Merge cf2d76a863 into 29825cd5d6

2025-04-10 12:14:17 +03:00 · 2025-04-03 08:52:58 +00:00 · 2025-04-03 08:52:58 +00:00 · 5f050aaa20
commit 5f050aaa20
parent 29825cd5d6 cf2d76a863
3 changed files with 182 additions and 1 deletions
--- a/lib/core/dump.py
+++ b/lib/core/dump.py
@ -7,6 +7,9 @@ See the file 'LICENSE' for copying permission

 import hashlib
 import os
+
+import csv
+
 import re
 import shutil
 import tempfile
@ -710,6 +713,40 @@ class Dump(object):
    def sqlQuery(self, query, queryRes):
        self.string(query, queryRes, content_type=CONTENT_TYPE.SQL_QUERY)

+        #code to extract columns from the request
+        deb="SELECT"
+        fin="FROM"
+        temp1=(query.upper()).find(deb)
+
+        temp2=(query.upper()).find(fin)
+
+        T=len(deb)-temp1+1
+        temp_res=query[T:temp2]
+        temp_res=(temp_res.strip()).split(',')
+
+        #******************************************
+        #dictionarie for every value in queryRes
+        dt_save=[]
+        for i in range (len(queryRes)):
+            s=queryRes[i]
+            d={}
+            for j in range(len(temp_res)):
+                d.update({temp_res[j]:s[j]})
+            dt_save.append(d)
+            
+        #*******************************************
+        file_csv="data_save.csv"
+        if(len(queryRes)!=0):
+            with open(file_csv,mode='w',newline='') as file_csv:
+                writer=csv.DictWriter(file_csv,fieldnames=temp_res)
+                writer.writeheader()
+                for part in dt_save:
+                    writer.writerow(part)
+                print("data saved in csv format under "+"'"+os.path.realpath("data_save.csv")+"'")
+        else:
+            print("data don't exist to create CSV file")
+            
+            
    def rFile(self, fileData):
        self.lister("files saved to", fileData, sort=False, content_type=CONTENT_TYPE.FILE_READ)

--- a/ok.py
+++ b/ok.py
@ -0,0 +1,142 @@
+import subprocess
+from datetime import datetime
+import sys
+import os
+import csv
+import re
+from urllib.parse import urlparse
+
+#****************************************************************************************
+# this function verify if the argument given is an URL
+def est_url(url):
+    try:
+        result=urlparse(url)
+        return all([result.scheme, result.netloc])
+    except Exception as e:
+        return False
+
+# this function verify if the argument given is a request 
+def est_requete(req):
+    exp_reg= expression_reguliere = re.compile(
+        r'\b(SELECT|UPDATE|DELETE|INSERT INTO|CREATE|ALTER|DROP|GRANT|REVOKE)\b',
+        re.IGNORECASE)
+    return re.search(exp_reg,req) is not None
+
+#*****************************************************************************************
+
+# read the arguements 
+arg=sys.argv
+
+#*****************************************************************************************
+                 #verify if the arguments given are correct or not
+
+if (('-u' in arg)and('--sql-query' in arg)):
+    if (est_url(arg[2])):
+        if (est_requete(arg[-1])):
+            commande_sqlmap = ['python','sqlmap.py']+arg[1:]
+        else:
+            print("verify your request")
+            exit()
+    else:
+        print("verify your URL")
+        exit()
+else:
+    print("Verify that you input correctly -u or --sql-query")
+    exit()
+
+#*****************************************************************************************
+
+#*****************************************************************************************
+                   #extract the name of columns from the request
+deb="SELECT"
+fin="FROM"
+
+#find the start point of the ""deb"" variable in the request
+temp1=(arg[-1].upper()).find(deb)
+
+#find the start point of the ""fin"" variable in the request
+temp2=(arg[-1].upper()).find(fin)
+
+#select the request from the arguments given bu the user in command line
+temp_res=arg[-1]
+
+#start selection of the columns names after the ""deb"" variable
+T=len(deb)-temp1+1
+temp_res=temp_res[T:temp2]
+
+#split the String that contains columns name 
+temp_res=(temp_res.strip()).split(',')
+
+#******************************************************************************************
+
+#******************************************************************************************
+                    #process the request
+
+res=subprocess.check_output(commande_sqlmap)
+
+#res=subprocess.run(commande_sqlmap,capture_output=True, text=True)
+
+#view the result of processing the resquest
+res = res.decode('utf-8')
+print(res)
+
+
+# Select actuel time
+heure_actuelle = datetime.now()
+heure_formattee = heure_actuelle.strftime("%H:%M:%S")
+
+# ""m_deb"" variable is a string that represents the start point of showing the result of the request   
+m_deb="["+str(heure_formattee)+"]"+" [INFO] fetching SQL SELECT statement query output:"
+
+# ""m_fin"" variable is a string that represents the end point point of showing the result of the request
+m_fin="["+str(heure_formattee)+"]"+" [INFO] fetched data logged to text files under"
+
+#""debut_message"" contains the position of the ""m_deb"" variable in the result
+debut_message = res.find(m_deb)
+
+#""fin_message"" contains the position of the ""m_fin"" variable in the result
+fin_message = res.find(m_fin)
+
+#select a part of the result that is between ""m_deb"" variable and ""m_fin"" variable
+message = res[debut_message:fin_message].strip()
+
+
+lignes = message.splitlines()
+
+# ""donnees_sauvegarder"" variable is a list of dictionaries
+donnees_sauvegarder = []
+
+# loop on the ""lignes"" variable
+for ligne in lignes:
+    # verify if this line contain [*]
+    if ligne.startswith("[*]"):
+        # extract data after '[*]'
+        v_temp=(ligne[4:].strip()).split(',')
+        d_temp={}
+        for i in range(len(temp_res)):
+            # add for every column from ""temp_res"" variable a value from ""v_temp"" variable 
+            d_temp.update({temp_res[i]:v_temp[i]})
+            
+        # add the dictionarie in the list
+        donnees_sauvegarder.append(d_temp)
+
+#*****************************************************************************************************
+    
+            # create a file named ""data_save.csv"" in same repositories with this script file
+            
+file_csv="data_save.csv"
+
+if(len(donnees_sauvegarder)!=0):# if the process of the request send data
+    with open(file_csv,mode='w',newline='') as file_csv:
+        # write the header of this CSV file
+        writer=csv.DictWriter(file_csv,fieldnames=temp_res)
+        writer.writeheader()
+        # loop on the list of dictionaries named ""donnees_sauvegarder"" to wite its content on the CSV file
+        for part in donnees_sauvegarder:
+            writer.writerow(part)
+        # if the data is successfully saved in the CSV file this message show the place of the file
+        print("data saved in csv format under "+"'"+os.path.realpath("data_save.csv")+"'")
+else:
+    print("data don't exist to create CSV file")
+    
+#********************************************************************************************************
--- a/plugins/generic/custom.py
+++ b/plugins/generic/custom.py
@ -87,11 +87,13 @@ class Custom(object):
                inject.goStacked(query)

                output = NULL
-
+                
        except SqlmapNoneDataException as ex:
            logger.warning(ex)
+        

        return output
+    

    def sqlShell(self):
        infoMsg = "calling %s shell. To quit type " % Backend.getIdentifiedDbms()