sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-04-25 11:23:44 +03:00
Code Issues Packages Projects Releases Wiki Activity

added initial support (hidden from -hh and not yet usable) for REST-JSON API

Browse Source
This commit is contained in:
Bernardo Damele 2012-12-14 02:49:25 +00:00
parent 46885d4c28
commit 6e31e87de1
4 changed files with 36 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
_sqlmap.py
View File

@ -32,6 +32,7 @@ from lib.core.data import logger
from lib.core.data import paths from lib.core.data import paths
from lib.core.common import unhandledExceptionMessage from lib.core.common import unhandledExceptionMessage
from lib.core.exception import exceptionsTuple from lib.core.exception import exceptionsTuple
from lib.core.exception import SqlmapMissingDependence
from lib.core.exception import SqlmapSilentQuitException from lib.core.exception import SqlmapSilentQuitException
from lib.core.exception import SqlmapUserQuitException from lib.core.exception import SqlmapUserQuitException
from lib.core.log import FORMATTER from lib.core.log import FORMATTER
@ -39,12 +40,20 @@ from lib.core.log import LOGGER_HANDLER
from lib.core.option import init from lib.core.option import init
from lib.core.profiling import profile from lib.core.profiling import profile
from lib.core.settings import LEGAL_DISCLAIMER from lib.core.settings import LEGAL_DISCLAIMER
from lib.core.settings import RESTAPI_SERVER_PORT
from lib.core.settings import XMLRPC_SERVER_PORT from lib.core.settings import XMLRPC_SERVER_PORT
from lib.core.testing import smokeTest from lib.core.testing import smokeTest
from lib.core.testing import liveTest from lib.core.testing import liveTest
from lib.parse.cmdline import cmdLineParser from lib.parse.cmdline import cmdLineParser
from lib.utils.xmlrpc import XMLRPCServer from lib.utils.xmlrpc import XMLRPCServer
try:
from lib.utils.restapi import restAPIrun
except SqlmapMissingDependence, e:
e = getUnicode(e)
logger.critical(e)
sys.exit(1)
def modulePath(): def modulePath():
""" """
This will get us the program's directory, even if we are frozen This will get us the program's directory, even if we are frozen
@ -53,6 +62,18 @@ def modulePath():
return os.path.dirname(getUnicode(sys.executable if weAreFrozen() else __file__, sys.getfilesystemencoding())) return os.path.dirname(getUnicode(sys.executable if weAreFrozen() else __file__, sys.getfilesystemencoding()))
def restApiServe():
logger.setLevel(logging.INFO)
cmdLineOptions.batch = True
cmdLineOptions.disableColoring = True
restAPIrun(port=cmdLineOptions.restApiPort or RESTAPI_SERVER_PORT)
def emit(self, record):
message = stdoutencode(FORMATTER.format(record))
sys.stdout.write("%s\n" % message.strip('\r'))
LOGGER_HANDLER.emit = types.MethodType(emit, LOGGER_HANDLER, type(LOGGER_HANDLER))
sys.stdout = StringIO.StringIO()
sys.stderr = StringIO.StringIO()
def xmlRpcServe(): def xmlRpcServe():
logger.setLevel(logging.INFO) logger.setLevel(logging.INFO)
cmdLineOptions.batch = True cmdLineOptions.batch = True
@ -82,7 +103,9 @@ def main():
# Store original command line options for possible later restoration # Store original command line options for possible later restoration
cmdLineOptions.update(cmdLineParser().__dict__) cmdLineOptions.update(cmdLineParser().__dict__)
if cmdLineOptions.xmlRpc: if cmdLineOptions.restApi:
restApiServe()
elif cmdLineOptions.xmlRpc:
xmlRpcServe() xmlRpcServe()
else: else:
init(cmdLineOptions) init(cmdLineOptions)
@ -106,6 +129,7 @@ def main():
except exceptionsTuple, e: except exceptionsTuple, e:
e = getUnicode(e) e = getUnicode(e)
logger.critical(e) logger.critical(e)
sys.exit(1)
except KeyboardInterrupt: except KeyboardInterrupt:
print print

3
lib/core/settings.py
View File

@ -485,6 +485,9 @@ LIMITED_ROWS_TEST_NUMBER = 15
# Default TCP port used for XML-RPC server instance # Default TCP port used for XML-RPC server instance
XMLRPC_SERVER_PORT = 8776 XMLRPC_SERVER_PORT = 8776
# Default TCP port used for REST API server instance
RESTAPI_SERVER_PORT = 8775
# Regular expression for SOAP-like POST data # Regular expression for SOAP-like POST data
SOAP_RECOGNITION_REGEX = r"(?s)\A(<\?xml[^>]+>)?\s*<([^> ]+)( [^>]+)?>.+</\2.*>\s*\Z" SOAP_RECOGNITION_REGEX = r"(?s)\A(<\?xml[^>]+>)?\s*<([^> ]+)( [^>]+)?>.+</\2.*>\s*\Z"

8
lib/parse/cmdline.py
View File

@ -682,6 +682,12 @@ def cmdLineParser():
parser.add_option("--run-case", dest="runCase", type="int", parser.add_option("--run-case", dest="runCase", type="int",
help=SUPPRESS_HELP) help=SUPPRESS_HELP)
parser.add_option("--restapi", dest="restApi", action="store_true",
help=SUPPRESS_HELP)
parser.add_option("--restApi-port", dest="restApiPort", type="int",
help=SUPPRESS_HELP)
parser.add_option("--xmlrpc", dest="xmlRpc", action="store_true", parser.add_option("--xmlrpc", dest="xmlRpc", action="store_true",
help=SUPPRESS_HELP) help=SUPPRESS_HELP)
@ -761,7 +767,7 @@ def cmdLineParser():
if not any((args.direct, args.url, args.logFile, args.bulkFile, args.googleDork, args.configFile, \ if not any((args.direct, args.url, args.logFile, args.bulkFile, args.googleDork, args.configFile, \
args.requestFile, args.updateAll, args.smokeTest, args.liveTest, args.wizard, args.dependencies, \ args.requestFile, args.updateAll, args.smokeTest, args.liveTest, args.wizard, args.dependencies, \
args.xmlRpc, args.purgeOutput)): args.restApi, args.xmlRpc, args.purgeOutput)):
errMsg = "missing a mandatory option (-d, -u, -l, -m, -r, -g, -c, --wizard, --update, --purge-output or --dependencies), " errMsg = "missing a mandatory option (-d, -u, -l, -m, -r, -g, -c, --wizard, --update, --purge-output or --dependencies), "
errMsg += "use -h for basic or -hh for advanced help" errMsg += "use -h for basic or -hh for advanced help"
parser.error(errMsg) parser.error(errMsg)

1
lib/utils/xmlrpc.py
View File

@ -66,6 +66,7 @@ class XMLRPCServer:
return retval return retval
def run(self): def run(self):
print "CALLING RUN"
if not self.is_busy(): if not self.is_busy():
init(self.options, True) init(self.options, True)
thread = threading.Thread(target=start) thread = threading.Thread(target=start)