sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-07-22 14:09:45 +03:00
Code Issues Packages Projects Releases Wiki Activity

Merge 8de0252492 into 2ffaaca3d0

Browse Source
This commit is contained in:
tanaydin sirin 2025-07-14 03:34:52 +00:00 committed by GitHub
commit 8538e1e51c
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 24 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
data/txt/sha256sums.txt
View File

@ -157,7 +157,7 @@ ca86d61d3349ed2d94a6b164d4648cff9701199b5e32378c3f40fca0f517b128 extra/shutils/
df768bcb9838dc6c46dab9b4a877056cb4742bd6cfaaf438c4a3712c5cc0d264 extra/shutils/recloak.sh df768bcb9838dc6c46dab9b4a877056cb4742bd6cfaaf438c4a3712c5cc0d264 extra/shutils/recloak.sh
1972990a67caf2d0231eacf60e211acf545d9d0beeb3c145a49ba33d5d491b3f extra/shutils/strip.sh 1972990a67caf2d0231eacf60e211acf545d9d0beeb3c145a49ba33d5d491b3f extra/shutils/strip.sh
4608f21a4333c162ab3c266c903fda4793cc5834de30d06affe9b7566dd09811 extra/vulnserver/__init__.py 4608f21a4333c162ab3c266c903fda4793cc5834de30d06affe9b7566dd09811 extra/vulnserver/__init__.py
eed1db5da17eca4c65a8f999166e2246eef84397687ae820bbe4984ef65a09df extra/vulnserver/vulnserver.py 486d94bdd9603ef157e2b6c409df9099ff9219782e4bf76770bca5d01ed8d537 extra/vulnserver/vulnserver.py
96a39b4e3a9178e4e8285d5acd00115460cc1098ef430ab7573fc8194368da5c lib/controller/action.py 96a39b4e3a9178e4e8285d5acd00115460cc1098ef430ab7573fc8194368da5c lib/controller/action.py
fad6640f60eac8ad1b65895cbccc39154864843a2a0b0f2ac596d3227edcd4f6 lib/controller/checks.py fad6640f60eac8ad1b65895cbccc39154864843a2a0b0f2ac596d3227edcd4f6 lib/controller/checks.py
34e9cf166e21ce991b61ca7695c43c892e8425f7e1228daec8cadd38f786acc6 lib/controller/controller.py 34e9cf166e21ce991b61ca7695c43c892e8425f7e1228daec8cadd38f786acc6 lib/controller/controller.py

26
extra/vulnserver/vulnserver.py
View File

@ -11,6 +11,7 @@ from __future__ import print_function
import base64 import base64
import json import json
import os
import re import re
import sqlite3 import sqlite3
import sys import sys
@ -19,7 +20,7 @@ import traceback
PY3 = sys.version_info >= (3, 0) PY3 = sys.version_info >= (3, 0)
UNICODE_ENCODING = "utf-8" UNICODE_ENCODING = "utf-8"
DEBUG = False DEBUG = os.getenv('VULN_SERVER_DEBUG', '').lower() in ('true', '1', 'yes', 'on')
if PY3: if PY3:
from http.client import INTERNAL_SERVER_ERROR from http.client import INTERNAL_SERVER_ERROR
@ -82,12 +83,17 @@ def init(quiet=False):
print = _ print = _
def debug_print(msg):
if DEBUG:
print("[DEBUG] %s" % msg)
class ThreadingServer(ThreadingMixIn, HTTPServer): class ThreadingServer(ThreadingMixIn, HTTPServer):
def finish_request(self, *args, **kwargs): def finish_request(self, *args, **kwargs):
try: try:
HTTPServer.finish_request(self, *args, **kwargs) HTTPServer.finish_request(self, *args, **kwargs)
except Exception: except Exception:
if DEBUG: if DEBUG:
debug_print("Error in finish_request:")
traceback.print_exc() traceback.print_exc()
class ReqHandler(BaseHTTPRequestHandler): class ReqHandler(BaseHTTPRequestHandler):
@ -144,19 +150,26 @@ class ReqHandler(BaseHTTPRequestHandler):
try: try:
if self.params.get("echo", ""): if self.params.get("echo", ""):
output += "%s<br>" % self.params["echo"] output += "%s<br>" % self.params["echo"]
debug_print("Echo parameter: %s" % self.params["echo"])
if self.params.get("reflect", ""): if self.params.get("reflect", ""):
output += "%s<br>" % self.params.get("id") output += "%s<br>" % self.params.get("id")
debug_print("Reflect parameter: %s" % self.params.get("id"))
with _lock: with _lock:
if "query" in self.params: if "query" in self.params:
debug_print("Executing query: %s" % self.params["query"])
_cursor.execute(self.params["query"]) _cursor.execute(self.params["query"])
elif "id" in self.params: elif "id" in self.params:
if "base64" in self.params: if "base64" in self.params:
_cursor.execute("SELECT * FROM users WHERE id=%s LIMIT 0, 1" % base64.b64decode("%s===" % self.params["id"], altchars=self.params.get("altchars")).decode()) decoded_id = base64.b64decode("%s===" % self.params["id"], altchars=self.params.get("altchars")).decode()
debug_print("Decoded base64 ID: %s" % decoded_id)
_cursor.execute("SELECT * FROM users WHERE id=%s LIMIT 0, 1" % decoded_id)
else: else:
debug_print("Executing query with ID: %s" % self.params["id"])
_cursor.execute("SELECT * FROM users WHERE id=%s LIMIT 0, 1" % self.params["id"]) _cursor.execute("SELECT * FROM users WHERE id=%s LIMIT 0, 1" % self.params["id"])
results = _cursor.fetchall() results = _cursor.fetchall()
debug_print("Query results: %s" % results)
output += "<b>SQL results:</b><br>\n" output += "<b>SQL results:</b><br>\n"
@ -180,7 +193,9 @@ class ReqHandler(BaseHTTPRequestHandler):
output += "</body></html>" output += "</body></html>"
except Exception as ex: except Exception as ex:
code = INTERNAL_SERVER_ERROR code = INTERNAL_SERVER_ERROR
output = "%s: %s" % (re.search(r"'([^']+)'", str(type(ex))).group(1), ex) error_msg = "%s: %s" % (re.search(r"'([^']+)'", str(type(ex))).group(1), ex)
debug_print("Error occurred: %s" % error_msg)
output = error_msg
self.send_response(code) self.send_response(code)
@ -213,7 +228,9 @@ class ReqHandler(BaseHTTPRequestHandler):
data = self.rfile.read(length) data = self.rfile.read(length)
data = unquote_plus(data.decode(UNICODE_ENCODING, "ignore")) data = unquote_plus(data.decode(UNICODE_ENCODING, "ignore"))
self.data = data self.data = data
debug_print("Received POST data: %s" % data)
elif self.headers.get("Transfer-encoding") == "chunked": elif self.headers.get("Transfer-encoding") == "chunked":
debug_print("Processing chunked transfer encoding")
data, line = b"", b"" data, line = b"", b""
count = 0 count = 0
@ -243,13 +260,16 @@ def run(address=LISTEN_ADDRESS, port=LISTEN_PORT):
try: try:
_alive = True _alive = True
_server = ThreadingServer((address, port), ReqHandler) _server = ThreadingServer((address, port), ReqHandler)
debug_print("Initializing server at 'http://%s:%d'" % (address, port))
print("[i] running HTTP server at 'http://%s:%d'" % (address, port)) print("[i] running HTTP server at 'http://%s:%d'" % (address, port))
_server.serve_forever() _server.serve_forever()
except KeyboardInterrupt: except KeyboardInterrupt:
debug_print("Received keyboard interrupt")
_server.socket.close() _server.socket.close()
raise raise
finally: finally:
_alive = False _alive = False
debug_print("Server stopped")
if __name__ == "__main__": if __name__ == "__main__":
try: try: