diff --git a/lib/controller/controller.py b/lib/controller/controller.py index 0e1cf4143..9450a89e1 100644 --- a/lib/controller/controller.py +++ b/lib/controller/controller.py @@ -168,7 +168,6 @@ def start(): conf.method = targetMethod conf.data = targetData conf.cookie = targetCookie - injData = [] initTargetEnv() parseTargetUrl() diff --git a/lib/core/common.py b/lib/core/common.py index 18a7f3335..48b5ad7d0 100644 --- a/lib/core/common.py +++ b/lib/core/common.py @@ -20,14 +20,12 @@ import time import urlparse import ntpath import posixpath -import subprocess import httplib from ConfigParser import DEFAULTSECT from ConfigParser import RawConfigParser from StringIO import StringIO from difflib import SequenceMatcher -from inspect import getmembers from math import sqrt from subprocess import PIPE from subprocess import Popen as execute @@ -142,7 +140,7 @@ def paramToDict(place, parameters=None): if conf.parameters.has_key(place) and not parameters: parameters = conf.parameters[place] - if place is not "POSTxml": + if place != "POSTxml": parameters = parameters.replace(", ", ",") if place == PLACE.COOKIE: @@ -1164,7 +1162,7 @@ def decloakToNamedTemporaryFile(filepath, name=None): def __del__(): try: if hasattr(retVal, 'old_name'): - retVal.name = old_name + retVal.name = retVal.old_name retVal.close() except OSError: pass @@ -1242,7 +1240,7 @@ def getConsoleWidth(default=80): if 'COLUMNS' in os.environ and os.environ['COLUMNS'].isdigit(): width = int(os.environ['COLUMNS']) else: - output=subprocess.Popen('stty size', shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE).stdout.read() + output=execute('stty size', shell=True, stdout=PIPE, stderr=PIPE).stdout.read() items = output.split() if len(items) == 2 and items[1].isdigit(): @@ -1694,7 +1692,7 @@ def getPublicTypeMembers(type_, onlyValues=False): retVal = [] - for name, value in getmembers(type_): + for name, value in inspect.getmembers(type_): if not name.startswith('__'): if not onlyValues: retVal.append((name, value)) @@ -2094,7 +2092,7 @@ def openFile(filename, mode='r'): try: return codecs.open(filename, mode, conf.dataEncoding) - except IOError, e: + except IOError: errMsg = "there has been a file opening error for filename '%s'. " % filename errMsg += "Please check %s permissions on a file " % ("write" if mode and\ ('w' in mode or 'a' in mode or '+' in mode) else "read") diff --git a/lib/core/convert.py b/lib/core/convert.py index 25f96c9bc..cdc70721d 100644 --- a/lib/core/convert.py +++ b/lib/core/convert.py @@ -20,80 +20,80 @@ import urllib from lib.core.data import conf -def base64decode(string): - return string.decode("base64") +def base64decode(value): + return value.decode("base64") -def base64encode(string): - return string.encode("base64")[:-1].replace("\n", "") +def base64encode(value): + return value.encode("base64")[:-1].replace("\n", "") -def base64pickle(string): - return base64encode(pickle.dumps(string)) +def base64pickle(value): + return base64encode(pickle.dumps(value)) -def base64unpickle(string): - return pickle.loads(base64decode(string)) +def base64unpickle(value): + return pickle.loads(base64decode(value)) -def hexdecode(string): - string = string.lower() +def hexdecode(value): + value = value.lower() - if string.startswith("0x"): - string = string[2:] + if value.startswith("0x"): + value = value[2:] - return string.decode("hex") + return value.decode("hex") -def hexencode(string): - return string.encode("hex") +def hexencode(value): + return value.encode("hex") -def md5hash(string): +def md5hash(value): if sys.modules.has_key('hashlib'): - return hashlib.md5(string).hexdigest() + return hashlib.md5(value).hexdigest() else: - return md5.new(string).hexdigest() + return md5.new(value).hexdigest() -def orddecode(string): - packedString = struct.pack("!"+"I" * len(string), *string) +def orddecode(value): + packedString = struct.pack("!"+"I" * len(value), *value) return "".join([chr(char) for char in struct.unpack("!"+"I"*(len(packedString)/4), packedString)]) -def ordencode(string): - return tuple([ord(char) for char in string]) +def ordencode(value): + return tuple([ord(char) for char in value]) -def sha1hash(string): +def sha1hash(value): if sys.modules.has_key('hashlib'): - return hashlib.sha1(string).hexdigest() + return hashlib.sha1(value).hexdigest() else: - return sha.new(string).hexdigest() + return sha.new(value).hexdigest() -def urldecode(string): +def urldecode(value): result = None - if string: - result = urllib.unquote_plus(string) + if value: + result = urllib.unquote_plus(value) return result -def urlencode(string, safe=":/?%&=", convall=False): +def urlencode(value, safe=":/?%&=", convall=False): if conf.direct or "POSTxml" in conf.paramDict: - return string + return value result = None - if string is None: + if value is None: return result if convall: - result = urllib.quote(utf8encode(string)) # Reference: http://old.nabble.com/Re:-Problem:-neither-urllib2.quote-nor-urllib.quote-encode-the--unicode-strings-arguments-p19823144.html + result = urllib.quote(utf8encode(value)) # Reference: http://old.nabble.com/Re:-Problem:-neither-urllib2.quote-nor-urllib.quote-encode-the--unicode-strings-arguments-p19823144.html else: - result = urllib.quote(utf8encode(string), safe) + result = urllib.quote(utf8encode(value), safe) return result -def utf8encode(string): - return string.encode("utf-8") +def utf8encode(value): + return value.encode("utf-8") -def utf8decode(string): - return string.decode("utf-8") +def utf8decode(value): + return value.decode("utf-8") -def htmlescape(string): - return string.replace('&', '&').replace('<', '<').replace('>', '>').replace('"', '"').replace("'", ''').replace(' ', ' ') +def htmlescape(value): + return value.replace('&', '&').replace('<', '<').replace('>', '>').replace('"', '"').replace("'", ''').replace(' ', ' ') -def htmlunescape(string): - return string.replace('&', '&').replace('<', '<').replace('>', '>').replace('"', '"').replace(''', "'").replace(' ', ' ') +def htmlunescape(value): + return value.replace('&', '&').replace('<', '<').replace('>', '>').replace('"', '"').replace(''', "'").replace(' ', ' ') diff --git a/lib/core/dump.py b/lib/core/dump.py index ce0ed9b6c..633541911 100644 --- a/lib/core/dump.py +++ b/lib/core/dump.py @@ -291,7 +291,7 @@ class Dump: if re.search("^[\ *]*$", value): #NULL continue - temp = int(value) + _ = int(value) except ValueError: colType = None break @@ -304,7 +304,7 @@ class Dump: if re.search("^[\ *]*$", value): #NULL continue - temp = float(value) + _ = float(value) except ValueError: colType = None break diff --git a/lib/core/readlineng.py b/lib/core/readlineng.py index a10ad4044..98ad3d924 100644 --- a/lib/core/readlineng.py +++ b/lib/core/readlineng.py @@ -7,50 +7,44 @@ Copyright (c) 2006-2010 sqlmap developers (http://sqlmap.sourceforge.net/) See the file 'doc/COPYING' for copying permission """ -import sys - from lib.core.data import logger from lib.core.settings import IS_WIN from lib.core.settings import PLATFORM -try: - from readline import * - import readline as _rl +_readline = None - haveReadline = True +try: + import readline as _readline except ImportError: try: - from pyreadline import * - import pyreadline as _rl + import pyreadline as _readline + except ImportError: + pass - haveReadline = True - except ImportError: - haveReadline = False - -if IS_WIN and haveReadline: +if IS_WIN and _readline: try: - _outputfile=_rl.GetOutputFile() + _outputfile = _readline.GetOutputFile() except AttributeError: - debugMsg = "Failed GetOutputFile when using platform's " + debugMsg = "Failed GetOutputFile when using platform's " debugMsg += "readline library" logger.debug(debugMsg) - haveReadline = False + _readline = None # Test to see if libedit is being used instead of GNU readline. # Thanks to Boyd Waters for this patch. uses_libedit = False -if PLATFORM == 'mac' and haveReadline: +if PLATFORM == 'mac' and _readline: import commands - (status, result) = commands.getstatusoutput( "otool -L %s | grep libedit" % _rl.__file__ ) + (status, result) = commands.getstatusoutput( "otool -L %s | grep libedit" % _readline.__file__ ) if status == 0 and len(result) > 0: # We are bound to libedit - new in Leopard - _rl.parse_and_bind("bind ^I rl_complete") + _readline.parse_and_bind("bind ^I rl_complete") - debugMsg = "Leopard libedit detected when using platform's " + debugMsg = "Leopard libedit detected when using platform's " debugMsg += "readline library" logger.debug(debugMsg) @@ -61,11 +55,11 @@ if PLATFORM == 'mac' and haveReadline: # existence. Some known platforms actually don't have it. This thread: # http://mail.python.org/pipermail/python-dev/2003-August/037845.html # has the original discussion. -if haveReadline: +if _readline: try: - _rl.clear_history + _readline.clear_history() except AttributeError: def clear_history(): pass - _rl.clear_history = clear_history + _readline.clear_history = clear_history diff --git a/lib/core/testing.py b/lib/core/testing.py index 1e9e8e3d7..23a7fef94 100644 --- a/lib/core/testing.py +++ b/lib/core/testing.py @@ -141,7 +141,7 @@ def liveTest(): count += 1 msg = "running live test case '%s' (%d/%d)" % (name, count, length) logger.info(msg) - result = runCase(name, switches, log, session) + result = runCase(switches, log, session) if result: logger.info("test passed") else: @@ -180,7 +180,7 @@ def cleanCase(): conf.verbose = 1 __setVerbosity() -def runCase(name=None, switches=None, log=None, session=None): +def runCase(switches=None, log=None, session=None): retVal = True initCase(switches) diff --git a/lib/core/update.py b/lib/core/update.py index aeaa2b664..a972abd49 100644 --- a/lib/core/update.py +++ b/lib/core/update.py @@ -13,10 +13,8 @@ import os import re import shutil import sys -import tempfile import time import urlparse -import zipfile from distutils.dir_util import mkpath from xml.dom.minidom import Document diff --git a/lib/core/xmldump.py b/lib/core/xmldump.py index f7fcb0b01..9b837a262 100644 --- a/lib/core/xmldump.py +++ b/lib/core/xmldump.py @@ -415,7 +415,7 @@ class XMLDump: logger.info("Table '%s.%s' dumped to XML file" % (db, table)) - def dbColumns(self, dbColumns, colConsider, dbs): + def dbColumns(self, dbColumns, _, dbs): ''' Adds information about the columns ''' @@ -496,7 +496,7 @@ class XMLDump: self.__root.setAttributeNode(self.__createAttribute(XMLNS_ATTR,NAME_SPACE_ATTR)) self.__root.setAttributeNode(self.__createAttribute(SCHEME_NAME_ATTR,SCHEME_NAME)) self.__doc.appendChild(self.__root) - except IOError, e: + except IOError: raise sqlmapFilePathException("Wrong filename provided for saving the xml file: %s" % conf.xmlFile) def getOutputFile(self): diff --git a/sqlmap.py b/sqlmap.py index ae3c7b3a3..90d297a9c 100755 --- a/sqlmap.py +++ b/sqlmap.py @@ -20,7 +20,7 @@ try: import psyco psyco.full() psyco.profile() -except ImportError, _: +except ImportError: pass from lib.controller.controller import start