Minor adjustments to extra/ libraries

2025-01-24 00:04:23 +03:00 · 2010-06-09 21:43:22 +00:00 · 2010-06-09 21:43:22 +00:00 · 887adfcf10
commit 887adfcf10
parent c398353e06
4 changed files with 44 additions and 34 deletions
--- a/doc/THANKS
+++ b/doc/THANKS
@ -116,6 +116,9 @@ Davide Guerri <d.guerri@caspur.it>
 David Guimaraes <skysbsb@gmail.com>
    for reporting a few bugs

+Chris Hall <chris.hall@mod10.net>
+    for coding the prettyprint.py library
+
 Kristian Erik Hermansen <kristian.hermansen@gmail.com>
    for reporting a bug
    for donating to sqlmap development
--- a/extra/cloak/init.py
+++ b/extra/cloak/init.py
@ -1,25 +1,23 @@
 #!/usr/bin/env python

 """
-$Id$
+cloak.py - Simple file encryption/compression utility
+Copyright (C) 2010  Miroslav Stampar, Bernardo Damele A. G.
+email(s): miroslav.stampar@gmail.com, bernardo.damele@gmail.com

-This file is part of the sqlmap project, http://sqlmap.sourceforge.net.
+This library is free software; you can redistribute it and/or
+modify it under the terms of the GNU Lesser General Public
+License as published by the Free Software Foundation; either
+version 2.1 of the License, or (at your option) any later version.

-Copyright (c) 2007-2010 Bernardo Damele A. G. <bernardo.damele@gmail.com>
-Copyright (c) 2006 Daniele Bellucci <daniele.bellucci@gmail.com>
+This library is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+Lesser General Public License for more details.

-sqlmap is free software; you can redistribute it and/or modify it under
-the terms of the GNU General Public License as published by the Free
-Software Foundation version 2 of the License.
-
-sqlmap is distributed in the hope that it will be useful, but WITHOUT ANY
-WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
-FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more
-details.
-
-You should have received a copy of the GNU General Public License along
-with sqlmap; if not, write to the Free Software Foundation, Inc., 51
-Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+You should have received a copy of the GNU Lesser General Public
+License along with this library; if not, write to the Free Software
+Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
 """

 pass
--- a/extra/cloak/cloak.py
+++ b/extra/cloak/cloak.py
@ -88,6 +88,5 @@ def main():
    sys.stdout.write(data)
    sys.stdout.close()

-
 if __name__ == '__main__':
-    main()
+    main()
--- a/extra/msfauxmod/wmap_sqlmap.rb
+++ b/extra/msfauxmod/wmap_sqlmap.rb
@ -1,5 +1,15 @@
-require 'msf/core'
+##
+# $Id$
+##

+##
+# This file is part of the Metasploit Framework and may be subject to
+# redistribution and commercial restrictions. Please see the Metasploit
+# Framework web site for more information on licensing and terms of use.
+# http://metasploit.com/framework/
+##
+
+require 'msf/core'

 class Metasploit3 < Msf::Auxiliary

@ -7,12 +17,11 @@ class Metasploit3 < Msf::Auxiliary
 	include Msf::Auxiliary::WMAPScanUniqueQuery
 	include Msf::Auxiliary::Scanner

-
 	def initialize(info = {})
-		super(update_info(info,	
+		super(update_info(info,
 			'Name'			=> 'SQLMAP SQL Injection External Module',
 			'Description'	=> %q{
-				This module launch a sqlmap session.
+					This module launch a sqlmap session.
 				sqlmap is an automatic SQL injection tool developed in Python.
 				Its goal is to detect and take advantage of SQL injection
 				vulnerabilities on web applications. Once it detects one
@ -25,27 +34,27 @@ class Metasploit3 < Msf::Auxiliary
 				statement, read specific files on the file system and much
 				more.
 			},
-			'Author'		=> [ 'bernardo.damele [at] gmail.com', 'daniele.bellucci [at] gmail.com' ],
+			'Author'	    => [ 'Bernardo Damele A. G. <bernardo.damele[at]gmail.com>' ],
 			'License'		=> BSD_LICENSE,
-			'Version'		=> '$Revision$',
+			'Version'		=> '$Revision: 9212 $',
 			'References'	=>
 				[
 					['URL', 'http://sqlmap.sourceforge.net'],
 				]
 			))
-		
+
 		register_options(
 			[
 				OptString.new('METHOD', [ true,  "HTTP Method", 'GET' ]),
 				OptString.new('PATH', [ true,  "The path/file to test for SQL injection", 'index.php' ]),
 				OptString.new('QUERY', [ false, "HTTP GET query", 'id=1' ]),
-				OptString.new('BODY', [ false, "The data string to be sent through POST", '' ]),
+				OptString.new('DATA', [ false, "The data string to be sent through POST", '' ]),
 				OptString.new('OPTS', [ false,  "The sqlmap options to use", ' ' ]),
-				OptPath.new('SQLMAP_PATH', [ true,  "The sqlmap >= 0.6.1 full path ", '/sqlmap/sqlmap.py' ]), 
+				OptPath.new('SQLMAP_PATH', [ true,  "The sqlmap >= 0.6.1 full path ", '/sqlmap/sqlmap.py' ]),
 				OptBool.new('BATCH', [ true,  "Never ask for user input, use the default behaviour", true ])
 			], self.class)
 	end
-	
+
 	# Modify to true if you have sqlmap installed.
 	def wmap_enabled
 		false
@ -53,20 +62,20 @@ class Metasploit3 < Msf::Auxiliary

 	# Test a single host
 	def run_host(ip)
-			
-		sqlmap = datastore['SQLMAP_PATH'] 
-			
+
+		sqlmap = datastore['SQLMAP_PATH']
+
 		if not sqlmap
 			print_error("The sqlmap script could not be found")
 			return
 		end

-		data = datastore['BODY']
+		data = datastore['DATA']
 		method = datastore['METHOD'].upcase

 		sqlmap_url  = (datastore['SSL'] ? "https" : "http")
-		sqlmap_url += "://" + self.target_host + ":" + datastore['RPORT']
-		sqlmap_url += "/" + datastore['PATH'] 
+		sqlmap_url += "://" + wmap_target_host + ":" + wmap_target_port
+		sqlmap_url += "/" + datastore['PATH']

 		if method == "GET"
 			sqlmap_url += '?' + datastore['QUERY']
@ -93,3 +102,4 @@ class Metasploit3 < Msf::Auxiliary
 	end

 end
+