sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-11-22 17:46:37 +03:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1414 from daremon/api-client-2

Browse Source 
Added commands stop, kill, list to API client
This commit is contained in:
Miroslav Stampar 2015-09-17 15:51:12 +02:00
commit 7cfa90830d
1 changed files with 26 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
lib/utils/api.py
View File

@ -372,7 +372,7 @@ def task_delete(taskid):
@get("/admin/<taskid>/list")
def task_list(taskid):
def task_list(taskid=None):
"""
List task pull
"""
@ -383,7 +383,8 @@ def task_list(taskid):
for key in DataStore.tasks:
if DataStore.tasks[key].remote_addr == request.remote_addr:
tasks.append(key)
tasks = {x: dejsonize(scan_status(x))['status']
for x in list(DataStore.tasks)}
logger.debug("[%s] Listed task pool (%s)" % (taskid, "admin" if is_admin(taskid) else request.remote_addr))
return jsonize({"success": True, "tasks": tasks, "tasks_num": len(tasks)})
@ -482,7 +483,9 @@ def scan_stop(taskid):
"""
Stop a scan
"""
if taskid not in DataStore.tasks:
if (taskid not in DataStore.tasks or
DataStore.tasks[taskid].engine_process() is None or
DataStore.tasks[taskid].engine_has_terminated()):
logger.warning("[%s] Invalid task ID provided to scan_stop()" % taskid)
return jsonize({"success": False, "message": "Invalid task ID"})
@ -497,7 +500,9 @@ def scan_kill(taskid):
"""
Kill a scan
"""
if taskid not in DataStore.tasks:
if (taskid not in DataStore.tasks or
DataStore.tasks[taskid].engine_process() is None or
DataStore.tasks[taskid].engine_has_terminated()):
logger.warning("[%s] Invalid task ID provided to scan_kill()" % taskid)
return jsonize({"success": False, "message": "Invalid task ID"})
@ -693,12 +698,12 @@ def client(host=RESTAPI_SERVER_HOST, port=RESTAPI_SERVER_PORT):
while True:
try:
command = raw_input("api%s> " % (" (%s)" % taskid if taskid else "")).strip()
command = raw_input("api%s> " % (" (%s)" % taskid if taskid else "")).strip().lower()
except (EOFError, KeyboardInterrupt):
print
break
if command.lower() in ("data", "log", "status"):
if command in ("data", "log", "status", "stop", "kill"):
if not taskid:
logger.error("No task ID in use")
continue
@ -708,7 +713,7 @@ def client(host=RESTAPI_SERVER_HOST, port=RESTAPI_SERVER_PORT):
logger.error("Failed to execute command " + command)
dataToStdout("%s\n" % raw)
elif command.lower().startswith("new"):
elif command.startswith("new"):
if ' ' not in command:
logger.error("Program arguments are missing")
continue
@ -740,7 +745,7 @@ def client(host=RESTAPI_SERVER_HOST, port=RESTAPI_SERVER_PORT):
continue
logger.info("Scanning started")
elif command.lower().startswith("use"):
elif command.startswith("use"):
taskid = (command.split()[1] if ' ' in command else "").strip("'\"")
if not taskid:
logger.error("Task ID is missing")
@ -752,16 +757,27 @@ def client(host=RESTAPI_SERVER_HOST, port=RESTAPI_SERVER_PORT):
continue
logger.info("Switching to task ID '%s' " % taskid)
elif command.lower() in ("exit", "bye", "quit", 'q'):
elif command in ("list", "flush"):
raw = _client(addr + "/admin/0/" + command)
res = dejsonize(raw)
if not res["success"]:
logger.error("Failed to execute command " + command)
dataToStdout("%s\n" % raw)
elif command in ("exit", "bye", "quit", 'q'):
return
elif command.lower() in ("help", "?"):
elif command in ("help", "?"):
msg = "help Show this help message\n"
msg += "new ARGS Start a new scan task with provided arguments (e.g. 'new -u \"http://testphp.vulnweb.com/artists.php?artist=1\"')\n"
msg += "use TASKID Switch current context to different task (e.g. 'use c04d8c5c7582efb4')\n"
msg += "data Retrieve and show data for current task\n"
msg += "log Retrieve and show log for current task\n"
msg += "status Retrieve and show status for current task\n"
msg += "stop Stop current task\n"
msg += "kill Kill current task\n"
msg += "list Display all tasks\n"
msg += "flush Flush tasks (delete all tasks)\n"
msg += "exit Exit this client\n"
dataToStdout(msg)