common.py
@ -2046,50 +2046,6 @@ def urlencode(value, safe="%&=", convall=False, limit=False):

    return result

-def beep():
-    """
-    Does an audible beep sound
-    Reference: http://de3.aminet.net/dev/src/clr.py.txt
-    """
-
-    def _failsafe():
-        dataToStdout('\a', True)
-
-    if sys.platform == 'linux2':
-        for dev in ('/dev/audio', '/dev/oss', '/dev/dsp', '/dev/sound'):
-            if os.path.exists(dev):
-                try:
-                    audio = file(dev, 'wb')
-
-                    for _ in xrange(250):
-                        audio.write(chr(32) * 4)
-                        audio.write(chr(0) * 4)
-
-                    audio.close()
-                    return
-                except:
-                    pass
-
-        try:
-            import curses
-            curses.initscr()
-            curses.beep()
-            curses.flash()
-            curses.endwin()
-            return
-        except:
-            _failsafe()
-
-    elif sys.platform == 'darwin':
-        try:
-            import Carbon.Snd
-            Carbon.Snd.SysBeep(1)
-        except:
-            _failsafe()
-
-    else:
-        _failsafe()
-
 def runningAsAdmin():
    """
    Returns True if the current process is run under admin privileges
--- a/lib/core/optiondict.py
+++ b/lib/core/optiondict.py
@ -192,6 +192,7 @@ optDict = {
            "Miscellaneous": {
                               "mnemonics":         "string",
                               "answers":           "string",
+                               "beep":              "boolean",
                               "checkPayload":      "boolean",
                               "cleanup":           "boolean",
                               "dependencies":      "boolean",
--- a/lib/core/testing.py
+++ b/lib/core/testing.py
@ -13,8 +13,8 @@ import sys
 import tempfile
 import time

+from extra.beep.beep import beep
 from lib.controller.controller import start
-from lib.core.common import beep
 from lib.core.common import clearConsoleLine
 from lib.core.common import dataToStdout
 from lib.core.common import readXmlFile
--- a/lib/parse/cmdline.py
+++ b/lib/parse/cmdline.py
@ -606,6 +606,9 @@ def cmdLineParser():
        miscellaneous.add_option("--answers", dest="answers",
                                  help="Set question answers (e.g. \"quit=N,follow=N\")")

+        miscellaneous.add_option("--beep", dest="beep", action="store_true",
+                                  help="Make a beep sound when SQL injection is found")
+
        miscellaneous.add_option("--check-payload", dest="checkPayload",
                                  action="store_true",
                                  help="Offline WAF/IPS/IDS payload detection testing")
@ -658,9 +661,6 @@ def cmdLineParser():
                                  help="Simple wizard interface for beginner users")

        # Hidden and/or experimental options
-        parser.add_option("--beep", dest="beep", action="store_true",
-                          help=SUPPRESS_HELP)
-
        parser.add_option("--profile", dest="profile", action="store_true",
                          help=SUPPRESS_HELP)

--- a/lib/techniques/error/use.py
+++ b/lib/techniques/error/use.py
@ -107,7 +107,7 @@ def _oneShotErrorUse(expression, field=None):
                        None)

                if output is not None:
-                    output = getUnicode(output, kb.pageEncoding)
+                    output = getUnicode(output)
                else:
                    trimmed = extractRegexResult(trimcheck, page, re.DOTALL | re.IGNORECASE) \
                        or extractRegexResult(trimcheck, listToStrValue(headers.headers \
--- a/sqlmap.conf
+++ b/sqlmap.conf
@ -656,10 +656,16 @@ mnemonics =
 # Set question answers (e.g. "quit=N,follow=N")
 answers =

+# Make a beep sound when SQL injection is found
+# Valid: True or False
+beep = False
+
 # Offline WAF/IPS/IDS payload detection testing.
+# Valid: True or False
 checkPayload = False

 # Check for existence of WAF/IPS/IDS protection.
+# Valid: True or False
 checkWaf = False

 # Clean up the DBMS by sqlmap specific UDF and tables.