sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-11-25 11:03:47 +03:00
Code Issues Packages Projects Releases Wiki Activity

adding option --csv-del

Browse Source
This commit is contained in:
Miroslav Stampar 2011-11-30 17:39:41 +00:00
parent 02bd9a54f3
commit 71c46f50aa
7 changed files with 24 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
lib/core/common.py
View File

@ -79,7 +79,6 @@ from lib.core.settings import DEFAULT_GET_POST_DELIMITER
from lib.core.settings import INFERENCE_UNKNOWN_CHAR from lib.core.settings import INFERENCE_UNKNOWN_CHAR
from lib.core.settings import UNICODE_ENCODING from lib.core.settings import UNICODE_ENCODING
from lib.core.settings import DBMS_DICT from lib.core.settings import DBMS_DICT
from lib.core.settings import DEFAULT_CSV_DELIMITER
from lib.core.settings import DESCRIPTION from lib.core.settings import DESCRIPTION
from lib.core.settings import DUMMY_SQL_INJECTION_CHARS from lib.core.settings import DUMMY_SQL_INJECTION_CHARS
from lib.core.settings import IS_WIN from lib.core.settings import IS_WIN
@ -2989,7 +2988,7 @@ def safeCSValue(value):
if retVal and isinstance(retVal, basestring): if retVal and isinstance(retVal, basestring):
if not (retVal[0] == retVal[-1] == '"'): if not (retVal[0] == retVal[-1] == '"'):
if any(map(lambda x: x in retVal, [DEFAULT_CSV_DELIMITER, '"', '\n'])): if any(map(lambda x: x in retVal, [conf.csvDel, '"', '\n'])):
retVal = '"%s"' % retVal.replace('"', '""') retVal = '"%s"' % retVal.replace('"', '""')
return retVal return retVal

1
lib/core/defaults.py
View File

@ -10,6 +10,7 @@ See the file 'doc/COPYING' for copying permission
from lib.core.datatype import AttribDict from lib.core.datatype import AttribDict
_defaults = { _defaults = {
"csvDel": ",",
"timeSec": 5, "timeSec": 5,
"googlePage": 1, "googlePage": 1,
"cpuThrottle": 5, "cpuThrottle": 5,

5
lib/core/dump.py
View File

@ -24,7 +24,6 @@ from lib.core.data import kb
from lib.core.data import logger from lib.core.data import logger
from lib.core.enums import DBMS from lib.core.enums import DBMS
from lib.core.replication import Replication from lib.core.replication import Replication
from lib.core.settings import DEFAULT_CSV_DELIMITER
from lib.core.settings import TRIM_STDOUT_DUMP_SIZE from lib.core.settings import TRIM_STDOUT_DUMP_SIZE
from lib.core.settings import UNICODE_ENCODING from lib.core.settings import UNICODE_ENCODING
@ -398,7 +397,7 @@ class Dump:
if field == fields: if field == fields:
dataToDumpFile(dumpFP, "%s" % safeCSValue(column)) dataToDumpFile(dumpFP, "%s" % safeCSValue(column))
else: else:
dataToDumpFile(dumpFP, "%s%s" % (safeCSValue(column), DEFAULT_CSV_DELIMITER)) dataToDumpFile(dumpFP, "%s%s" % (safeCSValue(column), conf.csvDel))
field += 1 field += 1
@ -444,7 +443,7 @@ class Dump:
if field == fields: if field == fields:
dataToDumpFile(dumpFP, "%s" % safeCSValue(value)) dataToDumpFile(dumpFP, "%s" % safeCSValue(value))
else: else:
dataToDumpFile(dumpFP, "%s%s" % (safeCSValue(value), DEFAULT_CSV_DELIMITER)) dataToDumpFile(dumpFP, "%s%s" % (safeCSValue(value), conf.csvDel))
field += 1 field += 1

3
lib/core/optiondict.py
View File

@ -161,7 +161,9 @@ optDict = {
"trafficFile": "string", "trafficFile": "string",
"batch": "boolean", "batch": "boolean",
"charset": "string", "charset": "string",
"checkTor": "boolean",
"crawlDepth": "integer", "crawlDepth": "integer",
"csvDel": "string",
"eta": "boolean", "eta": "boolean",
"flushSession": "boolean", "flushSession": "boolean",
"forms": "boolean", "forms": "boolean",
@ -170,7 +172,6 @@ optDict = {
"replicate": "boolean", "replicate": "boolean",
"updateAll": "boolean", "updateAll": "boolean",
"tor": "boolean", "tor": "boolean",
"checkTor": "boolean"
}, },
"Miscellaneous": { "Miscellaneous": {

3
lib/core/settings.py
View File

@ -413,9 +413,6 @@ UNENCODED_ORIGINAL_VALUE = 'original'
# Common column names containing usernames (used for hash cracking in some cases) # Common column names containing usernames (used for hash cracking in some cases)
COMMON_USER_COLUMNS = ('user', 'username', 'user_name', 'benutzername', 'benutzer', 'utilisateur', 'usager', 'consommateur', 'utente', 'utilizzatore', 'usufrutuario', 'korisnik', 'usuario', 'consumidor') COMMON_USER_COLUMNS = ('user', 'username', 'user_name', 'benutzername', 'benutzer', 'utilisateur', 'usager', 'consommateur', 'utente', 'utilizzatore', 'usufrutuario', 'korisnik', 'usuario', 'consumidor')
# Default delimiter used in CSV file format
DEFAULT_CSV_DELIMITER = ','
# Default delimiter in GET/POST values # Default delimiter in GET/POST values
DEFAULT_GET_POST_DELIMITER = '&' DEFAULT_GET_POST_DELIMITER = '&'

16
lib/parse/cmdline.py
View File

@ -238,12 +238,12 @@ def cmdLineParser():
techniques.add_option("--technique", dest="tech", techniques.add_option("--technique", dest="tech",
help="SQL injection techniques to test for " help="SQL injection techniques to test for "
"(default %s)" % defaults.tech) "(default \"%s\")" % defaults.tech)
techniques.add_option("--time-sec", dest="timeSec", techniques.add_option("--time-sec", dest="timeSec",
type="int", type="int",
help="Seconds to delay the DBMS response " help="Seconds to delay the DBMS response "
"(default %s)" % defaults.timeSec) "(default %d)" % defaults.timeSec)
techniques.add_option("--union-cols", dest="uCols", techniques.add_option("--union-cols", dest="uCols",
help="Range of columns to test for UNION query SQL injection") help="Range of columns to test for UNION query SQL injection")
@ -487,9 +487,17 @@ def cmdLineParser():
general.add_option("--charset", dest="charset", general.add_option("--charset", dest="charset",
help="Force character encoding used for data retrieval") help="Force character encoding used for data retrieval")
general.add_option("--check-tor", dest="checkTor",
action="store_true",
help="Check to see if Tor is used properly")
general.add_option("--crawl", dest="crawlDepth", type="int", general.add_option("--crawl", dest="crawlDepth", type="int",
help="Crawl the website starting from the target url") help="Crawl the website starting from the target url")
general.add_option("--csv-del", dest="csvDel",
help="Delimiting character used in CSV output "
"(default \"%s\")" % defaults.csvDel)
general.add_option("--eta", dest="eta", general.add_option("--eta", dest="eta",
action="store_true", action="store_true",
help="Display for each output the " help="Display for each output the "
@ -523,10 +531,6 @@ def cmdLineParser():
action="store_true", action="store_true",
help="Use default Tor (Vidalia/Privoxy/Polipo) proxy address") help="Use default Tor (Vidalia/Privoxy/Polipo) proxy address")
general.add_option("--check-tor", dest="checkTor",
action="store_true",
help="Check to see if Tor is used properly")
general.add_option("--update", dest="updateAll", general.add_option("--update", dest="updateAll",
action="store_true", action="store_true",
help="Update sqlmap") help="Update sqlmap")

12
sqlmap.conf
View File

@ -533,11 +533,19 @@ batch = False
# Force character encoding used for data retrieval. # Force character encoding used for data retrieval.
charset = charset =
# Check to see if Tor is used properly
# Valid: True or False
checkTor = False
# Crawl the website starting from the target url # Crawl the website starting from the target url
# Valid: integer # Valid: integer
# Default: 0 # Default: 0
crawlDepth = 0 crawlDepth = 0
# Delimiting character used in CSV output.
# Default: ,
csvDel = ,
# Retrieve each query output length and calculate the estimated time of # Retrieve each query output length and calculate the estimated time of
# arrival in real time. # arrival in real time.
# Valid: True or False # Valid: True or False
@ -567,10 +575,6 @@ replicate = False
# Valid: True or False # Valid: True or False
tor = False tor = False
# Check to see if Tor is used properly
# Valid: True or False
checkTor = False
# Update sqlmap. # Update sqlmap.
# Valid: True or False # Valid: True or False
updateAll = False updateAll = False