diff --git a/lib/core/settings.py b/lib/core/settings.py index 9f04ce98e..24fe6d429 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -20,7 +20,7 @@ from thirdparty import six from thirdparty.six import unichr as _unichr # sqlmap version (...) -VERSION = "1.5.9.16" +VERSION = "1.5.9.17" TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable" TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34} VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE) diff --git a/lib/core/testing.py b/lib/core/testing.py index 36881a9b8..5a5375b30 100644 --- a/lib/core/testing.py +++ b/lib/core/testing.py @@ -166,71 +166,6 @@ def vulnTest(): return retVal -def fuzzTest(): - count = 0 - address, port = "127.0.0.10", random.randint(1025, 65535) - - def _thread(): - vulnserver.init(quiet=True) - vulnserver.run(address=address, port=port) - - thread = threading.Thread(target=_thread) - thread.daemon = True - thread.start() - - while True: - s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) - try: - s.connect((address, port)) - break - except: - time.sleep(1) - - handle, config = tempfile.mkstemp(suffix=".conf") - os.close(handle) - - url = "http://%s:%d/?id=1" % (address, port) - - content = open(os.path.abspath(os.path.join(os.path.dirname(__file__), "..", "..", "sqlmap.conf"))).read().replace("url =", "url = %s" % url) - open(config, "w+").write(content) - - while True: - lines = content.split("\n") - - for i in xrange(20): - j = random.randint(0, len(lines) - 1) - - if any(_ in lines[j] for _ in ("googleDork",)): - continue - - if re.search(r"= (True|False)", lines[j]): - lines[j] = lines[j].replace(" = False", " = True") - continue - - if lines[j].strip().endswith('='): - lines[j] += random.sample(("True", "False", randomStr(), str(randomInt())), 1)[0] - - k = random.randint(0, len(lines) - 1) - if '=' in lines[k] and not re.search(r"= (True|False)", lines[k]): - lines[k] += chr(random.randint(0, 255)) - - open(config, "w+").write("\n".join(lines)) - - cmd = "%s %s -c %s --non-interactive --answers='Github=n' --flush-session --technique=%s --banner" % (sys.executable, os.path.abspath(os.path.join(os.path.dirname(__file__), "..", "..", "sqlmap.py")), config, random.sample("BEUQ", 1)[0]) - output = shellExec(cmd) - - if "Traceback" in output: - dataToStdout("---\n\n$ %s\n" % cmd) - dataToStdout("%s---\n" % output, coloring=False) - - handle, config = tempfile.mkstemp(prefix="sqlmapcrash", suffix=".conf") - os.close(handle) - open(config, "w+").write("\n".join(lines)) - else: - dataToStdout("\r%d\r" % count) - - count += 1 - def smokeTest(): """ Runs the basic smoke testing of a program diff --git a/lib/parse/cmdline.py b/lib/parse/cmdline.py index 91d889a09..39cf89ed8 100644 --- a/lib/parse/cmdline.py +++ b/lib/parse/cmdline.py @@ -824,9 +824,6 @@ def cmdLineParser(argv=None): parser.add_argument("--vuln-test", dest="vulnTest", action="store_true", help=SUPPRESS) - parser.add_argument("--fuzz-test", dest="fuzzTest", action="store_true", - help=SUPPRESS) - # API options parser.add_argument("--api", dest="api", action="store_true", help=SUPPRESS) @@ -1065,7 +1062,7 @@ def cmdLineParser(argv=None): else: args.stdinPipe = None - if not any((args.direct, args.url, args.logFile, args.bulkFile, args.googleDork, args.configFile, args.requestFile, args.updateAll, args.smokeTest, args.vulnTest, args.fuzzTest, args.wizard, args.dependencies, args.purge, args.listTampers, args.hashFile, args.stdinPipe)): + if not any((args.direct, args.url, args.logFile, args.bulkFile, args.googleDork, args.configFile, args.requestFile, args.updateAll, args.smokeTest, args.vulnTest, args.wizard, args.dependencies, args.purge, args.listTampers, args.hashFile, args.stdinPipe)): errMsg = "missing a mandatory option (-d, -u, -l, -m, -r, -g, -c, --wizard, --shell, --update, --purge, --list-tampers or --dependencies). " errMsg += "Use -h for basic and -hh for advanced help\n" parser.error(errMsg) diff --git a/sqlmap.py b/sqlmap.py index 1e6d4ec37..daff96616 100755 --- a/sqlmap.py +++ b/sqlmap.py @@ -175,9 +175,6 @@ def main(): elif conf.vulnTest: from lib.core.testing import vulnTest os._exitcode = 1 - (vulnTest() or 0) - elif conf.fuzzTest: - from lib.core.testing import fuzzTest - fuzzTest() else: from lib.controller.controller import start if conf.profile: