sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-11-22 17:46:37 +03:00
Code Issues Packages Projects Releases Wiki Activity

adding switch --eval

Browse Source
This commit is contained in:
Miroslav Stampar 2011-11-21 16:41:02 +00:00
parent 0ce885e6e6
commit 65b2b0ad87
7 changed files with 47 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
lib/core/common.py
View File

@ -3136,3 +3136,10 @@ def getHostHeader(url):
retVal = retVal.split(':')[0] retVal = retVal.split(':')[0]
return retVal return retVal
def executeCode(code, variables=None):
try:
exec(code, variables)
except Exception, ex:
errMsg = "an error occured while evaluating provided code ('%s'). " % ex
raise sqlmapGenericException, errMsg

3
lib/core/option.py
View File

@ -1402,7 +1402,6 @@ def __setKnowledgeBaseAttributes(flushAll=True):
kb.dynamicMarkings = [] kb.dynamicMarkings = []
kb.dynamicParameters = False kb.dynamicParameters = False
kb.endDetection = False kb.endDetection = False
kb.httpErrorCodes = {}
kb.explicitSettings = set() kb.explicitSettings = set()
kb.errorIsNone = True kb.errorIsNone = True
kb.forcedDbms = None kb.forcedDbms = None
@ -1411,6 +1410,8 @@ def __setKnowledgeBaseAttributes(flushAll=True):
kb.heuristicTest = None kb.heuristicTest = None
kb.hintValue = None kb.hintValue = None
kb.htmlFp = [] kb.htmlFp = []
kb.httpErrorCodes = {}
kb.inferenceMode = False
kb.ignoreTimeout = False kb.ignoreTimeout = False
kb.injection = InjectionDict() kb.injection = InjectionDict()
kb.injections = [] kb.injections = []

3
lib/core/optiondict.py
View File

@ -44,7 +44,8 @@ optDict = {
"retries": "integer", "retries": "integer",
"scope": "string", "scope": "string",
"safUrl": "string", "safUrl": "string",
"saFreq": "integer" "saFreq": "integer",
"evalCode": "string"
}, },
"Optimization": { "Optimization": {

3
lib/parse/cmdline.py
View File

@ -140,6 +140,9 @@ def cmdLineParser():
request.add_option("--safe-freq", dest="saFreq", type="int", request.add_option("--safe-freq", dest="saFreq", type="int",
help="Test requests between two visits to a given safe url") help="Test requests between two visits to a given safe url")
request.add_option("--eval", dest="evalCode",
help="Evaluate provided Python code before the request (e.g. \"import hashlib;id2=hashlib.md5(str(id)).hexdigest()\")")
# Optimization options # Optimization options
optimization = OptionGroup(parser, "Optimization", "These " optimization = OptionGroup(parser, "Optimization", "These "
"options can be used to optimize the " "options can be used to optimize the "

26
lib/request/connect.py
View File

@ -22,6 +22,7 @@ from lib.core.common import average
from lib.core.common import calculateDeltaSeconds from lib.core.common import calculateDeltaSeconds
from lib.core.common import clearConsoleLine from lib.core.common import clearConsoleLine
from lib.core.common import cpuThrottle from lib.core.common import cpuThrottle
from lib.core.common import executeCode
from lib.core.common import extractRegexResult from lib.core.common import extractRegexResult
from lib.core.common import getCurrentThreadData from lib.core.common import getCurrentThreadData
from lib.core.common import getFilteredPageContent from lib.core.common import getFilteredPageContent
@ -603,6 +604,31 @@ class Connect:
elif item == PLACE.COOKIE and cookie: elif item == PLACE.COOKIE and cookie:
cookie = _randomizeParameter(cookie, randomParameter) cookie = _randomizeParameter(cookie, randomParameter)
if conf.evalCode:
variables = {}
originals = {}
if get:
executeCode(get.replace("&", ";"), variables)
if post:
executeCode(post.replace("&", ";"), variables)
originals.update(variables)
executeCode(conf.evalCode, variables)
for name, value in variables.items():
if name != "__builtins__" and originals.get(name, "") != value:
if isinstance(value, (basestring, int)):
value = unicode(value)
if '%s=' % name in (get or ""):
get = re.sub("(%s=)([^&]+)" % name, "\g<1>%s" % value, get)
elif '%s=' % name in (post or ""):
post = re.sub("(%s=)([^&]+)" % name, "\g<1>%s" % value, post)
elif post:
post += "&%s=%s" % (name, value)
else:
get += "&%s=%s" % (name, value)
get = urlencode(get, limit=True) get = urlencode(get, limit=True)
if post and place != PLACE.POST and hasattr(post, UNENCODED_ORIGINAL_VALUE): if post and place != PLACE.POST and hasattr(post, UNENCODED_ORIGINAL_VALUE):
post = getattr(post, UNENCODED_ORIGINAL_VALUE) post = getattr(post, UNENCODED_ORIGINAL_VALUE)

2
lib/request/inject.py
View File

@ -63,7 +63,9 @@ def __goInference(payload, expression, charsetType=None, firstChar=None, lastCha
dataToSessionFile("[%s][%s][%s][%s][" % (conf.url, kb.injection.place, conf.parameters[kb.injection.place], expression)) dataToSessionFile("[%s][%s][%s][%s][" % (conf.url, kb.injection.place, conf.parameters[kb.injection.place], expression))
kb.inferenceMode = True
count, value = bisection(payload, expression, length, charsetType, firstChar, lastChar, dump) count, value = bisection(payload, expression, length, charsetType, firstChar, lastChar, dump)
kb.inferenceMode = False
if not kb.bruteMode: if not kb.bruteMode:
debugMsg = "performed %d queries in %d seconds" % (count, calculateDeltaSeconds(start)) debugMsg = "performed %d queries in %d seconds" % (count, calculateDeltaSeconds(start))

4
sqlmap.conf
View File

@ -130,6 +130,10 @@ safUrl =
# Default: 0 # Default: 0
saFreq = 0 saFreq = 0
# Evaluate provided Python code before the request
# Example: import hashlib;id2=hashlib.md5(str(id)).hexdigest()
evalCode =
# These options can be used to optimize the performance of sqlmap. # These options can be used to optimize the performance of sqlmap.
[Optimization] [Optimization]