diff --git a/lib/controller/checks.py b/lib/controller/checks.py index a5fa55938..e76ebdeaa 100644 --- a/lib/controller/checks.py +++ b/lib/controller/checks.py @@ -524,7 +524,7 @@ def checkSqlInjection(place, parameter, value): if injection.place is not None and injection.parameter is not None: if not conf.dropSetCookie and PAYLOAD.TECHNIQUE.BOOLEAN in injection.data and injection.data[PAYLOAD.TECHNIQUE.BOOLEAN].vector.startswith('OR'): warnMsg = "in OR boolean-based injections, please consider usage " - warnMsg += "of switch --drop-set-cookie if you experience any " + warnMsg += "of switch '--drop-set-cookie' if you experience any " warnMsg += "problems during data retrieval" logger.warn(warnMsg) @@ -715,7 +715,7 @@ def checkDynamicContent(firstPage, secondPage): if count > conf.retries: warnMsg = "target url is too dynamic. " - warnMsg += "switching to --text-only. " + warnMsg += "switching to '--text-only' " logger.warn(warnMsg) conf.textOnly = True @@ -905,7 +905,7 @@ def checkWaf(): if retVal: warnMsg = "it appears that the target is protected. Please " - warnMsg += "consider usage of tamper scripts (--tamper switch)" + warnMsg += "consider usage of tamper scripts (option '--tamper')" logger.warn(warnMsg) else: infoMsg = "it appears that the target is not protected" diff --git a/lib/controller/controller.py b/lib/controller/controller.py index f271be915..97d8d56f2 100644 --- a/lib/controller/controller.py +++ b/lib/controller/controller.py @@ -494,7 +494,7 @@ def start(): errMsg += "to perform more tests." if isinstance(conf.tech, list) and len(conf.tech) < 5: - errMsg += " Rerun without providing the --technique switch." + errMsg += " Rerun without providing the option '--technique'." if not conf.textOnly and kb.originalPage: percent = (100.0 * len(getFilteredPageContent(kb.originalPage)) / len(kb.originalPage)) diff --git a/lib/core/option.py b/lib/core/option.py index 46ba9c8cf..f6fe45121 100644 --- a/lib/core/option.py +++ b/lib/core/option.py @@ -1319,7 +1319,7 @@ def __cleanupOptions(): warnMsg = "increasing default value for " warnMsg += "--time-sec to %d because " % conf.timeSec - warnMsg += "--tor switch was provided" + warnMsg += "switch '--tor' was provided" logger.warn(warnMsg) else: kb.adjustTimeDelay = True @@ -1714,7 +1714,7 @@ def __setTorHttpProxySettings(): errMsg = "can't establish connection with the Tor proxy. " errMsg += "Please make sure that you have Vidalia, Privoxy or " errMsg += "Polipo bundle installed for you to be able to " - errMsg += "successfully use --tor switch " + errMsg += "successfully use switch '--tor' " if IS_WIN: errMsg += "(e.g. https://www.torproject.org/projects/vidalia.html.en)" @@ -1770,31 +1770,31 @@ def __basicOptionValidation(): raise sqlmapSyntaxException, errMsg if conf.textOnly and conf.nullConnection: - errMsg = "switch --text-only is incompatible with switch --null-connection" + errMsg = "switch '--text-only' is incompatible with switch '--null-connection'" raise sqlmapSyntaxException, errMsg if conf.titles and conf.nullConnection: - errMsg = "switch --titles is incompatible with switch --null-connection" + errMsg = "switch '--titles' is incompatible with switch '--null-connection'" raise sqlmapSyntaxException, errMsg if conf.data and conf.nullConnection: - errMsg = "switch --data is incompatible with switch --null-connection" + errMsg = "option '--data' is incompatible with switch '--null-connection'" raise sqlmapSyntaxException, errMsg if conf.string and conf.nullConnection: - errMsg = "switch --string is incompatible with switch --null-connection" + errMsg = "option '--string' is incompatible with switch '--null-connection'" raise sqlmapSyntaxException, errMsg if conf.regexp and conf.nullConnection: - errMsg = "switch --regexp is incompatible with switch --null-connection" + errMsg = "option '--regexp' is incompatible with switch '--null-connection'" raise sqlmapSyntaxException, errMsg if conf.dumpTable and conf.dumpAll: - errMsg = "switch --dump is incompatible with switch --dump-all" + errMsg = "switch '--dump' is incompatible with switch '--dump-all'" raise sqlmapSyntaxException, errMsg if conf.predictOutput and (conf.threads > 1 or conf.optimize): - errMsg = "switch --predict-output is incompatible with switch --threads and -o" + errMsg = "switch '--predict-output' is incompatible with option '--threads' and switch '-o'" raise sqlmapSyntaxException, errMsg if conf.threads > MAX_NUMBER_OF_THREADS: @@ -1802,56 +1802,56 @@ def __basicOptionValidation(): raise sqlmapSyntaxException, errMsg if conf.forms and not conf.url: - errMsg = "switch --forms requires usage of -u (--url) switch" + errMsg = "switch '--forms' requires usage of option '-u' (--url)" raise sqlmapSyntaxException, errMsg if conf.tor and conf.ignoreProxy: - errMsg = "switch --tor is incompatible with switch --ignore-proxy" + errMsg = "switch '--tor' is incompatible with switch '--ignore-proxy'" raise sqlmapSyntaxException, errMsg if conf.tor and conf.proxy: - errMsg = "switch --tor is incompatible with switch --proxy" + errMsg = "switch '--tor' is incompatible with option '--proxy'" raise sqlmapSyntaxException, errMsg if conf.checkTor and not any([conf.tor, conf.proxy]): - errMsg = "switch --check-tor requires usage of switch --tor (or --proxy with HTTP proxy address using Tor)" + errMsg = "switch '--check-tor' requires usage of switch '--tor' (or option '--proxy' with HTTP proxy address using Tor)" raise sqlmapSyntaxException, errMsg if conf.torPort is not None and not (isinstance(conf.torPort, int) and conf.torPort > 0): - errMsg = "value for --tor-port (torPort) option must be an integer value greater than zero (>0)" + errMsg = "value for option '--tor-port' must be a positive integer" raise sqlmapSyntaxException, errMsg if conf.torType not in getPublicTypeMembers(PROXYTYPE, True): - errMsg = "switch --tor-type accepts one of following values: %s" % ", ".join(getPublicTypeMembers(PROXYTYPE, True)) + errMsg = "option '--tor-type' accepts one of following values: %s" % ", ".join(getPublicTypeMembers(PROXYTYPE, True)) raise sqlmapSyntaxException, errMsg if conf.skip and conf.testParameter: - errMsg = "switch --skip is incompatible with switch -p" + errMsg = "option '--skip' is incompatible with option '-p'" raise sqlmapSyntaxException, errMsg if conf.mobile and conf.agent: - errMsg = "switch --mobile is incompatible with switch --user-agent" + errMsg = "switch '--mobile' is incompatible with option '--user-agent'" raise sqlmapSyntaxException, errMsg if conf.proxy and conf.ignoreProxy: - errMsg = "switch --proxy is incompatible with switch --ignore-proxy" + errMsg = "option '--proxy' is incompatible with switch '--ignore-proxy'" raise sqlmapSyntaxException, errMsg if conf.forms and any([conf.logFile, conf.bulkFile, conf.direct, conf.requestFile, conf.googleDork]): - errMsg = "switch --forms is compatible only with -u (--url) target switch" + errMsg = "switch '--forms' is compatible only with option '-u' (--url)" raise sqlmapSyntaxException, errMsg if conf.timeSec < 1: - errMsg = "value for --time-sec option must be an integer greater than 0" + errMsg = "value for option '--time-sec' must be a positive integer" raise sqlmapSyntaxException, errMsg if conf.uChar and not re.match(UNION_CHAR_REGEX, conf.uChar): - errMsg = "value for --union-char option must be an alpha-numeric value (e.g. 1)" + errMsg = "value for option '--union-char' must be an alpha-numeric value (e.g. 1)" raise sqlmapSyntaxException, errMsg if isinstance(conf.uCols, basestring): if not conf.uCols.isdigit() and ("-" not in conf.uCols or len(conf.uCols.split("-")) != 2): - errMsg = "value for --union-cols must be a range with hyphon " + errMsg = "value for option '--union-cols' must be a range with hyphon " errMsg += "(e.g. 1-10) or integer value (e.g. 5)" raise sqlmapSyntaxException, errMsg diff --git a/lib/core/replication.py b/lib/core/replication.py index e3a369e86..d1ef40c7e 100644 --- a/lib/core/replication.py +++ b/lib/core/replication.py @@ -22,7 +22,7 @@ class Replication: try: import sqlite3 except ImportError, _: - errMsg = "missing module 'sqlite3' needed by --replicate switch" + errMsg = "missing module 'sqlite3' needed by switch '--replicate'" raise sqlmapMissingDependence, errMsg self.dbpath = dbpath diff --git a/lib/parse/cmdline.py b/lib/parse/cmdline.py index 083958957..f706e9182 100644 --- a/lib/parse/cmdline.py +++ b/lib/parse/cmdline.py @@ -39,7 +39,7 @@ def cmdLineParser(): # Target options target = OptionGroup(parser, "Target", "At least one of these " "options has to be specified to set the source " - "to get target urls from.") + "to get target urls from") target.add_option("-d", dest="direct", help="Direct " "connection to the database") @@ -63,7 +63,7 @@ def cmdLineParser(): # Request options request = OptionGroup(parser, "Request", "These options can be used " - "to specify how to connect to the target url.") + "to specify how to connect to the target url") request.add_option("--data", dest="data", help="Data string to be sent through POST") @@ -149,7 +149,7 @@ def cmdLineParser(): # Optimization options optimization = OptionGroup(parser, "Optimization", "These " "options can be used to optimize the " - "performance of sqlmap.") + "performance of sqlmap") optimization.add_option("-o", dest="optimize", action="store_true", @@ -172,7 +172,7 @@ def cmdLineParser(): injection = OptionGroup(parser, "Injection", "These options can be " "used to specify which parameters to test " "for, provide custom injection payloads and " - "optional tampering scripts.") + "optional tampering scripts") injection.add_option("-p", dest="testParameter", help="Testable parameter(s)") @@ -205,7 +205,7 @@ def cmdLineParser(): "used to specify how to parse " "and compare page content from " "HTTP responses when using blind SQL " - "injection technique.") + "injection technique") detection.add_option("--level", dest="level", type="int", help="Level of tests to perform (1-5, " @@ -237,7 +237,7 @@ def cmdLineParser(): # Techniques options techniques = OptionGroup(parser, "Techniques", "These options can be " "used to tweak testing of specific SQL " - "injection techniques.") + "injection techniques") techniques.add_option("--technique", dest="tech", help="SQL injection techniques to test for " @@ -266,7 +266,7 @@ def cmdLineParser(): "be used to enumerate the back-end database " "management system information, structure " "and data contained in the tables. Moreover " - "you can run your own SQL statements.") + "you can run your own SQL statements") enumeration.add_option("-b", "--banner", dest="getBanner", action="store_true", help="Retrieve DBMS banner") @@ -361,7 +361,7 @@ def cmdLineParser(): # User-defined function options brute = OptionGroup(parser, "Brute force", "These " "options can be used to run brute force " - "checks.") + "checks") brute.add_option("--common-tables", dest="commonTables", action="store_true", help="Check existence of common tables") @@ -372,7 +372,7 @@ def cmdLineParser(): # User-defined function options udf = OptionGroup(parser, "User-defined function injection", "These " "options can be used to create custom user-defined " - "functions.") + "functions") udf.add_option("--udf-inject", dest="udfInject", action="store_true", help="Inject custom user-defined functions") @@ -383,7 +383,7 @@ def cmdLineParser(): # File system options filesystem = OptionGroup(parser, "File system access", "These options " "can be used to access the back-end database " - "management system underlying file system.") + "management system underlying file system") filesystem.add_option("--file-read", dest="rFile", help="Read a file from the back-end DBMS " @@ -401,7 +401,7 @@ def cmdLineParser(): takeover = OptionGroup(parser, "Operating system access", "These " "options can be used to access the back-end " "database management system underlying " - "operating system.") + "operating system") takeover.add_option("--os-cmd", dest="osCmd", help="Execute an operating system command") @@ -442,7 +442,7 @@ def cmdLineParser(): windows = OptionGroup(parser, "Windows registry access", "These " "options can be used to access the back-end " "database management system Windows " - "registry.") + "registry") windows.add_option("--reg-read", dest="regRead", action="store_true", @@ -470,7 +470,7 @@ def cmdLineParser(): # General options general = OptionGroup(parser, "General", "These options can be used " - "to set some general working parameters. " ) + "to set some general working parameters" ) #general.add_option("-x", dest="xmlFile", # help="Dump the data into an XML file") @@ -648,7 +648,7 @@ def cmdLineParser(): if not any((args.direct, args.url, args.logFile, args.bulkFile, args.googleDork, args.configFile, \ args.requestFile, args.updateAll, args.smokeTest, args.liveTest, args.realTest, args.wizard, args.dependencies)): - errMsg = "missing a mandatory parameter (-d, -u, -l, -m, -r, -g, -c, --wizard, --update or --dependencies), " + errMsg = "missing a mandatory option (-d, -u, -l, -m, -r, -g, -c, --wizard, --update or --dependencies), " errMsg += "-h for help" parser.error(errMsg) diff --git a/lib/request/connect.py b/lib/request/connect.py index 28b61ea02..4f0b2a757 100644 --- a/lib/request/connect.py +++ b/lib/request/connect.py @@ -100,7 +100,7 @@ class Connect: warnMsg = "please make sure that you have " warnMsg += "Tor installed and running so " warnMsg += "you could successfully use " - warnMsg += "--tor switch " + warnMsg += "switch '--tor' " if IS_WIN: warnMsg += "(e.g. https://www.torproject.org/download/download.html.en)" else: @@ -108,7 +108,7 @@ class Connect: else: warnMsg = "if the problem persists please check that the provided " warnMsg += "target url is valid. If it is, you can try to rerun " - warnMsg += "with the --random-agent switch turned on " + warnMsg += "with the switch '--random-agent' turned on " warnMsg += "and/or proxy switches (--ignore-proxy, --proxy,...)" singleTimeWarnMessage(warnMsg) elif conf.threads > 1: @@ -665,7 +665,7 @@ class Connect: clearConsoleLine() if conf.tor: - warnMsg = "it's highly recommended to avoid usage of --tor switch for " + warnMsg = "it's highly recommended to avoid usage of switch '--tor' for " warnMsg += "time-based injections because of it's high latency time" singleTimeWarnMessage(warnMsg) diff --git a/lib/techniques/blind/inference.py b/lib/techniques/blind/inference.py index 72a1a75aa..ea6a598dc 100644 --- a/lib/techniques/blind/inference.py +++ b/lib/techniques/blind/inference.py @@ -120,7 +120,7 @@ def bisection(payload, expression, length=None, charsetType=None, firstChar=None if conf.threads == 1 and not timeBasedCompare: warnMsg = "running in a single-thread mode. Please consider " - warnMsg += "usage of --threads switch for faster data retrieval" + warnMsg += "usage of option '--threads' for faster data retrieval" singleTimeWarnMessage(warnMsg) if conf.verbose in (1, 2) and not showEta: diff --git a/lib/techniques/union/test.py b/lib/techniques/union/test.py index 77ce01418..717edcde0 100644 --- a/lib/techniques/union/test.py +++ b/lib/techniques/union/test.py @@ -272,7 +272,7 @@ def __unionTestByCharBruteforce(comment, place, parameter, value, prefix, suffix warnMsg = "if UNION based SQL injection is not detected, " warnMsg += "please consider " if not conf.uChar: - warnMsg += "using --union-char switch " + warnMsg += "usage of option '--union-char' " warnMsg += "(e.g. --union-char=1) " if not conf.dbms: if not conf.uChar: diff --git a/lib/techniques/union/use.py b/lib/techniques/union/use.py index e2a14a1ab..c8a6d71f9 100644 --- a/lib/techniques/union/use.py +++ b/lib/techniques/union/use.py @@ -91,7 +91,7 @@ def __oneShotUnionUse(expression, unpack=True, limited=False): logger.warn(warnMsg) elif Backend.isDbms(DBMS.MYSQL) and not kb.multiThreadMode: warnMsg = "if the problem persists with 'None' values please try to use " - warnMsg += "hidden switch --no-cast (fixing problems with some collation " + warnMsg += "hidden switch '--no-cast' (fixing problems with some collation " warnMsg += "issues)" singleTimeWarnMessage(warnMsg)