mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2024-11-24 18:43:47 +03:00
Removing --fuzz-test
This commit is contained in:
parent
cfa5042358
commit
564c5a2494
|
@ -20,7 +20,7 @@ from thirdparty import six
|
||||||
from thirdparty.six import unichr as _unichr
|
from thirdparty.six import unichr as _unichr
|
||||||
|
|
||||||
# sqlmap version (<major>.<minor>.<month>.<monthly commit>)
|
# sqlmap version (<major>.<minor>.<month>.<monthly commit>)
|
||||||
VERSION = "1.5.9.16"
|
VERSION = "1.5.9.17"
|
||||||
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
|
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
|
||||||
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
|
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
|
||||||
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
|
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
|
||||||
|
|
|
@ -166,71 +166,6 @@ def vulnTest():
|
||||||
|
|
||||||
return retVal
|
return retVal
|
||||||
|
|
||||||
def fuzzTest():
|
|
||||||
count = 0
|
|
||||||
address, port = "127.0.0.10", random.randint(1025, 65535)
|
|
||||||
|
|
||||||
def _thread():
|
|
||||||
vulnserver.init(quiet=True)
|
|
||||||
vulnserver.run(address=address, port=port)
|
|
||||||
|
|
||||||
thread = threading.Thread(target=_thread)
|
|
||||||
thread.daemon = True
|
|
||||||
thread.start()
|
|
||||||
|
|
||||||
while True:
|
|
||||||
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
|
|
||||||
try:
|
|
||||||
s.connect((address, port))
|
|
||||||
break
|
|
||||||
except:
|
|
||||||
time.sleep(1)
|
|
||||||
|
|
||||||
handle, config = tempfile.mkstemp(suffix=".conf")
|
|
||||||
os.close(handle)
|
|
||||||
|
|
||||||
url = "http://%s:%d/?id=1" % (address, port)
|
|
||||||
|
|
||||||
content = open(os.path.abspath(os.path.join(os.path.dirname(__file__), "..", "..", "sqlmap.conf"))).read().replace("url =", "url = %s" % url)
|
|
||||||
open(config, "w+").write(content)
|
|
||||||
|
|
||||||
while True:
|
|
||||||
lines = content.split("\n")
|
|
||||||
|
|
||||||
for i in xrange(20):
|
|
||||||
j = random.randint(0, len(lines) - 1)
|
|
||||||
|
|
||||||
if any(_ in lines[j] for _ in ("googleDork",)):
|
|
||||||
continue
|
|
||||||
|
|
||||||
if re.search(r"= (True|False)", lines[j]):
|
|
||||||
lines[j] = lines[j].replace(" = False", " = True")
|
|
||||||
continue
|
|
||||||
|
|
||||||
if lines[j].strip().endswith('='):
|
|
||||||
lines[j] += random.sample(("True", "False", randomStr(), str(randomInt())), 1)[0]
|
|
||||||
|
|
||||||
k = random.randint(0, len(lines) - 1)
|
|
||||||
if '=' in lines[k] and not re.search(r"= (True|False)", lines[k]):
|
|
||||||
lines[k] += chr(random.randint(0, 255))
|
|
||||||
|
|
||||||
open(config, "w+").write("\n".join(lines))
|
|
||||||
|
|
||||||
cmd = "%s %s -c %s --non-interactive --answers='Github=n' --flush-session --technique=%s --banner" % (sys.executable, os.path.abspath(os.path.join(os.path.dirname(__file__), "..", "..", "sqlmap.py")), config, random.sample("BEUQ", 1)[0])
|
|
||||||
output = shellExec(cmd)
|
|
||||||
|
|
||||||
if "Traceback" in output:
|
|
||||||
dataToStdout("---\n\n$ %s\n" % cmd)
|
|
||||||
dataToStdout("%s---\n" % output, coloring=False)
|
|
||||||
|
|
||||||
handle, config = tempfile.mkstemp(prefix="sqlmapcrash", suffix=".conf")
|
|
||||||
os.close(handle)
|
|
||||||
open(config, "w+").write("\n".join(lines))
|
|
||||||
else:
|
|
||||||
dataToStdout("\r%d\r" % count)
|
|
||||||
|
|
||||||
count += 1
|
|
||||||
|
|
||||||
def smokeTest():
|
def smokeTest():
|
||||||
"""
|
"""
|
||||||
Runs the basic smoke testing of a program
|
Runs the basic smoke testing of a program
|
||||||
|
|
|
@ -824,9 +824,6 @@ def cmdLineParser(argv=None):
|
||||||
parser.add_argument("--vuln-test", dest="vulnTest", action="store_true",
|
parser.add_argument("--vuln-test", dest="vulnTest", action="store_true",
|
||||||
help=SUPPRESS)
|
help=SUPPRESS)
|
||||||
|
|
||||||
parser.add_argument("--fuzz-test", dest="fuzzTest", action="store_true",
|
|
||||||
help=SUPPRESS)
|
|
||||||
|
|
||||||
# API options
|
# API options
|
||||||
parser.add_argument("--api", dest="api", action="store_true",
|
parser.add_argument("--api", dest="api", action="store_true",
|
||||||
help=SUPPRESS)
|
help=SUPPRESS)
|
||||||
|
@ -1065,7 +1062,7 @@ def cmdLineParser(argv=None):
|
||||||
else:
|
else:
|
||||||
args.stdinPipe = None
|
args.stdinPipe = None
|
||||||
|
|
||||||
if not any((args.direct, args.url, args.logFile, args.bulkFile, args.googleDork, args.configFile, args.requestFile, args.updateAll, args.smokeTest, args.vulnTest, args.fuzzTest, args.wizard, args.dependencies, args.purge, args.listTampers, args.hashFile, args.stdinPipe)):
|
if not any((args.direct, args.url, args.logFile, args.bulkFile, args.googleDork, args.configFile, args.requestFile, args.updateAll, args.smokeTest, args.vulnTest, args.wizard, args.dependencies, args.purge, args.listTampers, args.hashFile, args.stdinPipe)):
|
||||||
errMsg = "missing a mandatory option (-d, -u, -l, -m, -r, -g, -c, --wizard, --shell, --update, --purge, --list-tampers or --dependencies). "
|
errMsg = "missing a mandatory option (-d, -u, -l, -m, -r, -g, -c, --wizard, --shell, --update, --purge, --list-tampers or --dependencies). "
|
||||||
errMsg += "Use -h for basic and -hh for advanced help\n"
|
errMsg += "Use -h for basic and -hh for advanced help\n"
|
||||||
parser.error(errMsg)
|
parser.error(errMsg)
|
||||||
|
|
|
@ -175,9 +175,6 @@ def main():
|
||||||
elif conf.vulnTest:
|
elif conf.vulnTest:
|
||||||
from lib.core.testing import vulnTest
|
from lib.core.testing import vulnTest
|
||||||
os._exitcode = 1 - (vulnTest() or 0)
|
os._exitcode = 1 - (vulnTest() or 0)
|
||||||
elif conf.fuzzTest:
|
|
||||||
from lib.core.testing import fuzzTest
|
|
||||||
fuzzTest()
|
|
||||||
else:
|
else:
|
||||||
from lib.controller.controller import start
|
from lib.controller.controller import start
|
||||||
if conf.profile:
|
if conf.profile:
|
||||||
|
|
Loading…
Reference in New Issue
Block a user