diff --git a/lib/controller/controller.py b/lib/controller/controller.py index b31d93310..776fba88e 100644 --- a/lib/controller/controller.py +++ b/lib/controller/controller.py @@ -136,7 +136,7 @@ def __showInjections(): conf.dumper.technic(header, data) if inj.place in (HTTPMETHOD.GET, HTTPMETHOD.POST): - infoMsg = "manual usage of %s payloads requires url encoding" % inj.place + infoMsg = "usage of injected %s payloads requires manual url-encoding" % inj.place logger.info(infoMsg) def __randomFillBlankFields(value): @@ -166,11 +166,10 @@ def __saveToResultsFile(): if not conf.resultsFP: return + found = False + results = {} techniques = dict(map(lambda x: (x[1], x[0]), getPublicTypeMembers(PAYLOAD.TECHNIQUE))) - found = False - - results = {} for inj in kb.injections: if inj.place is None or inj.parameter is None: continue @@ -399,10 +398,8 @@ def start(): break kb.vainRun = False - - paramKey = (conf.hostname, conf.path, place, parameter) - testSqlInj = True + paramKey = (conf.hostname, conf.path, place, parameter) if paramKey in kb.testedParams: testSqlInj = False @@ -578,8 +575,8 @@ def start(): logger.info("Fetched data logged to text files under '%s'" % conf.outputPath) if conf.multipleTargets: - infoMsg = "you can find results of scanning in multiple targets mode " - infoMsg += "inside the CSV file '%s'" % conf.resultsFilename + infoMsg = "you can find results of scanning in multiple targets " + infoMsg += "mode inside the CSV file '%s'" % conf.resultsFilename logger.info(infoMsg) return True diff --git a/lib/core/profiling.py b/lib/core/profiling.py index a67fd8a78..995f40028 100644 --- a/lib/core/profiling.py +++ b/lib/core/profiling.py @@ -20,6 +20,7 @@ def profile(profileOutputFile=None, dotOutputFile=None, imageOutputFile=None): """ This will run the program and present profiling data in a nice looking graph """ + try: from extra.gprof2dot import gprof2dot from extra.xdot import xdot @@ -28,7 +29,9 @@ def profile(profileOutputFile=None, dotOutputFile=None, imageOutputFile=None): import pydot except ImportError, e: errMsg = "profiling requires third-party libraries (%s). " % getUnicode(e, UNICODE_ENCODING) - errMsg += "quick steps: 1) install http://code.google.com/p/pydot/ 2) sudo apt-get install python-profiler graphviz" + errMsg += "Quick steps:%s" % os.linesep + errMsg += "1) Install http://code.google.com/p/pydot/%s" % os.linesep + errMsg += "2) sudo apt-get install python-profiler graphviz" logger.error(errMsg) return