mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2024-11-22 01:26:42 +03:00
adding option --csv-del
This commit is contained in:
parent
02bd9a54f3
commit
71c46f50aa
|
@ -79,7 +79,6 @@ from lib.core.settings import DEFAULT_GET_POST_DELIMITER
|
|||
from lib.core.settings import INFERENCE_UNKNOWN_CHAR
|
||||
from lib.core.settings import UNICODE_ENCODING
|
||||
from lib.core.settings import DBMS_DICT
|
||||
from lib.core.settings import DEFAULT_CSV_DELIMITER
|
||||
from lib.core.settings import DESCRIPTION
|
||||
from lib.core.settings import DUMMY_SQL_INJECTION_CHARS
|
||||
from lib.core.settings import IS_WIN
|
||||
|
@ -2989,7 +2988,7 @@ def safeCSValue(value):
|
|||
|
||||
if retVal and isinstance(retVal, basestring):
|
||||
if not (retVal[0] == retVal[-1] == '"'):
|
||||
if any(map(lambda x: x in retVal, [DEFAULT_CSV_DELIMITER, '"', '\n'])):
|
||||
if any(map(lambda x: x in retVal, [conf.csvDel, '"', '\n'])):
|
||||
retVal = '"%s"' % retVal.replace('"', '""')
|
||||
|
||||
return retVal
|
||||
|
|
|
@ -10,6 +10,7 @@ See the file 'doc/COPYING' for copying permission
|
|||
from lib.core.datatype import AttribDict
|
||||
|
||||
_defaults = {
|
||||
"csvDel": ",",
|
||||
"timeSec": 5,
|
||||
"googlePage": 1,
|
||||
"cpuThrottle": 5,
|
||||
|
|
|
@ -24,7 +24,6 @@ from lib.core.data import kb
|
|||
from lib.core.data import logger
|
||||
from lib.core.enums import DBMS
|
||||
from lib.core.replication import Replication
|
||||
from lib.core.settings import DEFAULT_CSV_DELIMITER
|
||||
from lib.core.settings import TRIM_STDOUT_DUMP_SIZE
|
||||
from lib.core.settings import UNICODE_ENCODING
|
||||
|
||||
|
@ -398,7 +397,7 @@ class Dump:
|
|||
if field == fields:
|
||||
dataToDumpFile(dumpFP, "%s" % safeCSValue(column))
|
||||
else:
|
||||
dataToDumpFile(dumpFP, "%s%s" % (safeCSValue(column), DEFAULT_CSV_DELIMITER))
|
||||
dataToDumpFile(dumpFP, "%s%s" % (safeCSValue(column), conf.csvDel))
|
||||
|
||||
field += 1
|
||||
|
||||
|
@ -444,7 +443,7 @@ class Dump:
|
|||
if field == fields:
|
||||
dataToDumpFile(dumpFP, "%s" % safeCSValue(value))
|
||||
else:
|
||||
dataToDumpFile(dumpFP, "%s%s" % (safeCSValue(value), DEFAULT_CSV_DELIMITER))
|
||||
dataToDumpFile(dumpFP, "%s%s" % (safeCSValue(value), conf.csvDel))
|
||||
|
||||
field += 1
|
||||
|
||||
|
|
|
@ -161,7 +161,9 @@ optDict = {
|
|||
"trafficFile": "string",
|
||||
"batch": "boolean",
|
||||
"charset": "string",
|
||||
"checkTor": "boolean",
|
||||
"crawlDepth": "integer",
|
||||
"csvDel": "string",
|
||||
"eta": "boolean",
|
||||
"flushSession": "boolean",
|
||||
"forms": "boolean",
|
||||
|
@ -170,7 +172,6 @@ optDict = {
|
|||
"replicate": "boolean",
|
||||
"updateAll": "boolean",
|
||||
"tor": "boolean",
|
||||
"checkTor": "boolean"
|
||||
},
|
||||
|
||||
"Miscellaneous": {
|
||||
|
|
|
@ -413,9 +413,6 @@ UNENCODED_ORIGINAL_VALUE = 'original'
|
|||
# Common column names containing usernames (used for hash cracking in some cases)
|
||||
COMMON_USER_COLUMNS = ('user', 'username', 'user_name', 'benutzername', 'benutzer', 'utilisateur', 'usager', 'consommateur', 'utente', 'utilizzatore', 'usufrutuario', 'korisnik', 'usuario', 'consumidor')
|
||||
|
||||
# Default delimiter used in CSV file format
|
||||
DEFAULT_CSV_DELIMITER = ','
|
||||
|
||||
# Default delimiter in GET/POST values
|
||||
DEFAULT_GET_POST_DELIMITER = '&'
|
||||
|
||||
|
|
|
@ -238,12 +238,12 @@ def cmdLineParser():
|
|||
|
||||
techniques.add_option("--technique", dest="tech",
|
||||
help="SQL injection techniques to test for "
|
||||
"(default %s)" % defaults.tech)
|
||||
"(default \"%s\")" % defaults.tech)
|
||||
|
||||
techniques.add_option("--time-sec", dest="timeSec",
|
||||
type="int",
|
||||
help="Seconds to delay the DBMS response "
|
||||
"(default %s)" % defaults.timeSec)
|
||||
"(default %d)" % defaults.timeSec)
|
||||
|
||||
techniques.add_option("--union-cols", dest="uCols",
|
||||
help="Range of columns to test for UNION query SQL injection")
|
||||
|
@ -487,9 +487,17 @@ def cmdLineParser():
|
|||
general.add_option("--charset", dest="charset",
|
||||
help="Force character encoding used for data retrieval")
|
||||
|
||||
general.add_option("--check-tor", dest="checkTor",
|
||||
action="store_true",
|
||||
help="Check to see if Tor is used properly")
|
||||
|
||||
general.add_option("--crawl", dest="crawlDepth", type="int",
|
||||
help="Crawl the website starting from the target url")
|
||||
|
||||
general.add_option("--csv-del", dest="csvDel",
|
||||
help="Delimiting character used in CSV output "
|
||||
"(default \"%s\")" % defaults.csvDel)
|
||||
|
||||
general.add_option("--eta", dest="eta",
|
||||
action="store_true",
|
||||
help="Display for each output the "
|
||||
|
@ -523,10 +531,6 @@ def cmdLineParser():
|
|||
action="store_true",
|
||||
help="Use default Tor (Vidalia/Privoxy/Polipo) proxy address")
|
||||
|
||||
general.add_option("--check-tor", dest="checkTor",
|
||||
action="store_true",
|
||||
help="Check to see if Tor is used properly")
|
||||
|
||||
general.add_option("--update", dest="updateAll",
|
||||
action="store_true",
|
||||
help="Update sqlmap")
|
||||
|
|
12
sqlmap.conf
12
sqlmap.conf
|
@ -533,11 +533,19 @@ batch = False
|
|||
# Force character encoding used for data retrieval.
|
||||
charset =
|
||||
|
||||
# Check to see if Tor is used properly
|
||||
# Valid: True or False
|
||||
checkTor = False
|
||||
|
||||
# Crawl the website starting from the target url
|
||||
# Valid: integer
|
||||
# Default: 0
|
||||
crawlDepth = 0
|
||||
|
||||
# Delimiting character used in CSV output.
|
||||
# Default: ,
|
||||
csvDel = ,
|
||||
|
||||
# Retrieve each query output length and calculate the estimated time of
|
||||
# arrival in real time.
|
||||
# Valid: True or False
|
||||
|
@ -567,10 +575,6 @@ replicate = False
|
|||
# Valid: True or False
|
||||
tor = False
|
||||
|
||||
# Check to see if Tor is used properly
|
||||
# Valid: True or False
|
||||
checkTor = False
|
||||
|
||||
# Update sqlmap.
|
||||
# Valid: True or False
|
||||
updateAll = False
|
||||
|
|
Loading…
Reference in New Issue
Block a user