diff --git a/lib/controller/controller.py b/lib/controller/controller.py index 8623143d4..6f0740d63 100644 --- a/lib/controller/controller.py +++ b/lib/controller/controller.py @@ -487,8 +487,8 @@ def start(): break msg = "%s parameter '%s' " % (injection.place, injection.parameter) - msg += "is vulnerable. Do you want to keep testing the others? [y/N] " - test = readInput(msg, default="N") + msg += "is vulnerable. Do you want to keep testing the others? [Y/n] " + test = readInput(msg, default="Y") if test[0] in ("n", "N"): proceed = False diff --git a/lib/core/defaults.py b/lib/core/defaults.py index c797846a1..304f4b486 100644 --- a/lib/core/defaults.py +++ b/lib/core/defaults.py @@ -22,7 +22,8 @@ _defaults = { "threads": 1, "level": 1, "risk": 1, - "tech": "BEUST" + "tech": "BEUST", + "torType": "HTTP" } defaults = AttribDict(_defaults) diff --git a/lib/core/enums.py b/lib/core/enums.py index 3c215f747..c65cca404 100644 --- a/lib/core/enums.py +++ b/lib/core/enums.py @@ -85,6 +85,11 @@ class MOBILES: NEXUS = "Google Nexus One;Mozilla/5.0 (Linux; U; Android 2.2; en-US; Nexus One Build/FRF91) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1" NOKIA = "Nokia N97;Mozilla/5.0 (SymbianOS/9.4; Series60/5.0 NokiaN97-1/10.0.012; Profile/MIDP-2.1 Configuration/CLDC-1.1; en-us) AppleWebKit/525 (KHTML, like Gecko) WicKed/7.1.12344" +class PROXYTYPE: + HTTP = "HTTP" + SOCKS4 = "SOCKS4" + SOCKS5 = "SOCKS5" + class HTTPHEADER: ACCEPT = "Accept" ACCEPT_CHARSET = "Accept-Charset" diff --git a/lib/core/option.py b/lib/core/option.py index f02af3ccd..64ad533e6 100644 --- a/lib/core/option.py +++ b/lib/core/option.py @@ -66,6 +66,7 @@ from lib.core.enums import HTTPMETHOD from lib.core.enums import MOBILES from lib.core.enums import PAYLOAD from lib.core.enums import PRIORITY +from lib.core.enums import PROXYTYPE from lib.core.enums import REFLECTIVE_COUNTER from lib.core.exception import sqlmapConnectionException from lib.core.exception import sqlmapFilePathException @@ -1337,6 +1338,9 @@ def __cleanupOptions(): if conf.csvDel: conf.csvDel = conf.csvDel.decode('string_escape') # e.g. '\\t' -> '\t' + if conf.torType: + conf.torType = conf.torType.upper() + threadData = getCurrentThreadData() threadData.reset() @@ -1680,10 +1684,16 @@ def __setTrafficOutputFP(): conf.trafficFP = openFile(conf.trafficFile, "w+") -def __setTorHttpProxySettings(): - if not conf.torHttp: +def __setTorProxySettings(): + if not conf.tor: return + if conf.torType == PROXYTYPE.HTTP: + __setTorHttpProxySettings() + else: + __setTorSocksProxySettings() + +def __setTorHttpProxySettings(): infoMsg = "setting Tor HTTP proxy settings" logger.info(infoMsg) @@ -1715,17 +1725,12 @@ def __setTorHttpProxySettings(): raise sqlmapConnectionException, errMsg - conf.tor = True - def __setTorSocksProxySettings(): - if not conf.tor or conf.torHttp: - return - infoMsg = "setting Tor SOCKS proxy settings" logger.info(infoMsg) # Has to be SOCKS5 to prevent DNS leaks (http://en.wikipedia.org/wiki/Tor_%28anonymity_network%29) - socks.setdefaultproxy(socks.PROXY_TYPE_SOCKS5, LOCALHOST, DEFAULT_TOR_SOCKS_PORT) + socks.setdefaultproxy(socks.PROXY_TYPE_SOCKS5 if conf.torType == PROXYTYPE.SOCKS5 else socks.PROXY_TYPE_SOCKS4, LOCALHOST, DEFAULT_TOR_SOCKS_PORT) socks.wrapmodule(urllib2) def __checkTor(): @@ -1806,12 +1811,12 @@ def __basicOptionValidation(): errMsg = "switch --tor is incompatible with switch --proxy" raise sqlmapSyntaxException, errMsg - if conf.torHttp and conf.proxy: - errMsg = "switch --tor-http is incompatible with switch --proxy" + if conf.checkTor and not any([conf.tor, conf.proxy]): + errMsg = "switch --check-tor requires usage of switch --tor (or --proxy with HTTP proxy address using Tor)" raise sqlmapSyntaxException, errMsg - if conf.checkTor and not any([conf.tor, conf.torHttp, conf.proxy]): - errMsg = "switch --check-tor requires usage of switch --tor (or --proxy with HTTP proxy address using Tor)" + if conf.torType not in getPublicTypeMembers(PROXYTYPE, True): + errMsg = "switch --tor-type accepts one of following values: %s" % ", ".join(getPublicTypeMembers(PROXYTYPE, True)) raise sqlmapSyntaxException, errMsg if conf.skip and conf.testParameter: @@ -1826,10 +1831,6 @@ def __basicOptionValidation(): errMsg = "switch --proxy is incompatible with switch --ignore-proxy" raise sqlmapSyntaxException, errMsg - if conf.tor and conf.torHttp: - errMsg = "switch --tor is incompatible with switch --tor-http" - raise sqlmapSyntaxException, errMsg - if conf.forms and any([conf.logFile, conf.bulkFile, conf.direct, conf.requestFile, conf.googleDork]): errMsg = "switch --forms is compatible only with -u (--url) target switch" raise sqlmapSyntaxException, errMsg @@ -1877,8 +1878,7 @@ def init(inputOptions=AttribDict(), overrideOptions=False): __cleanupOptions() __checkDependencies() __basicOptionValidation() - __setTorSocksProxySettings() - __setTorHttpProxySettings() + __setTorProxySettings() __setMultipleTargets() __setTamperingFunctions() __setTrafficOutputFP() diff --git a/lib/core/optiondict.py b/lib/core/optiondict.py index b7196358a..34dd87397 100644 --- a/lib/core/optiondict.py +++ b/lib/core/optiondict.py @@ -172,6 +172,7 @@ optDict = { "replicate": "boolean", "updateAll": "boolean", "tor": "boolean", + "torType": "string", }, "Miscellaneous": { diff --git a/lib/parse/cmdline.py b/lib/parse/cmdline.py index 78c7b3bae..875404e26 100644 --- a/lib/parse/cmdline.py +++ b/lib/parse/cmdline.py @@ -529,7 +529,10 @@ def cmdLineParser(): general.add_option("--tor", dest="tor", action="store_true", - help="Use default Tor SOCKS5 proxy address") + help="Use Tor anonymity network") + + general.add_option("--tor-type", dest="torType", + help="Set Tor proxy type (HTTP - default, SOCKS4 or SOCKS5)") general.add_option("--update", dest="updateAll", action="store_true", @@ -609,9 +612,6 @@ def cmdLineParser(): parser.add_option("--test-filter", dest="testFilter", help=SUPPRESS_HELP) - parser.add_option("--tor-http", dest="torHttp", action="store_true", - help=SUPPRESS_HELP) - parser.add_option_group(target) parser.add_option_group(request) parser.add_option_group(optimization) diff --git a/lib/request/connect.py b/lib/request/connect.py index 9bb18373d..3b87f93e8 100644 --- a/lib/request/connect.py +++ b/lib/request/connect.py @@ -104,8 +104,6 @@ class Connect: warnMsg += "(e.g. https://www.torproject.org/download/download.html.en)" else: warnMsg += "(e.g. https://help.ubuntu.com/community/Tor)" - warnMsg += " (or try hidden switch --tor-http " - warnMsg += " if you want to utilize Tor proxy bundles)" else: warnMsg = "if the problem persists please check that the provided " warnMsg += "target url is valid. If it is, you can try to rerun " diff --git a/sqlmap.conf b/sqlmap.conf index 4d198a0e5..fe819e054 100644 --- a/sqlmap.conf +++ b/sqlmap.conf @@ -571,10 +571,14 @@ parseErrors = False # Valid: True or False replicate = False -# Use default Tor SOCKS5 proxy address. +# Use Use Tor anonymity network. # Valid: True or False tor = False +# Set Tor proxy type. +# Valid: HTTP, SOCKS4, SOCKS5 +torType = HTTP + # Update sqlmap. # Valid: True or False updateAll = False