sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-02-03 13:14:13 +03:00
Code Issues Packages Projects Releases Wiki Activity

Implementation of an Issue #105

Browse Source
This commit is contained in:
Miroslav Stampar 2012-07-18 13:32:34 +02:00
parent a4f5c1d2b5
commit 655dd55a6f
3 changed files with 37 additions and 44 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/core/option.py
View File

@ -1541,7 +1541,7 @@ def __setKnowledgeBaseAttributes(flushAll=True):
kb.testedParams = set() kb.testedParams = set()
kb.userAgents = None kb.userAgents = None
kb.vainRun = True kb.vainRun = True
kb.wordlist = None kb.wordlists = None
def __useWizardInterface(): def __useWizardInterface():
""" """

28
lib/core/wordlist.py
View File

@ -5,21 +5,21 @@ Copyright (c) 2006-2012 sqlmap developers (http://sqlmap.org/)
See the file 'doc/COPYING' for copying permission See the file 'doc/COPYING' for copying permission
""" """
from lib.core.common import singleTimeLogMessage
class Wordlist: class Wordlist:
""" """
Iterator for looping over a large dictionaries Iterator for looping over a large dictionaries
""" """
def __init__(self, filenames): def __init__(self, filenames, proc_id=None, proc_count=None, custom=None):
self.filenames = filenames self.filenames = filenames
self.fp = None self.fp = None
self.index = 0 self.index = 0
self.counter = -1
self.iter = None self.iter = None
self.custom = [] self.custom = custom or []
self.proc_id = proc_id
self.proc_count = proc_count
self.adjust() self.adjust()
self.lock = None
def __iter__(self): def __iter__(self):
return self return self
@ -29,22 +29,17 @@ class Wordlist:
if self.index > len(self.filenames): if self.index > len(self.filenames):
raise StopIteration raise StopIteration
elif self.index == len(self.filenames): elif self.index == len(self.filenames):
if self.custom: if not self.proc_id:
self.iter = iter(self.custom) self.iter = iter(self.custom)
else: else:
raise StopIteration raise StopIteration
else: else:
current = self.filenames[self.index] current = self.filenames[self.index]
infoMsg = "loading dictionary from '%s'" % current
singleTimeLogMessage(infoMsg)
self.fp = open(current, "r") self.fp = open(current, "r")
self.iter = iter(self.fp) self.iter = iter(self.fp)
self.index += 1 self.index += 1
def append(self, value):
self.custom.append(value)
def closeFP(self): def closeFP(self):
if self.fp: if self.fp:
self.fp.close() self.fp.close()
@ -52,16 +47,17 @@ class Wordlist:
def next(self): def next(self):
retVal = None retVal = None
if self.lock: while True:
self.lock.acquire()
try: try:
retVal = self.iter.next().rstrip() retVal = self.iter.next().rstrip()
except StopIteration: except StopIteration:
self.adjust() self.adjust()
retVal = self.iter.next().rstrip() retVal = self.iter.next().rstrip()
finally: if not self.proc_count:
if self.lock: break
self.lock.release() self.counter += 1
if self.counter % self.proc_count == self.proc_id:
break
return retVal return retVal
def rewind(self): def rewind(self):

41
lib/utils/hash.py
View File

@ -410,11 +410,13 @@ def hashRecognition(value):
return retVal return retVal
def __bruteProcessVariantA(attack_info, hash_regex, wordlist, suffix, retVal, proc_id, proc_count): def __bruteProcessVariantA(attack_info, hash_regex, suffix, retVal, proc_id, proc_count, wordlists, custom_wordlist):
count = 0 count = 0
rotator = 0 rotator = 0
hashes = set([item[0][1] for item in attack_info]) hashes = set([item[0][1] for item in attack_info])
wordlist = Wordlist(wordlists, proc_id, getattr(proc_count, "value", 0), custom_wordlist)
try: try:
for word in wordlist: for word in wordlist:
if not attack_info: if not attack_info:
@ -451,7 +453,7 @@ def __bruteProcessVariantA(attack_info, hash_regex, wordlist, suffix, retVal, pr
attack_info.remove(item) attack_info.remove(item)
elif (proc_id == 0 or getattr(proc_count, 'value', 0) == 1) and count % HASH_MOD_ITEM_DISPLAY == 0 or hash_regex == HASH.ORACLE_OLD or hash_regex == HASH.CRYPT_GENERIC and IS_WIN: elif (proc_id == 0 or getattr(proc_count, "value", 0) == 1) and count % HASH_MOD_ITEM_DISPLAY == 0 or hash_regex == HASH.ORACLE_OLD or hash_regex == HASH.CRYPT_GENERIC and IS_WIN:
rotator += 1 rotator += 1
if rotator >= len(ROTATING_CHARS): if rotator >= len(ROTATING_CHARS):
rotator = 0 rotator = 0
@ -477,10 +479,12 @@ def __bruteProcessVariantA(attack_info, hash_regex, wordlist, suffix, retVal, pr
if hasattr(proc_count, 'value'): if hasattr(proc_count, 'value'):
proc_count.value -= 1 proc_count.value -= 1
def __bruteProcessVariantB(user, hash_, kwargs, hash_regex, wordlist, suffix, retVal, found, proc_id, proc_count): def __bruteProcessVariantB(user, hash_, kwargs, hash_regex, suffix, retVal, found, proc_id, proc_count, wordlists, custom_wordlist):
count = 0 count = 0
rotator = 0 rotator = 0
wordlist = Wordlist(wordlists, proc_id, getattr(proc_count, "value", 0), custom_wordlist)
try: try:
for word in wordlist: for word in wordlist:
if found.value: if found.value:
@ -515,7 +519,7 @@ def __bruteProcessVariantB(user, hash_, kwargs, hash_regex, wordlist, suffix, re
found.value = True found.value = True
elif (proc_id == 0 or getattr(proc_count, 'value', 0) == 1) and count % HASH_MOD_ITEM_DISPLAY == 0 or hash_regex == HASH.ORACLE_OLD or hash_regex == HASH.CRYPT_GENERIC and IS_WIN: elif (proc_id == 0 or getattr(proc_count, "value", 0) == 1) and count % HASH_MOD_ITEM_DISPLAY == 0 or hash_regex == HASH.ORACLE_OLD or hash_regex == HASH.CRYPT_GENERIC and IS_WIN:
rotator += 1 rotator += 1
if rotator >= len(ROTATING_CHARS): if rotator >= len(ROTATING_CHARS):
rotator = 0 rotator = 0
@ -545,6 +549,7 @@ def __bruteProcessVariantB(user, hash_, kwargs, hash_regex, wordlist, suffix, re
def dictionaryAttack(attack_dict): def dictionaryAttack(attack_dict):
suffix_list = [""] suffix_list = [""]
custom_wordlist = []
hash_regexes = [] hash_regexes = []
results = [] results = []
resumes = [] resumes = []
@ -610,8 +615,8 @@ def dictionaryAttack(attack_dict):
if not attack_info: if not attack_info:
continue continue
if not kb.wordlist: if not kb.wordlists:
while not kb.wordlist: while not kb.wordlists:
# the slowest of all methods hence smaller default dict # the slowest of all methods hence smaller default dict
if hash_regex in (HASH.ORACLE_OLD, HASH.WORDPRESS): if hash_regex in (HASH.ORACLE_OLD, HASH.WORDPRESS):
@ -644,10 +649,7 @@ def dictionaryAttack(attack_dict):
for dictPath in dictPaths: for dictPath in dictPaths:
checkFile(dictPath) checkFile(dictPath)
kb.wordlist = Wordlist(dictPaths) kb.wordlists = dictPaths
if _multiprocessing:
kb.wordlist.lock = _multiprocessing.Lock()
except sqlmapFilePathException, msg: except sqlmapFilePathException, msg:
warnMsg = "there was a problem while loading dictionaries" warnMsg = "there was a problem while loading dictionaries"
@ -665,9 +667,8 @@ def dictionaryAttack(attack_dict):
for item in attack_info: for item in attack_info:
((user, _), _) = item ((user, _), _) = item
if user and not user.startswith(DUMMY_USER_PREFIX): if user and not user.startswith(DUMMY_USER_PREFIX):
kb.wordlist.append(normalizeUnicode(user)) custom_wordlist.append(normalizeUnicode(user))
if hash_regex in (HASH.MYSQL, HASH.MYSQL_OLD, HASH.MD5_GENERIC, HASH.SHA1_GENERIC): if hash_regex in (HASH.MYSQL, HASH.MYSQL_OLD, HASH.MD5_GENERIC, HASH.SHA1_GENERIC):
for suffix in suffix_list: for suffix in suffix_list:
@ -679,13 +680,11 @@ def dictionaryAttack(attack_dict):
infoMsg = "using suffix '%s'" % suffix infoMsg = "using suffix '%s'" % suffix
logger.info(infoMsg) logger.info(infoMsg)
kb.wordlist.rewind()
retVal = None retVal = None
processes = [] processes = []
try: try:
if _multiprocessing and not IS_WIN: if _multiprocessing:
if _multiprocessing.cpu_count() > 1: if _multiprocessing.cpu_count() > 1:
infoMsg = "starting %d processes " % _multiprocessing.cpu_count() infoMsg = "starting %d processes " % _multiprocessing.cpu_count()
singleTimeLogMessage(infoMsg) singleTimeLogMessage(infoMsg)
@ -694,7 +693,7 @@ def dictionaryAttack(attack_dict):
count = _multiprocessing.Value('i', _multiprocessing.cpu_count()) count = _multiprocessing.Value('i', _multiprocessing.cpu_count())
for i in xrange(_multiprocessing.cpu_count()): for i in xrange(_multiprocessing.cpu_count()):
p = _multiprocessing.Process(target=__bruteProcessVariantA, args=(attack_info, hash_regex, kb.wordlist, suffix, retVal, i, count)) p = _multiprocessing.Process(target=__bruteProcessVariantA, args=(attack_info, hash_regex, suffix, retVal, i, count, kb.wordlists, custom_wordlist))
processes.append(p) processes.append(p)
for p in processes: for p in processes:
@ -709,7 +708,7 @@ def dictionaryAttack(attack_dict):
singleTimeWarnMessage(warnMsg) singleTimeWarnMessage(warnMsg)
retVal = Queue() retVal = Queue()
__bruteProcessVariantA(attack_info, hash_regex, kb.wordlist, suffix, retVal, 0, 1) __bruteProcessVariantA(attack_info, hash_regex, suffix, retVal, 0, 1, kb.wordlists, custom_wordlist)
except KeyboardInterrupt: except KeyboardInterrupt:
print print
@ -751,13 +750,11 @@ def dictionaryAttack(attack_dict):
infoMsg = "using suffix '%s'" % suffix infoMsg = "using suffix '%s'" % suffix
logger.info(infoMsg) logger.info(infoMsg)
kb.wordlist.rewind()
retVal = None retVal = None
processes = [] processes = []
try: try:
if _multiprocessing and not IS_WIN: if _multiprocessing:
if _multiprocessing.cpu_count() > 1: if _multiprocessing.cpu_count() > 1:
infoMsg = "starting %d processes " % _multiprocessing.cpu_count() infoMsg = "starting %d processes " % _multiprocessing.cpu_count()
singleTimeLogMessage(infoMsg) singleTimeLogMessage(infoMsg)
@ -767,7 +764,7 @@ def dictionaryAttack(attack_dict):
count = _multiprocessing.Value('i', _multiprocessing.cpu_count()) count = _multiprocessing.Value('i', _multiprocessing.cpu_count())
for i in xrange(_multiprocessing.cpu_count()): for i in xrange(_multiprocessing.cpu_count()):
p = _multiprocessing.Process(target=__bruteProcessVariantB, args=(user, hash_, kwargs, hash_regex, kb.wordlist, suffix, retVal, found_, i, count)) p = _multiprocessing.Process(target=__bruteProcessVariantB, args=(user, hash_, kwargs, hash_regex, suffix, retVal, found_, i, count, kb.wordlists, custom_wordlist))
processes.append(p) processes.append(p)
for p in processes: for p in processes:
@ -790,7 +787,7 @@ def dictionaryAttack(attack_dict):
found_ = Value() found_ = Value()
found_.value = False found_.value = False
__bruteProcessVariantB(user, hash_, kwargs, hash_regex, kb.wordlist, suffix, retVal, found_, 0, 1) __bruteProcessVariantB(user, hash_, kwargs, hash_regex, suffix, retVal, found_, 0, 1, kb.wordlists, custom_wordlist)
found = found_.value found = found_.value