Major bug fix to correctly update sqlmap to the latest stable release

with command line --update
This commit is contained in:
Bernardo Damele 2008-11-02 22:16:54 +00:00
parent bfe1863731
commit 8d130f12a0

View File

@ -203,20 +203,18 @@ def __updateMSSQLXML():
def __createFile(pathname, data): def __createFile(pathname, data):
mkpath(os.path.dirname(pathname)) mkpath(os.path.dirname(pathname))
fileFP = open(pathname, "wb") fileFP = open(pathname, "wb")
fileFP.write(data) fileFP.write(data)
fileFP.close() fileFP.close()
def __extractZipFile(zipFile): def __extractZipFile(tempDir, zipFile, sqlmapNewestVersion):
# Check if the saved binary file is really a ZIP file # Check if the saved binary file is really a ZIP file
if zipfile.is_zipfile(zipFile): if zipfile.is_zipfile(zipFile):
sqlmapZipFile = zipfile.ZipFile(zipFile) sqlmapZipFile = zipfile.ZipFile(zipFile)
else: else:
raise sqlmapFilePathException, "the downloaded file does not seem to be a zipfile" raise sqlmapFilePathException, "the downloaded file does not seem to be a ZIP file"
# Create a temporary directory
tempDir = tempfile.mkdtemp("", "sqlmap_latest-")
# Extract each file within the ZIP file in the temporary directory # Extract each file within the ZIP file in the temporary directory
for info in sqlmapZipFile.infolist(): for info in sqlmapZipFile.infolist():
@ -224,8 +222,6 @@ def __extractZipFile(zipFile):
data = sqlmapZipFile.read(info.filename) data = sqlmapZipFile.read(info.filename)
__createFile(os.path.join(tempDir, info.filename), data) __createFile(os.path.join(tempDir, info.filename), data)
return tempDir
def __updateSqlmap(): def __updateSqlmap():
infoMsg = "updating sqlmap" infoMsg = "updating sqlmap"
@ -247,6 +243,7 @@ def __updateSqlmap():
return return
sqlmapNewestVersion = str(sqlmapNewestVersion).replace("\n", "") sqlmapNewestVersion = str(sqlmapNewestVersion).replace("\n", "")
sqlmapNewestVersion = "0.6.1"
if not re.search("^([\w\.\-]+)$", sqlmapNewestVersion): if not re.search("^([\w\.\-]+)$", sqlmapNewestVersion):
errMsg = "sqlmap version is in a wrong syntax" errMsg = "sqlmap version is in a wrong syntax"
@ -259,11 +256,19 @@ def __updateSqlmap():
logger.info(infoMsg) logger.info(infoMsg)
return return
else:
elif sqlmapNewestVersion > VERSION:
infoMsg = "sqlmap latest stable version is %s. " % sqlmapNewestVersion infoMsg = "sqlmap latest stable version is %s. " % sqlmapNewestVersion
infoMsg += "Going to download it from the SourceForge File List page" infoMsg += "Going to download it from the SourceForge File List page"
logger.info(infoMsg) logger.info(infoMsg)
elif sqlmapNewestVersion < VERSION:
infoMsg = "if you are running a version of sqlmap more updated than "
infoMsg += "the latest stable version (%s)" % sqlmapNewestVersion
logger.info(infoMsg)
return
sqlmapBinaryStringUrl = SQLMAP_SOURCE_URL % sqlmapNewestVersion sqlmapBinaryStringUrl = SQLMAP_SOURCE_URL % sqlmapNewestVersion
try: try:
@ -278,25 +283,28 @@ def __updateSqlmap():
return return
# Save the sqlmap compressed source to a ZIP file in a temporary debugMsg = 'saving the sqlmap compressed source to a ZIP file into '
# directory and extract it debugMsg += 'the temporary directory and extract it'
zipFile = os.path.join(tempfile.gettempdir(), "sqlmap-%s.zip" % sqlmapNewestVersion) logger.debug(debugMsg)
tempDir = tempfile.gettempdir()
zipFile = os.path.join(tempDir, "sqlmap-%s.zip" % sqlmapNewestVersion)
__createFile(zipFile, sqlmapBinaryString) __createFile(zipFile, sqlmapBinaryString)
tempDir = __extractZipFile(zipFile) __extractZipFile(tempDir, zipFile, sqlmapNewestVersion)
# For each file and directory in the temporary directory copy it # For each file and directory in the temporary directory copy it
# to the sqlmap root path and set right permission # to the sqlmap root path and set right permission
# TODO: remove files not needed anymore and all pyc within the # TODO: remove files not needed anymore and all pyc within the
# sqlmap root path in the end # sqlmap root path in the end
for root, dirs, files in os.walk(os.path.join(tempDir, "sqlmap")): for root, dirs, files in os.walk(os.path.join(tempDir, "sqlmap-%s" % sqlmapNewestVersion)):
# Just for development release # Just for development release
if '.svn' in dirs: if '.svn' in root:
dirs.remove('.svn') continue
cleanRoot = root.replace(tempDir, "") cleanRoot = root.replace(tempDir, "")
cleanRoot = cleanRoot.replace("%ssqlmap" % os.sep, "") cleanRoot = cleanRoot.replace("%ssqlmap-%s" % (os.sep, sqlmapNewestVersion), "")
if cleanRoot.startswith("/"): if cleanRoot.startswith(os.sep):
cleanRoot = cleanRoot[1:] cleanRoot = cleanRoot[1:]
for f in files: for f in files:
@ -307,6 +315,11 @@ def __updateSqlmap():
srcFile = os.path.join(root, f) srcFile = os.path.join(root, f)
dstFile = os.path.join(paths.SQLMAP_ROOT_PATH, os.path.join(cleanRoot, f)) dstFile = os.path.join(paths.SQLMAP_ROOT_PATH, os.path.join(cleanRoot, f))
if f == "sqlmap.conf" and os.path.exists(dstFile):
infoMsg = "backupping configuration file to '%s.bak'" % dstFile
logger.info(infoMsg)
shutil.move(dstFile, "%s.bak" % dstFile)
if os.path.exists(dstFile): if os.path.exists(dstFile):
debugMsg = "replacing file '%s'" % dstFile debugMsg = "replacing file '%s'" % dstFile
else: else:
@ -314,11 +327,6 @@ def __updateSqlmap():
logger.debug(debugMsg) logger.debug(debugMsg)
if f == "sqlmap.conf" and os.path.exists(dstFile):
infoMsg = "backupping configuration file to '%s.bak'" % dstFile
logger.info(infoMsg)
shutil.move(dstFile, "%s.bak" % dstFile)
mkpath(os.path.dirname(dstFile)) mkpath(os.path.dirname(dstFile))
shutil.copy(srcFile, dstFile) shutil.copy(srcFile, dstFile)