Added --dependences to show which sqlmap dependences are not available

2025-03-03 11:45:46 +03:00 · 2011-06-13 18:44:02 +00:00 · 2011-06-13 18:44:02 +00:00 · 7152a1ed3b
commit 7152a1ed3b
parent 8485827352
6 changed files with 123 additions and 6 deletions
--- a/lib/core/common.py
+++ b/lib/core/common.py
@ -1020,9 +1020,9 @@ def parseTargetDirect():
                    import pymssql

                    if not hasattr(pymssql, "__version__") or pymssql.__version__ < "1.0.2":
-                        errMsg = "pymssql library on your system must be "
-                        errMsg += "version 1.0.2 to work, get it from "
-                        errMsg += "http://sourceforge.net/projects/pymssql/files/pymssql/1.0.2/"
+                        errMsg = "'%s' third-party library must be " % data[1]
+                        errMsg += "version >= 1.0.2 to work properly. "
+                        errMsg += "Download from %s" % data[2]
                        raise sqlmapMissingDependence, errMsg

                elif dbmsName == DBMS.MYSQL:
@ -1040,7 +1040,7 @@ def parseTargetDirect():
            except ImportError, _:
                errMsg = "sqlmap requires '%s' third-party library " % data[1]
                errMsg += "in order to directly connect to the database "
-                errMsg += "'%s'. Download from '%s'" % (dbmsName, data[2])
+                errMsg += "%s. Download from %s" % (dbmsName, data[2])
                raise sqlmapMissingDependence, errMsg

 def parseTargetUrl():
--- a/lib/core/option.py
+++ b/lib/core/option.py
@ -113,6 +113,7 @@ from lib.request.certhandler import HTTPSCertAuthHandler
 from lib.request.rangehandler import HTTPRangeHandler
 from lib.request.redirecthandler import SmartRedirectHandler
 from lib.request.templates import getPageTemplate
+from lib.utils.dependences import checkDependences
 from lib.utils.google import Google

 authHandler = urllib2.BaseHandler()
@ -1743,6 +1744,7 @@ def init(inputOptions=advancedDict(), overrideOptions=False):
    __saveCmdline()
    __setRequestFromFile()
    __cleanupOptions()
+    checkDependences()
    __basicOptionValidation()
    __setTorProxySettings()
    __setMultipleTargets()
--- a/lib/core/optiondict.py
+++ b/lib/core/optiondict.py
@ -174,6 +174,7 @@ optDict = {
                               "replicate":         "boolean",
                               "tor":               "boolean",
                               "wizard":            "boolean",
+                               "dependences":       "boolean",
                               "verbose":           "integer"
                             },
          }
--- a/lib/parse/cmdline.py
+++ b/lib/parse/cmdline.py
@ -537,6 +537,10 @@ def cmdLineParser():
                                  action="store_true", default=False,
                                  help="Simple wizard interface for beginner users")

+        miscellaneous.add_option("--dependences", dest="dependences",
+                                  action="store_true", default=False,
+                                  help="Show which sqlmap dependences are not available")
+
        # Hidden and/or experimental options
        parser.add_option("--profile", dest="profile", action="store_true",
                          default=False, help=SUPPRESS_HELP)
@ -586,8 +590,8 @@ def cmdLineParser():
        (args, _) = parser.parse_args(args)

        if not any([args.direct, args.url, args.logFile, args.bulkFile, args.googleDork, args.configFile, \
-            args.requestFile, args.updateAll, args.smokeTest, args.liveTest, args.realTest, args.wizard]):
-            errMsg = "missing a mandatory parameter ('-d', '-u', '-l', '-m', '-r', '-g', '-c', '--wizard' or '--update'), "
+            args.requestFile, args.updateAll, args.smokeTest, args.liveTest, args.realTest, args.wizard, args.dependences]):
+            errMsg = "missing a mandatory parameter (-d, -u, -l, -m, -r, -g, -c, --wizard, --update or --dependences), "
            errMsg += "-h for help"
            parser.error(errMsg)

--- a/lib/utils/dependences.py
+++ b/lib/utils/dependences.py
@ -0,0 +1,106 @@
+#!/usr/bin/env python
+
+"""
+$Id$
+
+Copyright (c) 2006-2011 sqlmap developers (http://sqlmap.sourceforge.net/)
+See the file 'doc/COPYING' for copying permission
+"""
+
+from lib.core.data import conf
+from lib.core.data import logger
+from lib.core.enums import DBMS
+from lib.core.exception import sqlmapMissingDependence
+from lib.core.settings import DBMS_DICT
+from lib.core.settings import IS_WIN
+
+def checkDependences():
+    missing_libraries = set()
+
+    for dbmsName, data in DBMS_DICT.items():
+        if data[1] is None:
+            continue
+
+        try:
+            if dbmsName in (DBMS.MSSQL, DBMS.SYBASE):
+                import _mssql
+                import pymssql
+
+                if not hasattr(pymssql, "__version__") or pymssql.__version__ < "1.0.2":
+                    errMsg = "'%s' third-party library must be " % data[1]
+                    errMsg += "version >= 1.0.2 to work properly. "
+                    errMsg += "Download from %s" % data[2]
+                    logger.error(errMsg)
+            elif dbmsName == DBMS.MYSQL:
+                import MySQLdb
+            elif dbmsName == DBMS.PGSQL:
+                import psycopg2
+            elif dbmsName == DBMS.ORACLE:
+                import cx_Oracle
+            elif dbmsName == DBMS.SQLITE:
+                import sqlite3
+            elif dbmsName == DBMS.ACCESS:
+                import pyodbc
+            elif dbmsName == DBMS.FIREBIRD:
+                import kinterbasdb
+        except ImportError, _:
+            errMsg = "sqlmap requires '%s' third-party library " % data[1]
+            errMsg += "in order to directly connect to the database "
+            errMsg += "%s. Download from %s" % (dbmsName, data[2])
+            logger.error(errMsg)
+            missing_libraries.add(data[1])
+
+            continue
+
+        debugMsg = "'%s' third-party library is found" % data[1]
+        logger.debug(debugMsg)
+
+    try:
+        import impacket
+        debugMsg = "'python-impacket' third-party library is found"
+        logger.debug(debugMsg)
+    except ImportError, _:
+        errMsg = "sqlmap requires 'python-impacket' third-party library for "
+        errMsg += "out-of-band takeover feature. Download from "
+        errMsg += "http://code.google.com/p/impacket/"
+        logger.error(errMsg)
+        missing_libraries.add('python-impacket')
+
+    try:
+        import ntlm
+        debugMsg = "'python-ntlm' third-party library is found"
+        logger.debug(debugMsg)
+    except ImportError, _:
+        errMsg = "sqlmap requires 'python-ntlm' third-party library for "
+        errMsg += "if you plan to attack a web application behind NTLM "
+        errMsg += "authentication. Download from http://code.google.com/p/python-ntlm/"
+        logger.error(errMsg)
+        missing_libraries.add('python-ntlm')
+
+    try:
+        import pysvn
+        debugMsg = "'python-svn' third-party library is found"
+        logger.debug(debugMsg)
+    except ImportError, _:
+        errMsg = "sqlmap requires 'python-svn' third-party library for "
+        errMsg += "if you want to use the sqlmap update functionality. "
+        errMsg += "Download from http://pysvn.tigris.org/"
+        logger.error(errMsg)
+        missing_libraries.add('python-svn')
+
+    if IS_WIN:
+        try:
+            import pyreadline
+            debugMsg = "'python-pyreadline' third-party library is found"
+            logger.debug(debugMsg)
+        except ImportError, _:
+            errMsg = "sqlmap requires 'pyreadline' third-party library to "
+            errMsg += "be able to take advantage of the sqlmap TAB "
+            errMsg += "completion and history support features in the SQL "
+            errMsg += "shell and OS shell. Download from "
+            errMsg += "http://ipython.scipy.org/moin/PyReadline/Intro"
+            logger.error(errMsg)
+            missing_libraries.add('python-pyreadline')
+
+    if len(missing_libraries) == 0:
+        infoMsg = "all dependences are installed"
--- a/sqlmap.conf
+++ b/sqlmap.conf
@ -576,6 +576,10 @@ tor = False
 # Valid: True or False
 wizard = False

+# Show which sqlmap dependences are not available.
+# Valid: True or False
+dependences = False
+
 # Verbosity level.
 # Valid: integer between 0 and 6
 # 0: Show only error and critical messages