mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2024-11-22 01:26:42 +03:00
code review of modules in lib/core directory
This commit is contained in:
parent
2d9b151883
commit
6a0e0cde3c
|
@ -168,7 +168,6 @@ def start():
|
|||
conf.method = targetMethod
|
||||
conf.data = targetData
|
||||
conf.cookie = targetCookie
|
||||
injData = []
|
||||
|
||||
initTargetEnv()
|
||||
parseTargetUrl()
|
||||
|
|
|
@ -20,14 +20,12 @@ import time
|
|||
import urlparse
|
||||
import ntpath
|
||||
import posixpath
|
||||
import subprocess
|
||||
import httplib
|
||||
|
||||
from ConfigParser import DEFAULTSECT
|
||||
from ConfigParser import RawConfigParser
|
||||
from StringIO import StringIO
|
||||
from difflib import SequenceMatcher
|
||||
from inspect import getmembers
|
||||
from math import sqrt
|
||||
from subprocess import PIPE
|
||||
from subprocess import Popen as execute
|
||||
|
@ -142,7 +140,7 @@ def paramToDict(place, parameters=None):
|
|||
if conf.parameters.has_key(place) and not parameters:
|
||||
parameters = conf.parameters[place]
|
||||
|
||||
if place is not "POSTxml":
|
||||
if place != "POSTxml":
|
||||
parameters = parameters.replace(", ", ",")
|
||||
|
||||
if place == PLACE.COOKIE:
|
||||
|
@ -1164,7 +1162,7 @@ def decloakToNamedTemporaryFile(filepath, name=None):
|
|||
def __del__():
|
||||
try:
|
||||
if hasattr(retVal, 'old_name'):
|
||||
retVal.name = old_name
|
||||
retVal.name = retVal.old_name
|
||||
retVal.close()
|
||||
except OSError:
|
||||
pass
|
||||
|
@ -1242,7 +1240,7 @@ def getConsoleWidth(default=80):
|
|||
if 'COLUMNS' in os.environ and os.environ['COLUMNS'].isdigit():
|
||||
width = int(os.environ['COLUMNS'])
|
||||
else:
|
||||
output=subprocess.Popen('stty size', shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE).stdout.read()
|
||||
output=execute('stty size', shell=True, stdout=PIPE, stderr=PIPE).stdout.read()
|
||||
items = output.split()
|
||||
|
||||
if len(items) == 2 and items[1].isdigit():
|
||||
|
@ -1694,7 +1692,7 @@ def getPublicTypeMembers(type_, onlyValues=False):
|
|||
|
||||
retVal = []
|
||||
|
||||
for name, value in getmembers(type_):
|
||||
for name, value in inspect.getmembers(type_):
|
||||
if not name.startswith('__'):
|
||||
if not onlyValues:
|
||||
retVal.append((name, value))
|
||||
|
@ -2094,7 +2092,7 @@ def openFile(filename, mode='r'):
|
|||
|
||||
try:
|
||||
return codecs.open(filename, mode, conf.dataEncoding)
|
||||
except IOError, e:
|
||||
except IOError:
|
||||
errMsg = "there has been a file opening error for filename '%s'. " % filename
|
||||
errMsg += "Please check %s permissions on a file " % ("write" if mode and\
|
||||
('w' in mode or 'a' in mode or '+' in mode) else "read")
|
||||
|
|
|
@ -20,80 +20,80 @@ import urllib
|
|||
|
||||
from lib.core.data import conf
|
||||
|
||||
def base64decode(string):
|
||||
return string.decode("base64")
|
||||
def base64decode(value):
|
||||
return value.decode("base64")
|
||||
|
||||
def base64encode(string):
|
||||
return string.encode("base64")[:-1].replace("\n", "")
|
||||
def base64encode(value):
|
||||
return value.encode("base64")[:-1].replace("\n", "")
|
||||
|
||||
def base64pickle(string):
|
||||
return base64encode(pickle.dumps(string))
|
||||
def base64pickle(value):
|
||||
return base64encode(pickle.dumps(value))
|
||||
|
||||
def base64unpickle(string):
|
||||
return pickle.loads(base64decode(string))
|
||||
def base64unpickle(value):
|
||||
return pickle.loads(base64decode(value))
|
||||
|
||||
def hexdecode(string):
|
||||
string = string.lower()
|
||||
def hexdecode(value):
|
||||
value = value.lower()
|
||||
|
||||
if string.startswith("0x"):
|
||||
string = string[2:]
|
||||
if value.startswith("0x"):
|
||||
value = value[2:]
|
||||
|
||||
return string.decode("hex")
|
||||
return value.decode("hex")
|
||||
|
||||
def hexencode(string):
|
||||
return string.encode("hex")
|
||||
def hexencode(value):
|
||||
return value.encode("hex")
|
||||
|
||||
def md5hash(string):
|
||||
def md5hash(value):
|
||||
if sys.modules.has_key('hashlib'):
|
||||
return hashlib.md5(string).hexdigest()
|
||||
return hashlib.md5(value).hexdigest()
|
||||
else:
|
||||
return md5.new(string).hexdigest()
|
||||
return md5.new(value).hexdigest()
|
||||
|
||||
def orddecode(string):
|
||||
packedString = struct.pack("!"+"I" * len(string), *string)
|
||||
def orddecode(value):
|
||||
packedString = struct.pack("!"+"I" * len(value), *value)
|
||||
return "".join([chr(char) for char in struct.unpack("!"+"I"*(len(packedString)/4), packedString)])
|
||||
|
||||
def ordencode(string):
|
||||
return tuple([ord(char) for char in string])
|
||||
def ordencode(value):
|
||||
return tuple([ord(char) for char in value])
|
||||
|
||||
def sha1hash(string):
|
||||
def sha1hash(value):
|
||||
if sys.modules.has_key('hashlib'):
|
||||
return hashlib.sha1(string).hexdigest()
|
||||
return hashlib.sha1(value).hexdigest()
|
||||
else:
|
||||
return sha.new(string).hexdigest()
|
||||
return sha.new(value).hexdigest()
|
||||
|
||||
def urldecode(string):
|
||||
def urldecode(value):
|
||||
result = None
|
||||
|
||||
if string:
|
||||
result = urllib.unquote_plus(string)
|
||||
if value:
|
||||
result = urllib.unquote_plus(value)
|
||||
|
||||
return result
|
||||
|
||||
def urlencode(string, safe=":/?%&=", convall=False):
|
||||
def urlencode(value, safe=":/?%&=", convall=False):
|
||||
if conf.direct or "POSTxml" in conf.paramDict:
|
||||
return string
|
||||
return value
|
||||
|
||||
result = None
|
||||
|
||||
if string is None:
|
||||
if value is None:
|
||||
return result
|
||||
|
||||
if convall:
|
||||
result = urllib.quote(utf8encode(string)) # Reference: http://old.nabble.com/Re:-Problem:-neither-urllib2.quote-nor-urllib.quote-encode-the--unicode-strings-arguments-p19823144.html
|
||||
result = urllib.quote(utf8encode(value)) # Reference: http://old.nabble.com/Re:-Problem:-neither-urllib2.quote-nor-urllib.quote-encode-the--unicode-strings-arguments-p19823144.html
|
||||
else:
|
||||
result = urllib.quote(utf8encode(string), safe)
|
||||
result = urllib.quote(utf8encode(value), safe)
|
||||
|
||||
return result
|
||||
|
||||
def utf8encode(string):
|
||||
return string.encode("utf-8")
|
||||
def utf8encode(value):
|
||||
return value.encode("utf-8")
|
||||
|
||||
def utf8decode(string):
|
||||
return string.decode("utf-8")
|
||||
def utf8decode(value):
|
||||
return value.decode("utf-8")
|
||||
|
||||
def htmlescape(string):
|
||||
return string.replace('&', '&').replace('<', '<').replace('>', '>').replace('"', '"').replace("'", ''').replace(' ', ' ')
|
||||
def htmlescape(value):
|
||||
return value.replace('&', '&').replace('<', '<').replace('>', '>').replace('"', '"').replace("'", ''').replace(' ', ' ')
|
||||
|
||||
def htmlunescape(string):
|
||||
return string.replace('&', '&').replace('<', '<').replace('>', '>').replace('"', '"').replace(''', "'").replace(' ', ' ')
|
||||
def htmlunescape(value):
|
||||
return value.replace('&', '&').replace('<', '<').replace('>', '>').replace('"', '"').replace(''', "'").replace(' ', ' ')
|
||||
|
|
|
@ -291,7 +291,7 @@ class Dump:
|
|||
if re.search("^[\ *]*$", value): #NULL
|
||||
continue
|
||||
|
||||
temp = int(value)
|
||||
_ = int(value)
|
||||
except ValueError:
|
||||
colType = None
|
||||
break
|
||||
|
@ -304,7 +304,7 @@ class Dump:
|
|||
if re.search("^[\ *]*$", value): #NULL
|
||||
continue
|
||||
|
||||
temp = float(value)
|
||||
_ = float(value)
|
||||
except ValueError:
|
||||
colType = None
|
||||
break
|
||||
|
|
|
@ -7,50 +7,44 @@ Copyright (c) 2006-2010 sqlmap developers (http://sqlmap.sourceforge.net/)
|
|||
See the file 'doc/COPYING' for copying permission
|
||||
"""
|
||||
|
||||
import sys
|
||||
|
||||
from lib.core.data import logger
|
||||
from lib.core.settings import IS_WIN
|
||||
from lib.core.settings import PLATFORM
|
||||
|
||||
try:
|
||||
from readline import *
|
||||
import readline as _rl
|
||||
_readline = None
|
||||
|
||||
haveReadline = True
|
||||
try:
|
||||
import readline as _readline
|
||||
except ImportError:
|
||||
try:
|
||||
from pyreadline import *
|
||||
import pyreadline as _rl
|
||||
import pyreadline as _readline
|
||||
except ImportError:
|
||||
pass
|
||||
|
||||
haveReadline = True
|
||||
except ImportError:
|
||||
haveReadline = False
|
||||
|
||||
if IS_WIN and haveReadline:
|
||||
if IS_WIN and _readline:
|
||||
try:
|
||||
_outputfile=_rl.GetOutputFile()
|
||||
_outputfile = _readline.GetOutputFile()
|
||||
except AttributeError:
|
||||
debugMsg = "Failed GetOutputFile when using platform's "
|
||||
debugMsg = "Failed GetOutputFile when using platform's "
|
||||
debugMsg += "readline library"
|
||||
logger.debug(debugMsg)
|
||||
|
||||
haveReadline = False
|
||||
_readline = None
|
||||
|
||||
# Test to see if libedit is being used instead of GNU readline.
|
||||
# Thanks to Boyd Waters for this patch.
|
||||
uses_libedit = False
|
||||
|
||||
if PLATFORM == 'mac' and haveReadline:
|
||||
if PLATFORM == 'mac' and _readline:
|
||||
import commands
|
||||
|
||||
(status, result) = commands.getstatusoutput( "otool -L %s | grep libedit" % _rl.__file__ )
|
||||
(status, result) = commands.getstatusoutput( "otool -L %s | grep libedit" % _readline.__file__ )
|
||||
|
||||
if status == 0 and len(result) > 0:
|
||||
# We are bound to libedit - new in Leopard
|
||||
_rl.parse_and_bind("bind ^I rl_complete")
|
||||
_readline.parse_and_bind("bind ^I rl_complete")
|
||||
|
||||
debugMsg = "Leopard libedit detected when using platform's "
|
||||
debugMsg = "Leopard libedit detected when using platform's "
|
||||
debugMsg += "readline library"
|
||||
logger.debug(debugMsg)
|
||||
|
||||
|
@ -61,11 +55,11 @@ if PLATFORM == 'mac' and haveReadline:
|
|||
# existence. Some known platforms actually don't have it. This thread:
|
||||
# http://mail.python.org/pipermail/python-dev/2003-August/037845.html
|
||||
# has the original discussion.
|
||||
if haveReadline:
|
||||
if _readline:
|
||||
try:
|
||||
_rl.clear_history
|
||||
_readline.clear_history()
|
||||
except AttributeError:
|
||||
def clear_history():
|
||||
pass
|
||||
|
||||
_rl.clear_history = clear_history
|
||||
_readline.clear_history = clear_history
|
||||
|
|
|
@ -141,7 +141,7 @@ def liveTest():
|
|||
count += 1
|
||||
msg = "running live test case '%s' (%d/%d)" % (name, count, length)
|
||||
logger.info(msg)
|
||||
result = runCase(name, switches, log, session)
|
||||
result = runCase(switches, log, session)
|
||||
if result:
|
||||
logger.info("test passed")
|
||||
else:
|
||||
|
@ -180,7 +180,7 @@ def cleanCase():
|
|||
conf.verbose = 1
|
||||
__setVerbosity()
|
||||
|
||||
def runCase(name=None, switches=None, log=None, session=None):
|
||||
def runCase(switches=None, log=None, session=None):
|
||||
retVal = True
|
||||
initCase(switches)
|
||||
|
||||
|
|
|
@ -13,10 +13,8 @@ import os
|
|||
import re
|
||||
import shutil
|
||||
import sys
|
||||
import tempfile
|
||||
import time
|
||||
import urlparse
|
||||
import zipfile
|
||||
|
||||
from distutils.dir_util import mkpath
|
||||
from xml.dom.minidom import Document
|
||||
|
|
|
@ -415,7 +415,7 @@ class XMLDump:
|
|||
|
||||
logger.info("Table '%s.%s' dumped to XML file" % (db, table))
|
||||
|
||||
def dbColumns(self, dbColumns, colConsider, dbs):
|
||||
def dbColumns(self, dbColumns, _, dbs):
|
||||
'''
|
||||
Adds information about the columns
|
||||
'''
|
||||
|
@ -496,7 +496,7 @@ class XMLDump:
|
|||
self.__root.setAttributeNode(self.__createAttribute(XMLNS_ATTR,NAME_SPACE_ATTR))
|
||||
self.__root.setAttributeNode(self.__createAttribute(SCHEME_NAME_ATTR,SCHEME_NAME))
|
||||
self.__doc.appendChild(self.__root)
|
||||
except IOError, e:
|
||||
except IOError:
|
||||
raise sqlmapFilePathException("Wrong filename provided for saving the xml file: %s" % conf.xmlFile)
|
||||
|
||||
def getOutputFile(self):
|
||||
|
|
Loading…
Reference in New Issue
Block a user