From 680aedaefc1977cab05b94459ca0cd1b0ea81304 Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Tue, 31 May 2016 14:55:56 +0200 Subject: [PATCH] Adding option --tmp-dir --- lib/core/option.py | 40 +++++++++++++++++++++++++++++----------- lib/core/optiondict.py | 5 +++-- lib/core/settings.py | 2 +- lib/parse/cmdline.py | 13 ++++++++----- sqlmap.conf | 11 +++++++---- 5 files changed, 48 insertions(+), 23 deletions(-) diff --git a/lib/core/option.py b/lib/core/option.py index 1fff7758a..8de084113 100644 --- a/lib/core/option.py +++ b/lib/core/option.py @@ -1548,18 +1548,36 @@ def _createTemporaryDirectory(): Creates temporary directory for this run. """ - try: - if not os.path.isdir(tempfile.gettempdir()): - os.makedirs(tempfile.gettempdir()) - except IOError, ex: - errMsg = "there has been a problem while accessing " - errMsg += "system's temporary directory location(s) ('%s'). Please " % getSafeExString(ex) - errMsg += "make sure that there is enough disk space left. If problem persists, " - errMsg += "try to set environment variable 'TEMP' to a location " - errMsg += "writeable by the current user" - raise SqlmapSystemException, errMsg + if conf.tmpDir: + try: + if not os.path.isdir(conf.tmpDir): + os.makedirs(conf.tmpDir) - if "sqlmap" not in (tempfile.tempdir or ""): + _ = os.path.join(conf.tmpDir, randomStr()) + open(_, "w+b").close() + os.remove(_) + + tempfile.tempdir = conf.tmpDir + + warnMsg = "using '%s' as the temporary directory" % conf.tmpDir + logger.warn(warnMsg) + except (OSError, IOError), ex: + errMsg = "there has been a problem while accessing " + errMsg += "temporary directory location(s) ('%s')" % getSafeExString(ex) + raise SqlmapSystemException, errMsg + else: + try: + if not os.path.isdir(tempfile.gettempdir()): + os.makedirs(tempfile.gettempdir()) + except IOError, ex: + errMsg = "there has been a problem while accessing " + errMsg += "system's temporary directory location(s) ('%s'). Please " % getSafeExString(ex) + errMsg += "make sure that there is enough disk space left. If problem persists, " + errMsg += "try to set environment variable 'TEMP' to a location " + errMsg += "writeable by the current user" + raise SqlmapSystemException, errMsg + + if "sqlmap" not in (tempfile.tempdir or "") or conf.tmpDir and tempfile.tempdir == conf.tmpDir: tempfile.tempdir = tempfile.mkdtemp(prefix="sqlmap", suffix=str(os.getpid())) kb.tempDir = tempfile.tempdir diff --git a/lib/core/optiondict.py b/lib/core/optiondict.py index 6956db8ae..8474a3d84 100644 --- a/lib/core/optiondict.py +++ b/lib/core/optiondict.py @@ -218,11 +218,14 @@ optDict = { "dependencies": "boolean", "disableColoring": "boolean", "googlePage": "integer", + "identifyWaf": "boolean", "mobile": "boolean", "offline": "boolean", "pageRank": "boolean", "purgeOutput": "boolean", + "skipWaf": "boolean", "smart": "boolean", + "tmpDir": "string", "wizard": "boolean", "verbose": "integer", }, @@ -231,8 +234,6 @@ optDict = { "disablePrecon": "boolean", "profile": "boolean", "forceDns": "boolean", - "identifyWaf": "boolean", - "skipWaf": "boolean", "ignore401": "boolean", "smokeTest": "boolean", "liveTest": "boolean", diff --git a/lib/core/settings.py b/lib/core/settings.py index ab412f15d..69cc2ec85 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -19,7 +19,7 @@ from lib.core.enums import OS from lib.core.revision import getRevisionNumber # sqlmap version (...) -VERSION = "1.0.5.128" +VERSION = "1.0.5.129" REVISION = getRevisionNumber() STABLE = VERSION.count('.') <= 2 VERSION_STRING = "sqlmap/%s#%s" % (VERSION, "stable" if STABLE else "dev") diff --git a/lib/parse/cmdline.py b/lib/parse/cmdline.py index 7f59f593d..926502e9f 100644 --- a/lib/parse/cmdline.py +++ b/lib/parse/cmdline.py @@ -719,10 +719,6 @@ def cmdLineParser(argv=None): action="store_true", help="Make a thorough testing for a WAF/IPS/IDS protection") - miscellaneous.add_option("--skip-waf", dest="skipWaf", - action="store_true", - help="Skip heuristic detection of WAF/IPS/IDS protection") - miscellaneous.add_option("--mobile", dest="mobile", action="store_true", help="Imitate smartphone through HTTP User-Agent header") @@ -739,12 +735,19 @@ def cmdLineParser(argv=None): action="store_true", help="Safely remove all content from output directory") + miscellaneous.add_option("--skip-waf", dest="skipWaf", + action="store_true", + help="Skip heuristic detection of WAF/IPS/IDS protection") + miscellaneous.add_option("--smart", dest="smart", action="store_true", help="Conduct thorough tests only if positive heuristic(s)") miscellaneous.add_option("--sqlmap-shell", dest="sqlmapShell", action="store_true", - help="Prompt for an interactive sqlmap shell") + help="Prompt for an interactive sqlmap shell") + + miscellaneous.add_option("--tmp-dir", dest="tmpDir", + help="Local directory for storing temporary files") miscellaneous.add_option("--wizard", dest="wizard", action="store_true", diff --git a/sqlmap.conf b/sqlmap.conf index 54577660f..05868f30e 100644 --- a/sqlmap.conf +++ b/sqlmap.conf @@ -756,10 +756,6 @@ googlePage = 1 # Valid: True or False identifyWaf = False -# Skip heuristic detection of WAF/IPS/IDS protection. -# Valid: True or False -skipWaf = False - # Imitate smartphone through HTTP User-Agent header. # Valid: True or False mobile = False @@ -772,10 +768,17 @@ offline = False # Valid: True or False pageRank = False +# Skip heuristic detection of WAF/IPS/IDS protection. +# Valid: True or False +skipWaf = False + # Conduct thorough tests only if positive heuristic(s). # Valid: True or False smart = False +# Local directory for storing temporary files. +tmpDir = + # Simple wizard interface for beginner users. # Valid: True or False wizard = False