More replacements from open() to codecs.open(). conf.dataEncoding has to be used only for non-binary files.

2024-11-22 17:46:37 +03:00 · 2010-05-29 10:10:28 +00:00 · 2010-05-29 10:10:28 +00:00 · 89c721a451
commit 89c721a451
parent 84778f0e6c
7 changed files with 35 additions and 19 deletions
--- a/lib/core/common.py
+++ b/lib/core/common.py
@ -1080,8 +1080,10 @@ def decloakToNamedTemporaryFile(filepath, name=None):
 def decloakToMkstemp(filepath, **kwargs):
    name = mkstemp(**kwargs)[1]
    retVal = open(name, 'w+b')
+
    retVal.write(decloak(filepath))
    retVal.seek(0)
+
    return retVal

 def isWindowsPath(filepath):
@ -1143,7 +1145,7 @@ def profile(profileOutputFile=None, dotOutputFile=None, imageOutputFile=None):

    # Create dot file by using extra/gprof2dot/gprof2dot.py
    # http://code.google.com/p/jrfonseca/wiki/Gprof2Dot
-    dotFilePointer = open(dotOutputFile, 'wt')
+    dotFilePointer = codecs.open(dotOutputFile, 'wt', conf.dataEncoding)
    parser = gprof2dot.PstatsParser(profileOutputFile)
    profile = parser.parse()
    profile.prune(0.5/100.0, 0.1/100.0)
@ -1194,7 +1196,7 @@ def getConsoleWidth(default=80):
    return width if width else default

 def parseXmlFile(xmlFile, handler):
-    xfile = open(xmlFile)
+    xfile = codecs.open(xmlFile, 'rb', conf.dataEncoding)
    content = xfile.read()
    stream = StringIO(content)
    parse(stream, handler)
@ -1209,7 +1211,7 @@ def initCommonOutputs():
    key = None

    fileName = os.path.join(paths.SQLMAP_TXT_PATH, 'common-outputs.txt')
-    cfile = open(fileName, 'r')
+    cfile = codecs.open(fileName, 'r', conf.dataEncoding)

    for line in cfile.xreadlines():
        line = line.strip()
--- a/lib/core/option.py
+++ b/lib/core/option.py
@ -96,7 +96,7 @@ def __urllib2Opener():
    urllib2.install_opener(opener)

 def __feedTargetsDict(reqFile, addedTargetUrls):
-    fp = codecs.open(reqFile, "rb", conf.dataEncoding)
+    fp = codecs.open(reqFile, "rb")

    fread = fp.read()
    fread = fread.replace("\r", "")
@ -745,7 +745,7 @@ def __setHTTPUserAgent():
    logger.debug(debugMsg)

    try:
-        fd = open(conf.userAgentsFile, "r")
+        fd = codecs.open(conf.userAgentsFile, "r", conf.dataEncoding)
    except IOError:
        warnMsg  = "unable to read HTTP User-Agent header "
        warnMsg += "file '%s'" % conf.userAgentsFile
--- a/lib/core/update.py
+++ b/lib/core/update.py
@ -22,6 +22,7 @@ with sqlmap; if not, write to the Free Software Foundation, Inc., 51
 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
 """

+import codecs
 import difflib
 import os
 import re
@ -145,7 +146,7 @@ def __updateMSSQLXML():
                servicepackElement.appendChild(servicepackText)

    # Get the XML old file content to a local variable
-    mssqlXml = open(paths.MSSQL_XML, "r")
+    mssqlXml = codecs.open(paths.MSSQL_XML, "r", conf.dataEncoding)
    oldMssqlXml = mssqlXml.read()
    oldMssqlXmlSignatures = oldMssqlXml.count("<signature>")
    oldMssqlXmlList = oldMssqlXml.splitlines(1)
@ -155,12 +156,12 @@ def __updateMSSQLXML():
    shutil.copy(paths.MSSQL_XML, "%s.bak" % paths.MSSQL_XML)

    # Save our newly created XML to the signatures file
-    mssqlXml = open(paths.MSSQL_XML, "w")
+    mssqlXml = codecs.open(paths.MSSQL_XML, "w", conf.dataEncoding)
    doc.writexml(writer=mssqlXml, addindent="    ", newl="\n")
    mssqlXml.close()

    # Get the XML new file content to a local variable
-    mssqlXml = open(paths.MSSQL_XML, "r")
+    mssqlXml = codecs.open(paths.MSSQL_XML, "r", conf.dataEncoding)
    newMssqlXml = mssqlXml.read()
    newMssqlXmlSignatures = newMssqlXml.count("<signature>")
    newMssqlXmlList = newMssqlXml.splitlines(1)
--- a/lib/takeover/metasploit.py
+++ b/lib/takeover/metasploit.py
@ -22,6 +22,7 @@ with sqlmap; if not, write to the Free Software Foundation, Inc., 51
 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
 """

+import codecs
 import os
 import re
 import stat
@ -357,7 +358,7 @@ class Metasploit:

        self.__resource += "exploit\n"

-        self.resourceFp = open(self.resourceFile, "w")
+        self.resourceFp = codecs.open(self.resourceFile, "w", conf.dataEncoding)
        self.resourceFp.write(self.__resource)
        self.resourceFp.close()

@ -546,7 +547,7 @@ class Metasploit:
            errMsg = "failed to create the shellcode (%s)" % payloadStderr.replace("\n", "")
            raise sqlmapFilePathException, errMsg

-        self.__shellcodeFP   = open(self.__shellcodeFilePath, "rb")
+        self.__shellcodeFP = codecs.open(self.__shellcodeFilePath, "rb", conf.dataEncoding)
        self.shellcodeString = self.__shellcodeFP.read()
        self.__shellcodeFP.close()

--- a/lib/utils/detection.py
+++ b/lib/utils/detection.py
@ -21,10 +21,15 @@ You should have received a copy of the GNU General Public License along
 with sqlmap; if not, write to the Free Software Foundation, Inc., 51
 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
 """
-import re, sre_constants
+
+import codecs
+import re
+import sre_constants
+
 from xml.dom import minidom

 from lib.core.common import getCompiledRegex
+from lib.core.data import conf
 from lib.core.data import paths
 from lib.core.data import logger

@ -36,28 +41,33 @@ def __adjustGrammar(string):
    string = re.sub('attempts\Z', 'attempt', string)
    string = re.sub('injections\Z', 'injection', string)
    string = re.sub('attacks\Z', 'attack', string)
+
    return string

 def checkPayload(string):
    """
-    This method checks if the generated payload is detectable by the PHPIDS filter rules
+    This method checks if the generated payload is detectable by the
+    PHPIDS filter rules
    """
+
    global rules

    if not rules:
-        file = open(paths.DETECTION_RULES_XML, 'r')
-        xmlrules = minidom.parse(file).documentElement
-        file.close()
+        xfile = codecs.open(paths.DETECTION_RULES_XML, 'r', conf.dataEncoding)
+        xmlrules = minidom.parse(xfile).documentElement
+        xfile.close()
        rules = []
+
        for xmlrule in xmlrules.getElementsByTagName("filter"):
            try:
                rule = "(?i)%s" % xmlrule.getElementsByTagName('rule')[0].childNodes[0].nodeValue
                desc = __adjustGrammar(xmlrule.getElementsByTagName('description')[0].childNodes[0].nodeValue)
                rules.append((rule, desc))
-            except sre_constants.error: #some issues with some regex expressions in Python 2.5
+            except sre_constants.error: # Some issues with some regex expressions in Python 2.5
                pass
    
    for rule, desc in rules:
        regObj = getCompiledRegex(rule)
+
        if regObj.search(string):
            logger.warn("highly probable IDS/IPS detection: '%s'" % desc)
--- a/plugins/dbms/mssqlserver/filesystem.py
+++ b/plugins/dbms/mssqlserver/filesystem.py
@ -22,6 +22,7 @@ with sqlmap; if not, write to the Free Software Foundation, Inc., 51
 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
 """

+import codecs
 import ntpath
 import os

@ -150,7 +151,7 @@ class Filesystem(GenericFilesystem):
        dFile        = posixToNtSlashes(dFile)
        dFileName    = ntpath.basename(dFile)
        wFileSize    = os.path.getsize(wFile)
-        wFilePointer = open(wFile, "rb")
+        wFilePointer = codecs.open(wFile, "rb")
        wFileContent = wFilePointer.read()
        wFilePointer.close()

--- a/plugins/generic/filesystem.py
+++ b/plugins/generic/filesystem.py
@ -23,6 +23,7 @@ Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
 """

 import binascii
+import codecs
 import os

 from lib.core.agent import agent
@ -163,7 +164,7 @@ class Filesystem:
        """

        fcEncodedList = []
-        fp            = open(fileName, "rb")
+        fp = codecs.open(fileName, "rb")
        fcEncodedStr = fp.read().encode(encoding).replace("\n", "")

        if not single: