Minor refactoring

2025-02-16 19:40:37 +03:00 · 2019-07-18 11:27:00 +02:00 · 2019-07-18 11:27:00 +02:00 · 8fda828bc9
commit 8fda828bc9
parent 453a6fbc6f
7 changed files with 21 additions and 17 deletions
--- a/lib/core/agent.py
+++ b/lib/core/agent.py
@ -13,6 +13,7 @@ from lib.core.common import extractRegexResult
 from lib.core.common import filterNone
 from lib.core.common import getSQLSnippet
 from lib.core.common import getTechnique
 from lib.core.common import getTechniqueData
 from lib.core.common import isDBMSVersionAtLeast
 from lib.core.common import isNumber
 from lib.core.common import isTechniqueAvailable
@ -91,7 +92,7 @@ class Agent(object):
        if kb.forceWhere:
            where = kb.forceWhere
        elif where is None and isTechniqueAvailable(getTechnique()):
-            where = kb.injection.data[getTechnique()].where
+            where = getTechniqueData().where
        if kb.injection.place is not None:
            place = kb.injection.place
@ -236,7 +237,7 @@ class Agent(object):
        query = None
        if where is None and getTechnique() is not None and getTechnique() in kb.injection.data:
-            where = kb.injection.data[getTechnique()].where
+            where = getTechniqueData().where
        # If we are replacing (<where>) the parameter original value with
        # our payload do not prepend with the prefix
@ -284,8 +285,8 @@ class Agent(object):
        suffix = kb.injection.suffix if kb.injection and suffix is None else suffix
        if getTechnique() is not None and getTechnique() in kb.injection.data:
-            where = kb.injection.data[getTechnique()].where if where is None else where
+            where = getTechniqueData().where if where is None else where
-            comment = kb.injection.data[getTechnique()].comment if comment is None else comment
+            comment = getTechniqueData().comment if comment is None else comment
        if Backend.getIdentifiedDbms() == DBMS.ACCESS and any((comment or "").startswith(_) for _ in ("--", "[GENERIC_SQL_COMMENT]")):
            comment = queries[DBMS.ACCESS].comment.query
--- a/lib/core/common.py
+++ b/lib/core/common.py
@ -3222,7 +3222,7 @@ def getTechniqueData(technique=None):
    Returns injection data for technique specified
    """
-    return kb.injection.data.get(technique)
+    return kb.injection.data.get(technique if technique is not None else getTechnique())
 def isTechniqueAvailable(technique):
    """
--- a/lib/core/settings.py
+++ b/lib/core/settings.py
@ -18,7 +18,7 @@ from lib.core.enums import OS
 from thirdparty.six import unichr as _unichr
 # sqlmap version (<major>.<minor>.<month>.<monthly commit>)
-VERSION = "1.3.7.30"
+VERSION = "1.3.7.31"
 TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
 TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
 VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
--- a/lib/request/inject.py
+++ b/lib/request/inject.py
@ -164,7 +164,7 @@ def _goInferenceProxy(expression, fromUser=False, batch=False, unpack=True, char
    initTechnique(getTechnique())
-    query = agent.prefixQuery(kb.injection.data[getTechnique()].vector)
+    query = agent.prefixQuery(getTechniqueData().vector)
    query = agent.suffixQuery(query)
    payload = agent.payload(newValue=query)
    count = None
@ -312,7 +312,7 @@ def _goBooleanProxy(expression):
    initTechnique(getTechnique())
    if conf.dnsDomain:
-        query = agent.prefixQuery(kb.injection.data[getTechnique()].vector)
+        query = agent.prefixQuery(getTechniqueData().vector)
        query = agent.suffixQuery(query)
        payload = agent.payload(newValue=query)
        output = _goDns(payload, expression)
@ -320,7 +320,7 @@ def _goBooleanProxy(expression):
        if output is not None:
            return output
-    vector = kb.injection.data[getTechnique()].vector
+    vector = getTechniqueData().vector
    vector = vector.replace(INFERENCE_MARKER, expression)
    query = agent.prefixQuery(vector)
    query = agent.suffixQuery(query)
--- a/lib/takeover/web.py
+++ b/lib/takeover/web.py
@ -21,6 +21,7 @@ from lib.core.common import getManualDirectories
 from lib.core.common import getPublicTypeMembers
 from lib.core.common import getSQLSnippet
 from lib.core.common import getTechnique
 from lib.core.common import getTechniqueData
 from lib.core.common import isTechniqueAvailable
 from lib.core.common import isWindowsDriveLetterPath
 from lib.core.common import normalizePath
@ -149,7 +150,7 @@ class Web(object):
        query = ""
        if isTechniqueAvailable(getTechnique()):
-            where = kb.injection.data[getTechnique()].where
+            where = getTechniqueData().where
            if where == PAYLOAD.WHERE.NEGATIVE:
                randInt = randomInt()
--- a/lib/techniques/blind/inference.py
+++ b/lib/techniques/blind/inference.py
@ -23,6 +23,7 @@ from lib.core.common import getCharset
 from lib.core.common import getCounter
 from lib.core.common import getPartRun
 from lib.core.common import getTechnique
 from lib.core.common import getTechniqueData
 from lib.core.common import goGoodSamaritan
 from lib.core.common import hashDBRetrieve
 from lib.core.common import hashDBWrite
@ -229,10 +230,10 @@ def bisection(payload, expression, length=None, charsetType=None, firstChar=None
            result = not Request.queryPage(forgedPayload, timeBasedCompare=timeBasedCompare, raise404=False)
-            if result and timeBasedCompare and kb.injection.data[getTechnique()].trueCode:
+            if result and timeBasedCompare and getTechniqueData().trueCode:
-                result = threadData.lastCode == kb.injection.data[getTechnique()].trueCode
+                result = threadData.lastCode == getTechniqueData().trueCode
                if not result:
-                    warnMsg = "detected HTTP code '%s' in validation phase is differing from expected '%s'" % (threadData.lastCode, kb.injection.data[getTechnique()].trueCode)
+                    warnMsg = "detected HTTP code '%s' in validation phase is differing from expected '%s'" % (threadData.lastCode, getTechniqueData().trueCode)
                    singleTimeWarnMessage(warnMsg)
            incrementCounter(getTechnique())
@ -342,7 +343,7 @@ def bisection(payload, expression, length=None, charsetType=None, firstChar=None
                    incrementCounter(getTechnique())
                    if not timeBasedCompare:
-                        unexpectedCode |= threadData.lastCode not in (kb.injection.data[getTechnique()].falseCode, kb.injection.data[getTechnique()].trueCode)
+                        unexpectedCode |= threadData.lastCode not in (getTechniqueData().falseCode, getTechniqueData().trueCode)
                        if unexpectedCode:
                            warnMsg = "unexpected HTTP code '%s' detected. Will use (extra) validation step in similar cases" % threadData.lastCode
                            singleTimeWarnMessage(warnMsg)
@ -570,7 +571,7 @@ def bisection(payload, expression, length=None, charsetType=None, firstChar=None
                        # One-shot query containing equals commonValue
                        testValue = unescaper.escape("'%s'" % commonValue) if "'" not in commonValue else unescaper.escape("%s" % commonValue, quote=False)
-                        query = kb.injection.data[getTechnique()].vector
+                        query = getTechniqueData().vector
                        query = agent.prefixQuery(query.replace(INFERENCE_MARKER, "(%s)%s%s" % (expressionUnescaped, INFERENCE_EQUALS_CHAR, testValue)))
                        query = agent.suffixQuery(query)
@ -594,7 +595,7 @@ def bisection(payload, expression, length=None, charsetType=None, firstChar=None
                        subquery = queries[Backend.getIdentifiedDbms()].substring.query % (expressionUnescaped, 1, len(commonPattern))
                        testValue = unescaper.escape("'%s'" % commonPattern) if "'" not in commonPattern else unescaper.escape("%s" % commonPattern, quote=False)
-                        query = kb.injection.data[getTechnique()].vector
+                        query = getTechniqueData().vector
                        query = agent.prefixQuery(query.replace(INFERENCE_MARKER, "(%s)=%s" % (subquery, testValue)))
                        query = agent.suffixQuery(query)
--- a/lib/techniques/error/use.py
+++ b/lib/techniques/error/use.py
@ -22,6 +22,7 @@ from lib.core.common import firstNotNone
 from lib.core.common import getConsoleWidth
 from lib.core.common import getPartRun
 from lib.core.common import getTechnique
 from lib.core.common import getTechniqueData
 from lib.core.common import hashDBRetrieve
 from lib.core.common import hashDBWrite
 from lib.core.common import incrementCounter
@ -124,7 +125,7 @@ def _oneShotErrorUse(expression, field=None, chunkTest=False):
                        nulledCastedField = queries[Backend.getIdentifiedDbms()].substring.query % (nulledCastedField, offset, kb.errorChunkLength)
                # Forge the error-based SQL injection request
-                vector = kb.injection.data[getTechnique()].vector
+                vector = getTechniqueData().vector
                query = agent.prefixQuery(vector)
                query = agent.suffixQuery(query)
                injExpression = expression.replace(field, nulledCastedField, 1) if field else expression