minor refactoring and comment update

lib/core/settings.py

@@ -211,14 +211,17 @@ SQL_STATEMENTS      = {
                              "rollback ",      ),
                      }
 
+# Regular expressions used for parsing error messages (--parse-errors)
 ERROR_PARSING_REGEXES = (   
                           r"<b>[^<]*(fatal|error|warning|exception)[^<]*</b>:?\s*(?P<result>.+?)<br\s*/?\s*>", 
                           r"<li>Error Type:<br>(?P<result>.+?)</li>", 
                           r"error '[0-9a-f]{8}'((<[^>]+>)|\s)+(?P<result>[^<>]+)"
                         )
 
+# Regular expression used for parsing charset info from meta html headers
 META_CHARSET_REGEX  = r'<meta http-equiv="?content-type"?[^>]+charset=(?P<result>[^">]+)'
 
+# Regular expression used for parsing empty fields in tested form data
 EMPTY_FORM_FIELDS_REGEX = r'(?P<result>[^=]+=(&|\Z))'
 
 # Reference: http://www.cs.ru.nl/bachelorscripties/2010/Martin_Devillers___0437999___Analyzing_password_strength.pdf
@@ -281,4 +284,8 @@ URLENCODE_FAILSAFE_CHARS = '()|,'
 # maximum length of urlencoded value after which failsafe procedure takes away
 URLENCODE_CHAR_LIMIT = 4000
 
+# default schema for Microsoft SQL Server DBMS
 DEFAULT_MSSQL_SCHEMA = 'dbo'
+
+# display hash attack info every mod number of items
+HASH_MOD_ITEM_DISPLAY = 1117

lib/utils/hash.py

@@ -42,6 +42,7 @@ from lib.core.enums import HASH
 from lib.core.exception import sqlmapUserQuitException
 from lib.core.settings import COMMON_PASSWORD_SUFFIXES
 from lib.core.settings import DUMMY_USER_PREFIX
+from lib.core.settings import HASH_MOD_ITEM_DISPLAY
 from lib.core.settings import IS_WIN
 from lib.core.settings import LIST_EMAIL
 from lib.core.settings import UNICODE_ENCODING
@@ -422,11 +423,12 @@ def dictionaryAttack(attack_dict):
 
                                 attack_info.remove(item)
 
-                            elif count % 1117 == 0 or count == length or hash_regex in (HASH.ORACLE_OLD) or hash_regex == HASH.CRYPT_GENERIC and IS_WIN:
+                            elif count % HASH_MOD_ITEM_DISPLAY == 0 or count == length or hash_regex in (HASH.ORACLE_OLD) or hash_regex == HASH.CRYPT_GENERIC and IS_WIN:
                                 status = '%d/%d words (%d%s)' % (count, length, round(100.0*count/length), '%')
                                 dataToStdout("\r[%s] [INFO] %s" % (time.strftime("%X"), status))
 
                     except KeyboardInterrupt:
+                        print
                         warnMsg = "Ctrl+C detected in dictionary attack phase"
                         logger.warn(warnMsg)
                         return results
@@ -472,13 +474,14 @@ def dictionaryAttack(attack_dict):
 
                                 found = True
                                 break
-                            elif count % 1117 == 0 or count == length or hash_regex in (HASH.ORACLE_OLD) or hash_regex == HASH.CRYPT_GENERIC and IS_WIN:
+                            elif count % HASH_MOD_ITEM_DISPLAY == 0 or count == length or hash_regex in (HASH.ORACLE_OLD) or hash_regex == HASH.CRYPT_GENERIC and IS_WIN:
                                 status = '%d/%d words (%d%s)' % (count, length, round(100.0*count/length), '%')
                                 if not user.startswith(DUMMY_USER_PREFIX):
                                     status += ' (user: %s)' % user
                                 dataToStdout("\r[%s] [INFO] %s" % (time.strftime("%X"), status))
 
                         except KeyboardInterrupt:
+                            print
                             warnMsg = "Ctrl+C detected in dictionary attack phase"
                             logger.warn(warnMsg)
                             return results