sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-02-16 19:40:37 +03:00
Code Issues Packages Projects Releases Wiki Activity

Implementation for an Issue #293

Browse Source
This commit is contained in:
Miroslav Stampar 2012-12-11 12:48:58 +01:00
parent cb13735788
commit 5c2451d83c
4 changed files with 20 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
lib/controller/checks.py
View File

@ -12,6 +12,9 @@ import re
import socket import socket
import time import time
from subprocess import PIPE
from subprocess import Popen as execute
from extra.beep.beep import beep from extra.beep.beep import beep
from lib.core.agent import agent from lib.core.agent import agent
from lib.core.common import arrayizeValue from lib.core.common import arrayizeValue
@ -521,6 +524,13 @@ def checkSqlInjection(place, parameter, value):
if conf.beep: if conf.beep:
beep() beep()
if conf.alert:
infoMsg = "executing alerting shell command(s) ('%s')" % conf.alert
logger.info(infoMsg)
process = execute(conf.alert, shell=True)
process.wait()
# There is no need to perform this test for other # There is no need to perform this test for other
# <where> tags # <where> tags
break break

1
lib/core/optiondict.py
View File

@ -191,6 +191,7 @@ optDict = {
"Miscellaneous": { "Miscellaneous": {
"mnemonics": "string", "mnemonics": "string",
"alert": "string",
"answers": "string", "answers": "string",
"beep": "boolean", "beep": "boolean",
"checkPayload": "boolean", "checkPayload": "boolean",

3
lib/parse/cmdline.py
View File

@ -603,6 +603,9 @@ def cmdLineParser():
miscellaneous.add_option("-z", dest="mnemonics", miscellaneous.add_option("-z", dest="mnemonics",
help="Use short mnemonics (e.g. \"flu,bat,ban,tec=EU\")") help="Use short mnemonics (e.g. \"flu,bat,ban,tec=EU\")")
miscellaneous.add_option("--alert", dest="alert",
help="Run shell command(s) when SQL injection is found")
miscellaneous.add_option("--answers", dest="answers", miscellaneous.add_option("--answers", dest="answers",
help="Set question answers (e.g. \"quit=N,follow=N\")") help="Set question answers (e.g. \"quit=N,follow=N\")")

9
sqlmap.conf
View File

@ -650,13 +650,16 @@ updateAll = False
[Miscellaneous] [Miscellaneous]
# Use short mnemonics (e.g. "flu,bat,ban,tec=EU") # Use short mnemonics (e.g. "flu,bat,ban,tec=EU").
mnemonics = mnemonics =
# Set question answers (e.g. "quit=N,follow=N") # Run shell command(s) when SQL injection is found.
alert =
# Set question answers (e.g. "quit=N,follow=N").
answers = answers =
# Make a beep sound when SQL injection is found # Make a beep sound when SQL injection is found.
# Valid: True or False # Valid: True or False
beep = False beep = False