sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-08-02 19:30:10 +03:00
Code Issues Packages Projects Releases Wiki Activity

Merge 828140cb88 into 6b39e661a7

Browse Source
This commit is contained in:
Levi Gross 2012-12-05 12:42:59 -08:00
commit 9674c52e3b
139 changed files with 1715 additions and 2512 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@ -1,3 +1,4 @@
*.py[cod]
output/
.sqlmap_history
.idea/

2
lib/__init__.py
View File

@ -4,5 +4,3 @@
Copyright (c) 2006-2012 sqlmap developers (http://sqlmap.org/)
See the file 'doc/COPYING' for copying permission
"""
pass

63
lib/controller/checks.py
View File

@ -13,54 +13,21 @@ import socket
import time
from lib.core.agent import agent
from lib.core.common import arrayizeValue
from lib.core.common import Backend
from lib.core.common import beep
from lib.core.common import extractRegexResult
from lib.core.common import extractTextTagContent
from lib.core.common import findDynamicContent
from lib.core.common import Format
from lib.core.common import getComparePageRatio
from lib.core.common import getLastRequestHTTPError
from lib.core.common import getSortedInjectionTests
from lib.core.common import getUnicode
from lib.core.common import intersect
from lib.core.common import listToStrValue
from lib.core.common import parseFilePaths
from lib.core.common import popValue
from lib.core.common import pushValue
from lib.core.common import randomInt
from lib.core.common import randomStr
from lib.core.common import readInput
from lib.core.common import showStaticWords
from lib.core.common import singleTimeLogMessage
from lib.core.common import singleTimeWarnMessage
from lib.core.common import wasLastRequestDBMSError
from lib.core.common import wasLastRequestHTTPError
from lib.core.data import conf
from lib.core.data import kb
from lib.core.data import logger
from lib.core.data import queries
from lib.core.datatype import AttribDict
from lib.core.datatype import InjectionDict
from lib.core.enums import HEURISTIC_TEST
from lib.core.enums import HTTPHEADER
from lib.core.enums import HTTPMETHOD
from lib.core.enums import NULLCONNECTION
from lib.core.enums import PAYLOAD
from lib.core.enums import PLACE
from lib.core.exception import sqlmapConnectionException
from lib.core.exception import sqlmapNoneDataException
from lib.core.exception import sqlmapSilentQuitException
from lib.core.exception import sqlmapUserQuitException
from lib.core.settings import CONSTANT_RATIO
from lib.core.settings import FORMAT_EXCEPTION_STRINGS
from lib.core.settings import HEURISTIC_CHECK_ALPHABET
from lib.core.settings import SUHOSHIN_MAX_VALUE_LENGTH
from lib.core.settings import UNKNOWN_DBMS_VERSION
from lib.core.settings import LOWER_RATIO_BOUND
from lib.core.settings import UPPER_RATIO_BOUND
from lib.core.settings import IDS_WAF_CHECK_PAYLOAD
from lib.core.common import arrayizeValue, Backend, beep, extractRegexResult, extractTextTagContent, \
findDynamicContent, Format, getLastRequestHTTPError, getSortedInjectionTests, getUnicode, intersect, \
listToStrValue, parseFilePaths, popValue, pushValue, randomInt, randomStr, readInput, showStaticWords, \
singleTimeLogMessage, singleTimeWarnMessage, wasLastRequestDBMSError, wasLastRequestHTTPError
from lib.core.data import conf, kb, logger
from lib.core.datatype import AttribDict, InjectionDict
from lib.core.enums import HEURISTIC_TEST, HTTPHEADER, HTTPMETHOD, NULLCONNECTION, PAYLOAD, PLACE
from lib.core.exception import sqlmapConnectionException, sqlmapNoneDataException, sqlmapSilentQuitException ,\
sqlmapUserQuitException
from lib.core.settings import UPPER_RATIO_BOUND, FORMAT_EXCEPTION_STRINGS, HEURISTIC_CHECK_ALPHABET, \
SUHOSHIN_MAX_VALUE_LENGTH, UNKNOWN_DBMS_VERSION, LOWER_RATIO_BOUND, IDS_WAF_CHECK_PAYLOAD
from lib.core.threads import getCurrentThreadData
from lib.request.connect import Connect as Request
from lib.request.inject import checkBooleanExpression

62
lib/controller/controller.py
View File

@ -9,55 +9,21 @@ import os
import re
from lib.controller.action import action
from lib.controller.checks import checkSqlInjection
from lib.controller.checks import checkDynParam
from lib.controller.checks import checkStability
from lib.controller.checks import checkString
from lib.controller.checks import checkRegexp
from lib.controller.checks import checkConnection
from lib.controller.checks import checkNullConnection
from lib.controller.checks import checkWaf
from lib.controller.checks import heuristicCheckSqlInjection
from lib.controller.checks import checkSqlInjection, checkDynParam, checkStability, checkString, checkRegexp, \
checkConnection, checkNullConnection, checkWaf, heuristicCheckSqlInjection
from lib.core.agent import agent
from lib.core.common import extractRegexResult
from lib.core.common import getFilteredPageContent
from lib.core.common import getPublicTypeMembers
from lib.core.common import getUnicode
from lib.core.common import hashDBRetrieve
from lib.core.common import hashDBWrite
from lib.core.common import intersect
from lib.core.common import parseTargetUrl
from lib.core.common import randomStr
from lib.core.common import readInput
from lib.core.common import showHttpErrorCodes
from lib.core.common import urlencode
from lib.core.common import urldecode
from lib.core.data import conf
from lib.core.data import kb
from lib.core.data import logger
from lib.core.enums import HASHDB_KEYS
from lib.core.enums import HEURISTIC_TEST
from lib.core.enums import HTTPHEADER
from lib.core.enums import HTTPMETHOD
from lib.core.enums import PAYLOAD
from lib.core.enums import PLACE
from lib.core.exception import exceptionsTuple
from lib.core.exception import sqlmapNoneDataException
from lib.core.exception import sqlmapNotVulnerableException
from lib.core.exception import sqlmapSilentQuitException
from lib.core.exception import sqlmapValueException
from lib.core.exception import sqlmapUserQuitException
from lib.core.settings import ASP_NET_CONTROL_REGEX
from lib.core.settings import DEFAULT_COOKIE_DELIMITER
from lib.core.settings import DEFAULT_GET_POST_DELIMITER
from lib.core.settings import EMPTY_FORM_FIELDS_REGEX
from lib.core.settings import IGNORE_PARAMETERS
from lib.core.settings import LOW_TEXT_PERCENT
from lib.core.settings import HOST_ALIASES
from lib.core.settings import REFERER_ALIASES
from lib.core.settings import USER_AGENT_ALIASES
from lib.core.target import initTargetEnv
from lib.core.target import setupTargetEnv
from lib.core.common import extractRegexResult, getFilteredPageContent, getPublicTypeMembers, getUnicode,\
hashDBRetrieve, hashDBWrite, intersect, parseTargetUrl, randomStr, readInput, showHttpErrorCodes, urlencode, \
urldecode
from lib.core.data import conf, kb, logger
from lib.core.enums import HASHDB_KEYS, HEURISTIC_TEST, HTTPMETHOD, PAYLOAD, PLACE
from lib.core.exception import exceptionsTuple, sqlmapNoneDataException, sqlmapNotVulnerableException,\
sqlmapSilentQuitException, sqlmapValueException, sqlmapUserQuitException
from lib.core.settings import ASP_NET_CONTROL_REGEX, DEFAULT_GET_POST_DELIMITER, EMPTY_FORM_FIELDS_REGEX,\
IGNORE_PARAMETERS, LOW_TEXT_PERCENT, HOST_ALIASES, REFERER_ALIASES, USER_AGENT_ALIASES
from lib.core.target import initTargetEnv, setupTargetEnv
from thirdparty.pagerank.pagerank import get_pagerank
def __selectInjection():

15
lib/controller/handler.py
View File

@ -6,18 +6,9 @@ See the file 'doc/COPYING' for copying permission
"""
from lib.core.common import Backend
from lib.core.data import conf
from lib.core.data import logger
from lib.core.settings import MSSQL_ALIASES
from lib.core.settings import MYSQL_ALIASES
from lib.core.settings import ORACLE_ALIASES
from lib.core.settings import PGSQL_ALIASES
from lib.core.settings import SQLITE_ALIASES
from lib.core.settings import ACCESS_ALIASES
from lib.core.settings import FIREBIRD_ALIASES
from lib.core.settings import MAXDB_ALIASES
from lib.core.settings import SYBASE_ALIASES
from lib.core.settings import DB2_ALIASES
from lib.core.data import conf, logger
from lib.core.settings import MSSQL_ALIASES, MYSQL_ALIASES, ORACLE_ALIASES, PGSQL_ALIASES, SQLITE_ALIASES,\
ACCESS_ALIASES, FIREBIRD_ALIASES, MAXDB_ALIASES, SYBASE_ALIASES, DB2_ALIASES
from plugins.dbms.mssqlserver import MSSQLServerMap
from plugins.dbms.mssqlserver.connector import Connector as MSSQLServerConn

1
lib/core/__init__.py
View File

@ -5,4 +5,3 @@ Copyright (c) 2006-2012 sqlmap developers (http://sqlmap.org/)
See the file 'doc/COPYING' for copying permission
"""
pass

28
lib/core/agent.py
View File

@ -7,31 +7,13 @@ See the file 'doc/COPYING' for copying permission
import re
from xml.etree import ElementTree as ET
from lib.core.common import Backend
from lib.core.common import extractRegexResult
from lib.core.common import getSQLSnippet
from lib.core.common import isDBMSVersionAtLeast
from lib.core.common import isNumber
from lib.core.common import isTechniqueAvailable
from lib.core.common import randomInt
from lib.core.common import randomStr
from lib.core.common import singleTimeWarnMessage
from lib.core.data import conf
from lib.core.data import kb
from lib.core.data import queries
from lib.core.common import Backend, extractRegexResult, getSQLSnippet, isDBMSVersionAtLeast, isNumber, \
isTechniqueAvailable, randomInt, randomStr, singleTimeWarnMessage
from lib.core.data import conf, kb, queries
from lib.core.dicts import FROM_DUMMY_TABLE
from lib.core.dicts import SQL_STATEMENTS
from lib.core.enums import DBMS
from lib.core.enums import PAYLOAD
from lib.core.enums import PLACE
from lib.core.enums import POST_HINT
from lib.core.enums import DBMS, PAYLOAD, PLACE, POST_HINT
from lib.core.exception import sqlmapNoneDataException
from lib.core.settings import ASTERISK_MARKER
from lib.core.settings import CUSTOM_INJECTION_MARK_CHAR
from lib.core.settings import GENERIC_SQL_COMMENT
from lib.core.settings import PAYLOAD_DELIMITER
from lib.core.settings import ASTERISK_MARKER, CUSTOM_INJECTION_MARK_CHAR, GENERIC_SQL_COMMENT ,PAYLOAD_DELIMITER
from lib.core.unescaper import unescaper
class Agent:

116
lib/core/common.py
View File

@ -15,7 +15,6 @@ import inspect
import logging
import ntpath
import os
import pickle
import posixpath
import random
import re
@ -27,113 +26,50 @@ import time
import urllib
import urlparse
import unicodedata
from ConfigParser import DEFAULTSECT
from ConfigParser import RawConfigParser
from StringIO import StringIO
from ConfigParser import DEFAULTSECT, RawConfigParser
from difflib import SequenceMatcher
from math import sqrt
from optparse import OptionValueError
from subprocess import PIPE
from subprocess import Popen as execute
from tempfile import mkstemp
from xml.etree import ElementTree as ET
from xml.dom import minidom
from xml.sax import parse
try:
from cStringIO import StringIO
except ImportError:
from StringIO import StringIO
from extra.cloak.cloak import decloak
from extra.safe2bin.safe2bin import safecharencode
from lib.core.bigarray import BigArray
from lib.core.data import conf
from lib.core.data import kb
from lib.core.data import logger
from lib.core.data import paths
from lib.core.convert import base64pickle
from lib.core.convert import base64unpickle
from lib.core.convert import htmlunescape
from lib.core.convert import stdoutencode
from lib.core.convert import unicodeencode
from lib.core.convert import utf8encode
from lib.core.data import conf, kb, logger, paths
from lib.core.convert import base64pickle, base64unpickle, htmlunescape, stdoutencode, unicodeencode, utf8encode
from lib.core.decorators import cachedmethod
from lib.core.dicts import DBMS_DICT
from lib.core.dicts import DEPRECATED_HINTS
from lib.core.dicts import SQL_STATEMENTS
from lib.core.enums import ADJUST_TIME_DELAY
from lib.core.enums import CHARSET_TYPE
from lib.core.enums import DBMS
from lib.core.enums import EXPECTED
from lib.core.enums import HEURISTIC_TEST
from lib.core.enums import HTTPHEADER
from lib.core.enums import HTTPMETHOD
from lib.core.enums import OS
from lib.core.enums import PLACE
from lib.core.enums import PAYLOAD
from lib.core.enums import REFLECTIVE_COUNTER
from lib.core.enums import SORT_ORDER
from lib.core.exception import sqlmapDataException
from lib.core.exception import sqlmapFilePathException
from lib.core.exception import sqlmapGenericException
from lib.core.exception import sqlmapNoneDataException
from lib.core.exception import sqlmapMissingDependence
from lib.core.exception import sqlmapSilentQuitException
from lib.core.exception import sqlmapSyntaxException
from lib.core.exception import sqlmapUserQuitException
from lib.core.log import FORMATTER
from lib.core.enums import ADJUST_TIME_DELAY, CHARSET_TYPE, DBMS, EXPECTED, HEURISTIC_TEST, HTTPHEADER, HTTPMETHOD, \
OS, PLACE, PAYLOAD, REFLECTIVE_COUNTER, SORT_ORDER
from lib.core.exception import sqlmapDataException, sqlmapFilePathException, sqlmapGenericException, \
sqlmapNoneDataException, sqlmapMissingDependence, sqlmapSilentQuitException, sqlmapSyntaxException, \
sqlmapUserQuitException
from lib.core.log import LOGGER_HANDLER
from lib.core.optiondict import optDict
from lib.core.settings import BOLD_PATTERNS
from lib.core.settings import CUSTOM_INJECTION_MARK_CHAR
from lib.core.settings import DBMS_DIRECTORY_DICT
from lib.core.settings import DEFAULT_COOKIE_DELIMITER
from lib.core.settings import DEFAULT_GET_POST_DELIMITER
from lib.core.settings import DEFAULT_MSSQL_SCHEMA
from lib.core.settings import DEPRECATED_OPTIONS
from lib.core.settings import DESCRIPTION
from lib.core.settings import DUMMY_SQL_INJECTION_CHARS
from lib.core.settings import DUMMY_USER_INJECTION
from lib.core.settings import DYNAMICITY_MARK_LENGTH
from lib.core.settings import ERROR_PARSING_REGEXES
from lib.core.settings import FORM_SEARCH_REGEX
from lib.core.settings import GENERIC_DOC_ROOT_DIRECTORY_NAMES
from lib.core.settings import HASHDB_MILESTONE_VALUE
from lib.core.settings import HOST_ALIASES
from lib.core.settings import INFERENCE_UNKNOWN_CHAR
from lib.core.settings import ISSUES_PAGE
from lib.core.settings import IS_WIN
from lib.core.settings import LARGE_OUTPUT_THRESHOLD
from lib.core.settings import MIN_TIME_RESPONSES
from lib.core.settings import ML
from lib.core.settings import NULL
from lib.core.settings import PARAMETER_AMP_MARKER
from lib.core.settings import PARAMETER_SEMICOLON_MARKER
from lib.core.settings import PARTIAL_VALUE_MARKER
from lib.core.settings import PAYLOAD_DELIMITER
from lib.core.settings import PLATFORM
from lib.core.settings import PRINTABLE_CHAR_REGEX
from lib.core.settings import PYVERSION
from lib.core.settings import REFERER_ALIASES
from lib.core.settings import REFLECTED_BORDER_REGEX
from lib.core.settings import REFLECTED_MAX_REGEX_PARTS
from lib.core.settings import REFLECTED_REPLACEMENT_REGEX
from lib.core.settings import REFLECTED_VALUE_MARKER
from lib.core.settings import REFLECTIVE_MISS_THRESHOLD
from lib.core.settings import REVISION
from lib.core.settings import SENSITIVE_DATA_REGEX
from lib.core.settings import SITE
from lib.core.settings import SUPPORTED_DBMS
from lib.core.settings import TEXT_TAG_REGEX
from lib.core.settings import TIME_STDEV_COEFF
from lib.core.settings import UNICODE_ENCODING
from lib.core.settings import UNKNOWN_DBMS_VERSION
from lib.core.settings import URI_QUESTION_MARKER
from lib.core.settings import URLENCODE_CHAR_LIMIT
from lib.core.settings import URLENCODE_FAILSAFE_CHARS
from lib.core.settings import USER_AGENT_ALIASES
from lib.core.settings import VERSION
from lib.core.settings import VERSION_STRING
from lib.core.settings import BOLD_PATTERNS, CUSTOM_INJECTION_MARK_CHAR, DBMS_DIRECTORY_DICT,\
DEFAULT_COOKIE_DELIMITER,DEFAULT_GET_POST_DELIMITER, DEFAULT_MSSQL_SCHEMA, DEPRECATED_OPTIONS, DESCRIPTION, \
DUMMY_SQL_INJECTION_CHARS, DUMMY_USER_INJECTION, DYNAMICITY_MARK_LENGTH, ERROR_PARSING_REGEXES, \
FORM_SEARCH_REGEX, GENERIC_DOC_ROOT_DIRECTORY_NAMES, HASHDB_MILESTONE_VALUE, HOST_ALIASES,\
INFERENCE_UNKNOWN_CHAR, ISSUES_PAGE, IS_WIN, LARGE_OUTPUT_THRESHOLD, MIN_TIME_RESPONSES, ML, \
NULL, PARAMETER_AMP_MARKER, PARAMETER_SEMICOLON_MARKER, PARTIAL_VALUE_MARKER, PAYLOAD_DELIMITER,\
PLATFORM, PRINTABLE_CHAR_REGEX, PYVERSION, REFERER_ALIASES, REFLECTED_BORDER_REGEX, REFLECTED_MAX_REGEX_PARTS, \
REFLECTED_REPLACEMENT_REGEX, REFLECTED_VALUE_MARKER, REFLECTIVE_MISS_THRESHOLD, REVISION, SENSITIVE_DATA_REGEX, \
SITE, SUPPORTED_DBMS, TEXT_TAG_REGEX, TIME_STDEV_COEFF, UNICODE_ENCODING, UNKNOWN_DBMS_VERSION, \
URI_QUESTION_MARKER, URLENCODE_CHAR_LIMIT, URLENCODE_FAILSAFE_CHARS, USER_AGENT_ALIASES, VERSION, VERSION_STRING
from lib.core.threads import getCurrentThreadData
from thirdparty.clientform.clientform import ParseResponse
from thirdparty.clientform.clientform import ParseError
from thirdparty.clientform.clientform import ParseResponse, ParseError
from thirdparty.magic import magic
from thirdparty.odict.odict import OrderedDict
from thirdparty.termcolor.termcolor import colored

12
lib/core/convert.py
View File

@ -7,17 +7,14 @@ See the file 'doc/COPYING' for copying permission
try:
import hashlib
except:
except ImportError:
import md5
import sha
import pickle
import re
import sys
import struct
import urllib
from lib.core.enums import PLACE
from lib.core.settings import IS_WIN
from lib.core.settings import UNICODE_ENCODING
@ -31,9 +28,8 @@ def base64pickle(value):
retVal = None
try:
retVal = base64encode(pickle.dumps(value, pickle.HIGHEST_PROTOCOL))
except:
warnMsg = "problem occurred while serializing "
warnMsg += "instance of a type '%s'" % type(value)
except pickle.PicklingError:
warnMsg = "problem occurred while serializing instance of a type '%s'" % type(value)
singleTimeWarnMessage(warnMsg)
retVal = base64encode(pickle.dumps(str(value), pickle.HIGHEST_PROTOCOL))
@ -116,7 +112,7 @@ def stdoutencode(data):
warnMsg = "cannot properly display Unicode characters "
warnMsg += "inside Windows OS command prompt "
warnMsg += "(http://bugs.python.org/issue1602). All "
warnMsg += "unhandled occurances will result in "
warnMsg += "unhandled occurrences will result in "
warnMsg += "replacement with '?' character. Please, find "
warnMsg += "proper character representation inside "
warnMsg += "corresponding output files. "

17
lib/core/dicts.py
View File

@ -5,20 +5,9 @@ Copyright (c) 2006-2012 sqlmap developers (http://sqlmap.org/)
See the file 'doc/COPYING' for copying permission
"""
from lib.core.enums import DBMS
from lib.core.enums import POST_HINT
from lib.core.settings import BLANK
from lib.core.settings import NULL
from lib.core.settings import MSSQL_ALIASES
from lib.core.settings import MYSQL_ALIASES
from lib.core.settings import PGSQL_ALIASES
from lib.core.settings import ORACLE_ALIASES
from lib.core.settings import SQLITE_ALIASES
from lib.core.settings import ACCESS_ALIASES
from lib.core.settings import FIREBIRD_ALIASES
from lib.core.settings import MAXDB_ALIASES
from lib.core.settings import SYBASE_ALIASES
from lib.core.settings import DB2_ALIASES
from lib.core.enums import DBMS, POST_HINT
from lib.core.settings import BLANK, NULL, MSSQL_ALIASES, MYSQL_ALIASES, PGSQL_ALIASES, ORACLE_ALIASES,\
SQLITE_ALIASES, ACCESS_ALIASES, FIREBIRD_ALIASES, MAXDB_ALIASES, SYBASE_ALIASES, DB2_ALIASES
FIREBIRD_TYPES = {
"261": "BLOB",

29
lib/core/dump.py
View File

@ -6,36 +6,19 @@ See the file 'doc/COPYING' for copying permission
"""
import codecs
import re
import os
import StringIO
import threading
from xml.dom.minidom import getDOMImplementation
from lib.core.common import Backend
from lib.core.common import dataToDumpFile
from lib.core.common import dataToStdout
from lib.core.common import getUnicode
from lib.core.common import isListLike
from lib.core.common import normalizeUnicode
from lib.core.common import openFile
from lib.core.common import prioritySortColumns
from lib.core.common import safeCSValue
from lib.core.common import unsafeSQLIdentificatorNaming
from lib.core.data import conf
from lib.core.data import kb
from lib.core.data import logger
from lib.core.dicts import DUMP_REPLACEMENTS
from lib.core.enums import DBMS
from lib.core.common import Backend, dataToDumpFile, dataToStdout, getUnicode, isListLike, normalizeUnicode, \
openFile, prioritySortColumns, safeCSValue, unsafeSQLIdentificatorNaming
from lib.core.data import conf, kb, logger
from lib.core.dicts import DUMP_REPLACEMENTS, DBMS
from lib.core.enums import DUMP_FORMAT
from lib.core.exception import sqlmapGenericException
from lib.core.exception import sqlmapValueException
from lib.core.exception import sqlmapGenericException, sqlmapValueException
from lib.core.replication import Replication
from lib.core.settings import HTML_DUMP_CSS_STYLE
from lib.core.settings import METADB_SUFFIX
from lib.core.settings import TRIM_STDOUT_DUMP_SIZE
from lib.core.settings import UNICODE_ENCODING
from lib.core.settings import HTML_DUMP_CSS_STYLE, METADB_SUFFIX, TRIM_STDOUT_DUMP_SIZE, UNICODE_ENCODING
class Dump:
"""

49
lib/core/enums.py
View File

@ -5,6 +5,8 @@ Copyright (c) 2006-2012 sqlmap developers (http://sqlmap.org/)
See the file 'doc/COPYING' for copying permission
"""
#TODO: Moved all of these to namedtuple
class PRIORITY:
LOWEST = -100
LOWER = -50
@ -14,6 +16,7 @@ class PRIORITY:
HIGHER = 50
HIGHEST = 100
class SORT_ORDER:
FIRST = 0
SECOND = 1
@ -22,6 +25,7 @@ class SORT_ORDER:
FIFTH = 4
LAST = 100
class DBMS:
ACCESS = "Microsoft Access"
DB2 = "IBM DB2"
@ -34,6 +38,7 @@ class DBMS:
SQLITE = "SQLite"
SYBASE = "Sybase"
class DBMS_DIRECTORY_NAME:
ACCESS = "access"
DB2 = "db2"
@ -46,15 +51,18 @@ class DBMS_DIRECTORY_NAME:
SQLITE = "sqlite"
SYBASE = "sybase"
class CUSTOM_LOGGING:
PAYLOAD = 9
TRAFFIC_OUT = 8
TRAFFIC_IN = 7
class OS:
LINUX = "Linux"
WINDOWS = "Windows"
class PLACE:
GET = "GET"
POST = "POST"
@ -65,25 +73,30 @@ class PLACE:
HOST = "Host"
CUSTOM_POST = "(custom) POST"
class POST_HINT:
SOAP = "SOAP"
JSON = "JSON"
MULTIPART = "MULTIPART"
XML = "XML (generic)"
class HTTPMETHOD:
GET = "GET"
POST = "POST"
HEAD = "HEAD"
class NULLCONNECTION:
HEAD = "HEAD"
RANGE = "Range"
class REFLECTIVE_COUNTER:
MISS = "MISS"
HIT = "HIT"
class CHARSET_TYPE:
BINARY = 1
DIGITS = 2
@ -91,11 +104,13 @@ class CHARSET_TYPE:
ALPHA = 4
ALPHANUM = 5
class HEURISTIC_TEST:
CASTED = 1
NEGATIVE = 2
POSITIVE = 3
class HASH:
MYSQL = r'(?i)\A\*[0-9a-f]{40}\Z'
MYSQL_OLD = r'(?i)\A(?![0-9]+\Z)[0-9a-f]{16}\Z'
@ -111,24 +126,33 @@ class HASH:
# Reference: http://www.zytrax.com/tech/web/mobile_ids.html
class MOBILES:
BLACKBERRY = ("BlackBerry 9900", "Mozilla/5.0 (BlackBerry; U; BlackBerry 9900; en) AppleWebKit/534.11+ (KHTML, like Gecko) Version/7.1.0.346 Mobile Safari/534.11+")
GALAXY = ("Samsung Galaxy S", "Mozilla/5.0 (Linux; U; Android 2.2; en-US; SGH-T959D Build/FROYO) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1")
BLACKBERRY = ("BlackBerry 9900",
"Mozilla/5.0 (BlackBerry; U; BlackBerry 9900; en) AppleWebKit/534.11+ (KHTML, like Gecko) Version/7.1.0.346 Mobile Safari/534.11+")
GALAXY = ("Samsung Galaxy S",
"Mozilla/5.0 (Linux; U; Android 2.2; en-US; SGH-T959D Build/FROYO) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1")
HP = ("HP iPAQ 6365", "Mozilla/4.0 (compatible; MSIE 4.01; Windows CE; PPC; 240x320; HP iPAQ h6300)")
HTC = ("HTC Sensation", "Mozilla/5.0 (Linux; U; Android 4.0.3; de-ch; HTC Sensation Build/IML74K) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30")
IPHONE = ("Apple iPhone 4s", "Mozilla/5.0 (iPhone; CPU iPhone OS 5_1 like Mac OS X) AppleWebKit/534.46 (KHTML, like Gecko) Version/5.1 Mobile/9B179 Safari/7534.48.3")
NEXUS = ("Google Nexus 7", "Mozilla/5.0 (Linux; Android 4.1.1; Nexus 7 Build/JRO03D) AppleWebKit/535.19 (KHTML, like Gecko) Chrome/18.0.1025.166 Safari/535.19")
NOKIA = ("Nokia N97", "Mozilla/5.0 (SymbianOS/9.4; Series60/5.0 NokiaN97-1/10.0.012; Profile/MIDP-2.1 Configuration/CLDC-1.1; en-us) AppleWebKit/525 (KHTML, like Gecko) WicKed/7.1.12344")
HTC = ("HTC Sensation",
"Mozilla/5.0 (Linux; U; Android 4.0.3; de-ch; HTC Sensation Build/IML74K) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30")
IPHONE = ("Apple iPhone 4s",
"Mozilla/5.0 (iPhone; CPU iPhone OS 5_1 like Mac OS X) AppleWebKit/534.46 (KHTML, like Gecko) Version/5.1 Mobile/9B179 Safari/7534.48.3")
NEXUS = ("Google Nexus 7",
"Mozilla/5.0 (Linux; Android 4.1.1; Nexus 7 Build/JRO03D) AppleWebKit/535.19 (KHTML, like Gecko) Chrome/18.0.1025.166 Safari/535.19")
NOKIA = ("Nokia N97",
"Mozilla/5.0 (SymbianOS/9.4; Series60/5.0 NokiaN97-1/10.0.012; Profile/MIDP-2.1 Configuration/CLDC-1.1; en-us) AppleWebKit/525 (KHTML, like Gecko) WicKed/7.1.12344")
class PROXY_TYPE:
HTTP = "HTTP"
SOCKS4 = "SOCKS4"
SOCKS5 = "SOCKS5"
class DUMP_FORMAT:
CSV = "CSV"
HTML = "HTML"
SQLITE = "SQLITE"
class HTTPHEADER:
ACCEPT = "Accept"
ACCEPT_CHARSET = "Accept-Charset"
@ -151,10 +175,12 @@ class HTTPHEADER:
REFERER = "Referer"
USER_AGENT = "User-Agent"
class EXPECTED:
BOOL = "bool"
INT = "int"
class HASHDB_KEYS:
DBMS = "DBMS"
CONF_TMP_PATH = "CONF_TMP_PATH"
@ -167,10 +193,12 @@ class HASHDB_KEYS:
KB_XP_CMDSHELL_AVAILABLE = "KB_XP_CMDSHELL_AVAILABLE"
OS = "OS"
class REDIRECTION:
YES = "Y"
NO = "N"
class PAYLOAD:
SQLINJECTION = {
1: "boolean-based blind",
@ -227,16 +255,21 @@ class PAYLOAD:
NEGATIVE = 2
REPLACE = 3
class WIZARD:
BASIC = ("getBanner", "getCurrentUser", "getCurrentDb", "isDba")
SMART = ("getBanner", "getCurrentUser", "getCurrentDb", "isDba", "getUsers", "getDbs", "getTables", "getSchema", "excludeSysDbs")
ALL = ("getBanner", "getCurrentUser", "getCurrentDb", "isDba", "getHostname", "getUsers", "getPasswordHashes", "getPrivileges", "getRoles", "dumpAll")
SMART = ("getBanner", "getCurrentUser", "getCurrentDb", "isDba", "getUsers", "getDbs", "getTables", "getSchema",
"excludeSysDbs")
ALL = ("getBanner", "getCurrentUser", "getCurrentDb", "isDba", "getHostname", "getUsers", "getPasswordHashes",
"getPrivileges", "getRoles", "dumpAll")
class ADJUST_TIME_DELAY:
DISABLE = -1
NO = 0
YES = 1
class WEB_API:
PHP = "php"
ASP = "asp"

18
lib/core/exception.py
View File

@ -8,57 +8,75 @@ See the file 'doc/COPYING' for copying permission
class sqlmapCompressionException(Exception):
pass
class sqlmapConnectionException(Exception):
pass
class sqlmapDataException(Exception):
pass
class sqlmapFilePathException(Exception):
pass
class sqlmapGenericException(Exception):
pass
class sqlmapMissingDependence(Exception):
pass
class sqlmapMissingMandatoryOptionException(Exception):
pass
class sqlmapMissingPrivileges(Exception):
pass
class sqlmapNoneDataException(Exception):
pass
class sqlmapNotVulnerableException(Exception):
pass
class sqlmapSilentQuitException(Exception):
pass
class sqlmapUserQuitException(Exception):
pass
class sqlmapRegExprException(Exception):
pass
class sqlmapSyntaxException(Exception):
pass
class sqlmapThreadException(Exception):
pass
class sqlmapUndefinedMethod(Exception):
pass
class sqlmapUnsupportedDBMSException(Exception):
pass
class sqlmapUnsupportedFeatureException(Exception):
pass
class sqlmapValueException(Exception):
pass

2
lib/core/log.py
View File

@ -26,7 +26,7 @@ try:
except ImportError:
LOGGER_HANDLER = logging.StreamHandler(sys.stdout)
FORMATTER = logging.Formatter("\r[%(asctime)s] [%(levelname)s] %(message)s", "%H:%M:%S")
FORMATTER = logging.Formatter(u"\r[%(asctime)s] [%(levelname)s] %(message)s", "%H:%M:%S")
LOGGER_HANDLER.setFormatter(FORMATTER)
LOGGER.addHandler(LOGGER_HANDLER)

116
lib/core/option.py
View File

@ -17,110 +17,38 @@ import sys
import threading
import urllib2
import urlparse
from xml.etree.ElementTree import ElementTree
import lib.core.common
import lib.core.threads
import lib.core.convert
from lib.controller.checks import checkConnection
from lib.core.common import Backend
from lib.core.common import boldifyMessage
from lib.core.common import dataToStdout
from lib.core.common import getPublicTypeMembers
from lib.core.common import extractRegexResult
from lib.core.common import filterStringValue
from lib.core.common import findPageForms
from lib.core.common import getConsoleWidth
from lib.core.common import getFileItems
from lib.core.common import getFileType
from lib.core.common import getUnicode
from lib.core.common import isListLike
from lib.core.common import normalizePath
from lib.core.common import ntToPosixSlashes
from lib.core.common import openFile
from lib.core.common import parseTargetDirect
from lib.core.common import parseTargetUrl
from lib.core.common import paths
from lib.core.common import randomRange
from lib.core.common import randomStr
from lib.core.common import readInput
from lib.core.common import resetCookieJar
from lib.core.common import runningAsAdmin
from lib.core.common import sanitizeStr
from lib.core.common import setOptimize
from lib.core.common import singleTimeWarnMessage
from lib.core.common import UnicodeRawConfigParser
from lib.core.common import urldecode
from lib.core.common import urlencode
from lib.core.data import conf
from lib.core.data import kb
from lib.core.data import logger
from lib.core.data import queries
from lib.core.datatype import AttribDict
from lib.core.datatype import InjectionDict
from lib.core.common import Backend, boldifyMessage, dataToStdout, getPublicTypeMembers, extractRegexResult,\
filterStringValue, findPageForms, getConsoleWidth, getFileItems, getFileType, getUnicode, isListLike,\
normalizePath, ntToPosixSlashes, openFile, parseTargetDirect, parseTargetUrl, paths, randomRange, randomStr,\
readInput, resetCookieJar, runningAsAdmin, sanitizeStr, setOptimize, singleTimeWarnMessage,\
UnicodeRawConfigParser, urldecode, urlencode
from lib.core.data import conf, kb, logger, queries
from lib.core.datatype import AttribDict, InjectionDict
from lib.core.defaults import defaults
from lib.core.dicts import DBMS_DICT
from lib.core.dicts import DUMP_REPLACEMENTS
from lib.core.enums import ADJUST_TIME_DELAY
from lib.core.enums import CUSTOM_LOGGING
from lib.core.enums import DUMP_FORMAT
from lib.core.enums import HTTPHEADER
from lib.core.enums import HTTPMETHOD
from lib.core.enums import MOBILES
from lib.core.enums import PAYLOAD
from lib.core.enums import PRIORITY
from lib.core.enums import PROXY_TYPE
from lib.core.enums import REFLECTIVE_COUNTER
from lib.core.enums import WIZARD
from lib.core.exception import sqlmapConnectionException
from lib.core.exception import sqlmapFilePathException
from lib.core.exception import sqlmapGenericException
from lib.core.exception import sqlmapMissingDependence
from lib.core.exception import sqlmapMissingMandatoryOptionException
from lib.core.exception import sqlmapMissingPrivileges
from lib.core.exception import sqlmapSilentQuitException
from lib.core.exception import sqlmapSyntaxException
from lib.core.exception import sqlmapUnsupportedDBMSException
from lib.core.exception import sqlmapUserQuitException
from lib.core.log import FORMATTER
from lib.core.log import LOGGER_HANDLER
from lib.core.enums import ADJUST_TIME_DELAY, CUSTOM_LOGGING, DUMP_FORMAT, HTTPHEADER, HTTPMETHOD, MOBILES,\
PAYLOAD, PRIORITY, PROXY_TYPE, REFLECTIVE_COUNTER, WIZARD
from lib.core.exception import sqlmapConnectionException, sqlmapFilePathException, sqlmapGenericException,\
sqlmapMissingDependence, sqlmapMissingMandatoryOptionException, sqlmapMissingPrivileges,\
sqlmapSilentQuitException, sqlmapSyntaxException, sqlmapUnsupportedDBMSException, sqlmapUserQuitException
from lib.core.log import FORMATTER, LOGGER_HANDLER
from lib.core.optiondict import optDict
from lib.core.purge import purge
from lib.core.settings import ACCESS_ALIASES
from lib.core.settings import BURP_REQUEST_REGEX
from lib.core.settings import CODECS_LIST_PAGE
from lib.core.settings import CRAWL_EXCLUDE_EXTENSIONS
from lib.core.settings import CUSTOM_INJECTION_MARK_CHAR
from lib.core.settings import DB2_ALIASES
from lib.core.settings import DEFAULT_GET_POST_DELIMITER
from lib.core.settings import DEFAULT_PAGE_ENCODING
from lib.core.settings import DEFAULT_TOR_HTTP_PORTS
from lib.core.settings import DEFAULT_TOR_SOCKS_PORT
from lib.core.settings import FIREBIRD_ALIASES
from lib.core.settings import INJECT_HERE_MARK
from lib.core.settings import IS_WIN
from lib.core.settings import LOCALHOST
from lib.core.settings import MAXDB_ALIASES
from lib.core.settings import MAX_NUMBER_OF_THREADS
from lib.core.settings import MSSQL_ALIASES
from lib.core.settings import MYSQL_ALIASES
from lib.core.settings import NULL
from lib.core.settings import ORACLE_ALIASES
from lib.core.settings import PARAMETER_SPLITTING_REGEX
from lib.core.settings import PGSQL_ALIASES
from lib.core.settings import PYVERSION
from lib.core.settings import SITE
from lib.core.settings import SQLITE_ALIASES
from lib.core.settings import SUPPORTED_DBMS
from lib.core.settings import SUPPORTED_OS
from lib.core.settings import SYBASE_ALIASES
from lib.core.settings import TIME_DELAY_CANDIDATES
from lib.core.settings import UNENCODED_ORIGINAL_VALUE
from lib.core.settings import UNION_CHAR_REGEX
from lib.core.settings import UNKNOWN_DBMS_VERSION
from lib.core.settings import URI_INJECTABLE_REGEX
from lib.core.settings import VERSION_STRING
from lib.core.settings import WEBSCARAB_SPLITTER
from lib.core.settings import ACCESS_ALIASES, BURP_REQUEST_REGEX, CODECS_LIST_PAGE, CRAWL_EXCLUDE_EXTENSIONS,\
CUSTOM_INJECTION_MARK_CHAR, DB2_ALIASES, DEFAULT_GET_POST_DELIMITER, DEFAULT_PAGE_ENCODING,\
DEFAULT_TOR_HTTP_PORTS, DEFAULT_TOR_SOCKS_PORT, FIREBIRD_ALIASES, INJECT_HERE_MARK, IS_WIN,\
LOCALHOST, MAXDB_ALIASES, MAX_NUMBER_OF_THREADS, MSSQL_ALIASES, MYSQL_ALIASES, NULL, ORACLE_ALIASES,\
PARAMETER_SPLITTING_REGEX, PGSQL_ALIASES, PYVERSION, SITE, SQLITE_ALIASES, SUPPORTED_DBMS, SUPPORTED_OS,\
SYBASE_ALIASES, TIME_DELAY_CANDIDATES, UNENCODED_ORIGINAL_VALUE, UNION_CHAR_REGEX, UNKNOWN_DBMS_VERSION,\
URI_INJECTABLE_REGEX, VERSION_STRING, WEBSCARAB_SPLITTER
from lib.core.threads import getCurrentThreadData
from lib.core.update import update
from lib.parse.configfile import configFileParser
@ -142,7 +70,7 @@ from thirdparty.colorama.initialise import init as coloramainit
from thirdparty.keepalive import keepalive
from thirdparty.oset.pyoset import oset
from thirdparty.socks import socks
from xml.etree.ElementTree import ElementTree
authHandler = urllib2.BaseHandler()
httpsHandler = HTTPSHandler()

5
lib/core/progress.py
View File

@ -25,9 +25,8 @@ class ProgressBar:
self.update()
def __convertSeconds(self, value):
seconds = value
minutes = seconds / 60
seconds = seconds - (minutes * 60)
minutes = value / 60
seconds = value - (minutes * 60)
return "%.2d:%.2d" % (minutes, seconds)

3
lib/core/readlineng.py
View File

@ -6,8 +6,7 @@ See the file 'doc/COPYING' for copying permission
"""
from lib.core.data import logger
from lib.core.settings import IS_WIN
from lib.core.settings import PLATFORM
from lib.core.settings import IS_WIN, PLATFORM
_readline = None

4
lib/core/replication.py
View File

@ -9,9 +9,7 @@ import sqlite3
from extra.safe2bin.safe2bin import safechardecode
from lib.core.common import unsafeSQLIdentificatorNaming
from lib.core.exception import sqlmapGenericException
from lib.core.exception import sqlmapMissingDependence
from lib.core.exception import sqlmapValueException
from lib.core.exception import sqlmapGenericException, sqlmapValueException
class Replication:
"""

3
lib/core/revision.py
View File

@ -8,8 +8,7 @@ See the file 'doc/COPYING' for copying permission
import os
import re
from subprocess import PIPE
from subprocess import Popen as execute
from subprocess import PIPE, Popen as execute
def getRevisionNumber():
"""

17
lib/core/session.py
View File

@ -7,21 +7,10 @@ See the file 'doc/COPYING' for copying permission
import re
from lib.core.common import Backend
from lib.core.common import Format
from lib.core.common import hashDBWrite
from lib.core.common import intersect
from lib.core.common import readInput
from lib.core.common import singleTimeWarnMessage
from lib.core.convert import base64pickle
from lib.core.convert import base64unpickle
from lib.core.data import conf
from lib.core.data import kb
from lib.core.data import logger
from lib.core.enums import HASHDB_KEYS
from lib.core.enums import OS
from lib.core.common import Backend, Format, hashDBWrite
from lib.core.data import kb, logger
from lib.core.enums import HASHDB_KEYS, OS
from lib.core.settings import SUPPORTED_DBMS
from lib.core.settings import UNKNOWN_DBMS_VERSION
def setDbms(dbms):
"""

41
lib/core/settings.py
View File

@ -16,7 +16,7 @@ from lib.core.enums import DBMS_DIRECTORY_NAME
from lib.core.revision import getRevisionNumber
# sqlmap version and site
VERSION = "1.0-dev"
VERSION = "1.0-dev" #TODO: Move to read from file
REVISION = getRevisionNumber()
VERSION_STRING = "sqlmap/%s%s" % (VERSION, "-%s" % REVISION if REVISION else "")
DESCRIPTION = "automatic SQL injection and database takeover tool"
@ -136,13 +136,16 @@ MYSQL_SYSTEM_DBS = ( "information_schema", "mysql" ) # Before
PGSQL_SYSTEM_DBS = ( "information_schema", "pg_catalog", "pg_toast" )
ORACLE_SYSTEM_DBS = ( "SYSTEM", "SYSAUX", "SYS" ) # These are TABLESPACE_NAME
SQLITE_SYSTEM_DBS = ( "sqlite_master", "sqlite_temp_master" )
ACCESS_SYSTEM_DBS = ( "MSysAccessObjects", "MSysACEs", "MSysObjects", "MSysQueries", "MSysRelationships", "MSysAccessStorage",\
ACCESS_SYSTEM_DBS = (
"MSysAccessObjects", "MSysACEs", "MSysObjects", "MSysQueries", "MSysRelationships", "MSysAccessStorage",\
"MSysAccessXML", "MSysModules", "MSysModules2" )
FIREBIRD_SYSTEM_DBS = ( "RDB$BACKUP_HISTORY", "RDB$CHARACTER_SETS", "RDB$CHECK_CONSTRAINTS", "RDB$COLLATIONS", "RDB$DATABASE",\
FIREBIRD_SYSTEM_DBS = (
"RDB$BACKUP_HISTORY", "RDB$CHARACTER_SETS", "RDB$CHECK_CONSTRAINTS", "RDB$COLLATIONS", "RDB$DATABASE",\
"RDB$DEPENDENCIES", "RDB$EXCEPTIONS", "RDB$FIELDS", "RDB$FIELD_DIMENSIONS", " RDB$FILES", "RDB$FILTERS",\
"RDB$FORMATS", "RDB$FUNCTIONS", "RDB$FUNCTION_ARGUMENTS", "RDB$GENERATORS", "RDB$INDEX_SEGMENTS", "RDB$INDICES",\
"RDB$LOG_FILES", "RDB$PAGES", "RDB$PROCEDURES", "RDB$PROCEDURE_PARAMETERS", "RDB$REF_CONSTRAINTS", "RDB$RELATIONS",\
"RDB$RELATION_CONSTRAINTS", "RDB$RELATION_FIELDS", "RDB$ROLES", "RDB$SECURITY_CLASSES", "RDB$TRANSACTIONS", "RDB$TRIGGERS",\
"RDB$RELATION_CONSTRAINTS", "RDB$RELATION_FIELDS", "RDB$ROLES", "RDB$SECURITY_CLASSES", "RDB$TRANSACTIONS",
"RDB$TRIGGERS",\
"RDB$TRIGGER_MESSAGES", "RDB$TYPES", "RDB$USER_PRIVILEGES", "RDB$VIEW_RELATIONS" )
MAXDB_SYSTEM_DBS = ( "SYSINFO", "DOMAIN" )
SYBASE_SYSTEM_DBS = ( "master", "model", "sybsystemdb", "sybsystemprocs" )
@ -160,7 +163,8 @@ MAXDB_ALIASES = ( "maxdb", "sap maxdb", "sap db" )
SYBASE_ALIASES = ( "sybase", "sybase sql server" )
DB2_ALIASES = ( "db2", "ibm db2", "ibmdb2" )
DBMS_DIRECTORY_DICT = dict((getattr(DBMS, _), getattr(DBMS_DIRECTORY_NAME, _)) for _ in dir(DBMS) if not _.startswith("_"))
DBMS_DIRECTORY_DICT = dict(
(getattr(DBMS, _), getattr(DBMS_DIRECTORY_NAME, _)) for _ in dir(DBMS) if not _.startswith("_"))
SUPPORTED_DBMS = MSSQL_ALIASES + MYSQL_ALIASES + PGSQL_ALIASES + ORACLE_ALIASES + SQLITE_ALIASES + ACCESS_ALIASES + FIREBIRD_ALIASES + MAXDB_ALIASES + SYBASE_ALIASES + DB2_ALIASES
SUPPORTED_OS = ( "linux", "windows" )
@ -231,7 +235,9 @@ META_REFRESH_REGEX = r'(?si)<head>.*<meta http-equiv="?refresh"?[^>]+content="?[
EMPTY_FORM_FIELDS_REGEX = r'(&|\A)(?P<result>[^=]+=(&|\Z))'
# Reference: http://www.cs.ru.nl/bachelorscripties/2010/Martin_Devillers___0437999___Analyzing_password_strength.pdf
COMMON_PASSWORD_SUFFIXES = ("1", "123", "2", "12", "3", "13", "7", "11", "5", "22", "23", "01", "4", "07", "21", "14", "10", "06", "08", "8", "15", "69", "16", "6", "18")
COMMON_PASSWORD_SUFFIXES = (
"1", "123", "2", "12", "3", "13", "7", "11", "5", "22", "23", "01", "4", "07", "21", "14", "10", "06", "08", "8", "15",
"69", "16", "6", "18")
# Reference: http://www.the-interweb.com/serendipity/index.php?/archives/94-A-brief-analysis-of-40,000-leaked-MySpace-passwords.html
COMMON_PASSWORD_SUFFIXES += ("!", ".", "*", "!!", "?", ";", "..", "!!!", ",", "@")
@ -279,7 +285,9 @@ MYSQL_ERROR_CHUNK_LENGTH = 50
MSSQL_ERROR_CHUNK_LENGTH = 100
# Do not unescape the injected statement if it contains any of the following SQL words
EXCLUDE_UNESCAPE = ("WAITFOR DELAY ", " INTO DUMPFILE ", " INTO OUTFILE ", "CREATE ", "BULK ", "EXEC ", "RECONFIGURE ", "DECLARE ", "'%s'" % CHAR_INFERENCE_MARK)
EXCLUDE_UNESCAPE = (
"WAITFOR DELAY ", " INTO DUMPFILE ", " INTO OUTFILE ", "CREATE ", "BULK ", "EXEC ", "RECONFIGURE ", "DECLARE ",
"'%s'" % CHAR_INFERENCE_MARK)
# Mark used for replacement of reflected values
REFLECTED_VALUE_MARKER = "__REFLECTED_VALUE__"
@ -312,7 +320,9 @@ MAX_INT = sys.maxint
DEPRECATED_OPTIONS = ("--replicate",)
# Parameters to be ignored in detection phase (upper case)
IGNORE_PARAMETERS = ("__VIEWSTATE", "__VIEWSTATEENCRYPTED", "__EVENTARGUMENT", "__EVENTTARGET", "__EVENTVALIDATION", "ASPSESSIONID", "ASP.NET_SESSIONID", "JSESSIONID", "CFID", "CFTOKEN")
IGNORE_PARAMETERS = (
"__VIEWSTATE", "__VIEWSTATEENCRYPTED", "__EVENTARGUMENT", "__EVENTTARGET", "__EVENTVALIDATION", "ASPSESSIONID",
"ASP.NET_SESSIONID", "JSESSIONID", "CFID", "CFTOKEN")
# Regular expression used for recognition of ASP.NET control parameters
ASP_NET_CONTROL_REGEX = r"(?i)\Actl\d+\$"
@ -343,7 +353,9 @@ LOW_TEXT_PERCENT = 20
# These MySQL keywords can't go (alone) into versioned comment form (/*!...*/)
# Reference: http://dev.mysql.com/doc/refman/5.1/en/function-resolution.html
IGNORE_SPACE_AFFECTED_KEYWORDS = ("CAST", "COUNT", "EXTRACT", "GROUP_CONCAT", "MAX", "MID", "MIN", "SESSION_USER", "SUBSTR", "SUBSTRING", "SUM", "SYSTEM_USER", "TRIM")
IGNORE_SPACE_AFFECTED_KEYWORDS = (
"CAST", "COUNT", "EXTRACT", "GROUP_CONCAT", "MAX", "MID", "MIN", "SESSION_USER", "SUBSTR", "SUBSTRING", "SUM",
"SYSTEM_USER", "TRIM")
LEGAL_DISCLAIMER = "Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program"
@ -363,7 +375,9 @@ DUMMY_SQL_INJECTION_CHARS = ";()'"
DUMMY_USER_INJECTION = r"(?i)[^\w](AND|OR)\s+[^\s]+[=><]"
# Extensions skipped by crawler
CRAWL_EXCLUDE_EXTENSIONS = ("gif","jpg","jar","tif","bmp","war","ear","mpg","wmv","mpeg","scm","iso","dmp","dll","cab","so","avi","bin","exe","iso","tar","png","pdf","ps","mp3","zip","rar","gz")
CRAWL_EXCLUDE_EXTENSIONS = (
"gif", "jpg", "jar", "tif", "bmp", "war", "ear", "mpg", "wmv", "mpeg", "scm", "iso", "dmp", "dll", "cab", "so", "avi",
"bin", "exe", "iso", "tar", "png", "pdf", "ps", "mp3", "zip", "rar", "gz")
# Template used for common table existence check
BRUTE_TABLE_EXISTS_TEMPLATE = "EXISTS(SELECT %d FROM %s)"
@ -402,7 +416,9 @@ UNION_CHAR_REGEX = r'\A\w+\Z'
UNENCODED_ORIGINAL_VALUE = 'original'
# Common column names containing usernames (used for hash cracking in some cases)
COMMON_USER_COLUMNS = ('user', 'username', 'user_name', 'benutzername', 'benutzer', 'utilisateur', 'usager', 'consommateur', 'utente', 'utilizzatore', 'usufrutuario', 'korisnik', 'usuario', 'consumidor')
COMMON_USER_COLUMNS = (
'user', 'username', 'user_name', 'benutzername', 'benutzer', 'utilisateur', 'usager', 'consommateur', 'utente',
'utilizzatore', 'usufrutuario', 'korisnik', 'usuario', 'consumidor')
# Default delimiter in GET/POST values
DEFAULT_GET_POST_DELIMITER = '&'
@ -471,7 +487,8 @@ GENERIC_DOC_ROOT_DIRECTORY_NAMES = ("htdocs", "wwwroot", "www")
MAX_HELP_OPTION_LENGTH = 18
# Strings for detecting formatting errors
FORMAT_EXCEPTION_STRINGS = ("Type mismatch", "Error converting", "Failed to convert", "System.FormatException", "java.lang.NumberFormatException")
FORMAT_EXCEPTION_STRINGS = (
"Type mismatch", "Error converting", "Failed to convert", "System.FormatException", "java.lang.NumberFormatException")
# Regular expression used for extracting ASP.NET view state values
VIEWSTATE_REGEX = r'(?i)(?P<name>__VIEWSTATE[^"]*)[^>]+value="(?P<result>[^"]+)'

3
lib/core/shell.py
View File

@ -11,8 +11,7 @@ import rlcompleter
from lib.core import readlineng as readline
from lib.core.common import Backend
from lib.core.data import logger
from lib.core.data import paths
from lib.core.data import logger, paths
from lib.core.enums import OS
def saveHistory():

50
lib/core/target.py
View File

@ -5,7 +5,6 @@ Copyright (c) 2006-2012 sqlmap developers (http://sqlmap.org/)
See the file 'doc/COPYING' for copying permission
"""
import binascii
import codecs
import os
import re
@ -13,47 +12,18 @@ import tempfile
import time
import urlparse
from lib.core.common import Backend
from lib.core.common import hashDBRetrieve
from lib.core.common import intersect
from lib.core.common import paramToDict
from lib.core.common import readInput
from lib.core.common import resetCookieJar
from lib.core.common import urldecode
from lib.core.data import cmdLineOptions
from lib.core.data import conf
from lib.core.data import kb
from lib.core.data import logger
from lib.core.data import paths
from lib.core.common import Backend, hashDBRetrieve, intersect, paramToDict, readInput, resetCookieJar, urldecode
from lib.core.data import cmdLineOptions, conf, kb, logger, paths
from lib.core.dicts import DBMS_DICT
from lib.core.dump import dumper
from lib.core.enums import HASHDB_KEYS
from lib.core.enums import HTTPHEADER
from lib.core.enums import HTTPMETHOD
from lib.core.enums import PLACE
from lib.core.enums import POST_HINT
from lib.core.exception import sqlmapFilePathException
from lib.core.exception import sqlmapGenericException
from lib.core.exception import sqlmapMissingPrivileges
from lib.core.exception import sqlmapSyntaxException
from lib.core.exception import sqlmapUserQuitException
from lib.core.option import authHandler
from lib.core.option import __setDBMS
from lib.core.option import __setKnowledgeBaseAttributes
from lib.core.option import __setAuthCred
from lib.core.settings import CUSTOM_INJECTION_MARK_CHAR
from lib.core.settings import HOST_ALIASES
from lib.core.settings import JSON_RECOGNITION_REGEX
from lib.core.settings import MULTIPART_RECOGNITION_REGEX
from lib.core.settings import REFERER_ALIASES
from lib.core.settings import RESULTS_FILE_FORMAT
from lib.core.settings import SOAP_RECOGNITION_REGEX
from lib.core.settings import SUPPORTED_DBMS
from lib.core.settings import UNENCODED_ORIGINAL_VALUE
from lib.core.settings import UNICODE_ENCODING
from lib.core.settings import UNKNOWN_DBMS_VERSION
from lib.core.settings import URI_INJECTABLE_REGEX
from lib.core.settings import USER_AGENT_ALIASES
from lib.core.enums import HASHDB_KEYS, HTTPHEADER, HTTPMETHOD, PLACE, POST_HINT
from lib.core.exception import sqlmapFilePathException, sqlmapGenericException, sqlmapMissingPrivileges,\
sqlmapSyntaxException, sqlmapUserQuitException
from lib.core.option import __setDBMS, __setKnowledgeBaseAttributes, __setAuthCred
from lib.core.settings import CUSTOM_INJECTION_MARK_CHAR, HOST_ALIASES, JSON_RECOGNITION_REGEX,\
MULTIPART_RECOGNITION_REGEX, REFERER_ALIASES, RESULTS_FILE_FORMAT, SOAP_RECOGNITION_REGEX,\
SUPPORTED_DBMS, UNICODE_ENCODING, UNKNOWN_DBMS_VERSION, URI_INJECTABLE_REGEX, USER_AGENT_ALIASES
from lib.utils.hashdb import HashDB
from lib.core.xmldump import dumper as xmldumper
from thirdparty.odict.odict import OrderedDict

12
lib/core/testing.py
View File

@ -14,15 +14,9 @@ import tempfile
import time
from lib.controller.controller import start
from lib.core.common import beep
from lib.core.common import clearConsoleLine
from lib.core.common import dataToStdout
from lib.core.common import readXmlFile
from lib.core.data import conf
from lib.core.data import logger
from lib.core.data import paths
from lib.core.option import init
from lib.core.option import __setVerbosity
from lib.core.common import beep, clearConsoleLine, dataToStdout, readXmlFile
from lib.core.data import conf, logger, paths
from lib.core.option import init, __setVerbosity
from lib.core.optiondict import optDict
from lib.parse.cmdline import cmdLineParser

11
lib/core/threads.py
View File

@ -12,16 +12,11 @@ import traceback
from thread import error as threadError
from lib.core.data import conf
from lib.core.data import kb
from lib.core.data import logger
from lib.core.data import conf, kb, logger
from lib.core.datatype import AttribDict
from lib.core.enums import PAYLOAD
from lib.core.exception import sqlmapConnectionException
from lib.core.exception import sqlmapThreadException
from lib.core.exception import sqlmapValueException
from lib.core.settings import MAX_NUMBER_OF_THREADS
from lib.core.settings import PYVERSION
from lib.core.exception import sqlmapConnectionException, sqlmapThreadException, sqlmapValueException
from lib.core.settings import MAX_NUMBER_OF_THREADS, PYVERSION
shared = AttribDict()

1
lib/core/unescaper.py
View File

@ -7,7 +7,6 @@ See the file 'doc/COPYING' for copying permission
from lib.core.common import Backend
from lib.core.data import conf
from lib.core.data import kb
from lib.core.datatype import AttribDict
from lib.core.settings import EXCLUDE_UNESCAPE

9
lib/core/update.py
View File

@ -9,19 +9,14 @@ import os
import re
import time
from subprocess import PIPE
from subprocess import Popen as execute
from subprocess import PIPE, Popen as execute
from lib.core.common import dataToStdout
from lib.core.common import getUnicode
from lib.core.data import conf
from lib.core.data import logger
from lib.core.data import paths
from lib.core.revision import getRevisionNumber
from lib.core.settings import GIT_REPOSITORY
from lib.core.settings import IS_WIN
from lib.core.settings import REVISION
from lib.core.settings import UNICODE_ENCODING
from lib.core.settings import GIT_REPOSITORY, IS_WIN
from lib.core.subprocessng import pollProcess
def update():

6
lib/core/xmldump.py
View File

@ -8,9 +8,7 @@ import xml
import xml.sax.saxutils as saxutils
from lib.core.common import getUnicode
from lib.core.data import conf
from lib.core.data import kb
from lib.core.data import logger
from lib.core.data import conf, kb, logger
from lib.core.exception import sqlmapFilePathException
from lib.core.settings import UNICODE_ENCODING
from thirdparty.prettyprint import prettyprint
@ -168,7 +166,6 @@ class XMLDump:
lstElem = self.__doc.createElement(LST_ELEM_NAME)
lstElem.setAttributeNode(self.__createAttribute(TYPE_ATTR, header))
if elements:
if sort:
try:
elements = set(elements)
@ -525,6 +522,7 @@ class XMLDump:
self.__write(prettyprint.formatXML(self.__doc, encoding=UNICODE_ENCODING))
self.__outputFP.close()
def closeDumper(status, msg=""):
"""
Closes the dumper of the session

1
lib/parse/__init__.py
View File

@ -5,4 +5,3 @@ Copyright (c) 2006-2012 sqlmap developers (http://sqlmap.org/)
See the file 'doc/COPYING' for copying permission
"""
pass

8
lib/parse/banner.py
View File

@ -9,12 +9,8 @@ import re
from xml.sax.handler import ContentHandler
from lib.core.common import checkFile
from lib.core.common import Backend
from lib.core.common import parseXmlFile
from lib.core.common import sanitizeStr
from lib.core.data import kb
from lib.core.data import paths
from lib.core.common import checkFile, Backend, parseXmlFile, sanitizeStr
from lib.core.data import kb, paths
from lib.core.enums import DBMS
from lib.parse.handler import FingerprintHandler

17
lib/parse/cmdline.py
View File

@ -7,20 +7,12 @@ See the file 'doc/COPYING' for copying permission
import sys
from optparse import OptionError
from optparse import OptionGroup
from optparse import OptionParser
from optparse import SUPPRESS_HELP
from optparse import OptionError, OptionGroup, OptionParser, SUPPRESS_HELP
from lib.core.common import checkDeprecatedOptions
from lib.core.common import expandMnemonics
from lib.core.common import getUnicode
from lib.core.common import checkDeprecatedOptions, expandMnemonics, getUnicode
from lib.core.data import logger
from lib.core.defaults import defaults
from lib.core.settings import BASIC_HELP_ITEMS
from lib.core.settings import IS_WIN
from lib.core.settings import MAX_HELP_OPTION_LENGTH
from lib.core.settings import VERSION_STRING
from lib.core.settings import BASIC_HELP_ITEMS, IS_WIN, MAX_HELP_OPTION_LENGTH
def cmdLineParser():
"""
@ -748,7 +740,8 @@ def cmdLineParser():
expandMnemonics(sys.argv[i + 1], parser, args)
if not any((args.direct, args.url, args.logFile, args.bulkFile, args.googleDork, args.configFile,\
args.requestFile, args.updateAll, args.smokeTest, args.liveTest, args.wizard, args.dependencies, args.purgeOutput)):
args.requestFile, args.updateAll, args.smokeTest, args.liveTest, args.wizard, args.dependencies,
args.purgeOutput)):
errMsg = "missing a mandatory option (-d, -u, -l, -m, -r, -g, -c, --wizard, --update, --purge-output or --dependencies), "
errMsg += "use -h for basic or -hh for advanced help"
parser.error(errMsg)

11
lib/parse/configfile.py
View File

@ -6,16 +6,11 @@ See the file 'doc/COPYING' for copying permission
"""
import codecs
from ConfigParser import MissingSectionHeaderError
from lib.core.common import checkFile
from lib.core.common import unArrayizeValue
from lib.core.common import UnicodeRawConfigParser
from lib.core.data import conf
from lib.core.data import logger
from lib.core.exception import sqlmapMissingMandatoryOptionException
from lib.core.exception import sqlmapSyntaxException
from lib.core.common import checkFile, unArrayizeValue, UnicodeRawConfigParser
from lib.core.data import conf, logger
from lib.core.exception import sqlmapMissingMandatoryOptionException, sqlmapSyntaxException
from lib.core.optiondict import optDict
from lib.core.settings import UNICODE_ENCODING

1
lib/parse/html.py
View File

@ -42,6 +42,7 @@ class htmlHandler(ContentHandler):
self.dbms = self._dbms
self._markAsErrorPage()
def htmlParser(page):
"""
This function calls a class that parses the input HTML page to

5
lib/parse/payloads.py
View File

@ -7,8 +7,7 @@ See the file 'doc/COPYING' for copying permission
from xml.etree import ElementTree as et
from lib.core.data import conf
from lib.core.data import paths
from lib.core.data import conf, paths
from lib.core.datatype import AttribDict
def cleanupVals(text, tag):
@ -38,6 +37,7 @@ def cleanupVals(text, tag):
return text
def parseXmlNode(node):
for element in node.getiterator('boundary'):
boundary = AttribDict()
@ -74,6 +74,7 @@ def parseXmlNode(node):
conf.tests.append(test)
def loadPayloads():
doc = et.parse(paths.PAYLOADS_XML)
root = doc.getroot()

2
lib/request/__init__.py
View File

@ -4,5 +4,3 @@
Copyright (c) 2006-2012 sqlmap developers (http://sqlmap.org/)
See the file 'doc/COPYING' for copying permission
"""
pass

9
lib/request/basic.py
View File

@ -9,9 +9,12 @@ import codecs
import gzip
import logging
import re
import StringIO
import struct
import zlib
try:
import cStringIO as StringIO
except ImportError:
import StringIO
from lib.core.common import extractErrorMessage
from lib.core.common import extractRegexResult
@ -46,14 +49,14 @@ def forgeHeaders(items=None):
items = items or {}
for _ in items.keys():
for _ in items.iterkeys():
if items[_] is None:
del items[_]
headers = dict(conf.httpHeaders)
headers.update(items or {})
headers = dict(("-".join(_.capitalize() for _ in key.split('-')), value) for (key, value) in headers.items())
headers = dict(("-".join(_.capitalize() for _ in key.split('-')), value) for (key, value) in headers.iteritems())
if conf.cj:
if HTTPHEADER.COOKIE in headers:

2
lib/request/basicauthhandler.py
View File

@ -4,6 +4,7 @@
Copyright (c) 2006-2012 sqlmap developers (http://sqlmap.org/)
See the file 'doc/COPYING' for copying permission
"""
#TODO: Move to requests
import urllib2
@ -12,6 +13,7 @@ class SmartHTTPBasicAuthHandler(urllib2.HTTPBasicAuthHandler):
Reference: http://selenic.com/hg/rev/6c51a5056020
Fix for a: http://bugs.python.org/issue8797
"""
def __init__(self, *args, **kwargs):
urllib2.HTTPBasicAuthHandler.__init__(self, *args, **kwargs)
self.retried_req = set()

2
lib/request/certhandler.py
View File

@ -5,6 +5,8 @@ Copyright (c) 2006-2012 sqlmap developers (http://sqlmap.org/)
See the file 'doc/COPYING' for copying permission
"""
#TODO: Move to requests
import httplib
import urllib2
import sys

26
lib/request/comparison.py
View File

@ -7,29 +7,17 @@ See the file 'doc/COPYING' for copying permission
import re
from lib.core.common import extractRegexResult
from lib.core.common import getFilteredPageContent
from lib.core.common import listToStrValue
from lib.core.common import removeDynamicContent
from lib.core.common import wasLastRequestDBMSError
from lib.core.common import wasLastRequestHTTPError
from lib.core.data import conf
from lib.core.data import kb
from lib.core.data import logger
from lib.core.common import extractRegexResult, getFilteredPageContent, listToStrValue, removeDynamicContent, \
wasLastRequestDBMSError, wasLastRequestHTTPError
from lib.core.data import conf, kb, logger
from lib.core.exception import sqlmapNoneDataException
from lib.core.settings import DEFAULT_PAGE_ENCODING
from lib.core.settings import DIFF_TOLERANCE
from lib.core.settings import HTML_TITLE_REGEX
from lib.core.settings import MIN_RATIO
from lib.core.settings import MAX_RATIO
from lib.core.settings import REFLECTED_VALUE_MARKER
from lib.core.settings import LOWER_RATIO_BOUND
from lib.core.settings import UPPER_RATIO_BOUND
from lib.core.settings import DEFAULT_PAGE_ENCODING, DIFF_TOLERANCE, HTML_TITLE_REGEX, MIN_RATIO, MAX_RATIO, \
REFLECTED_VALUE_MARKER, LOWER_RATIO_BOUND, UPPER_RATIO_BOUND
from lib.core.threads import getCurrentThreadData
def comparison(page, headers, code=None, getRatioValue=False, pageLength=None):
_ = _adjust(_comparison(page, headers, code, getRatioValue, pageLength), getRatioValue)
return _
return _adjust(_comparison(page, headers, code, getRatioValue, pageLength), getRatioValue)
def _adjust(condition, getRatioValue):
if not any((conf.string, conf.notString, conf.regexp, conf.code)):

151
lib/request/connect.py
View File

@ -17,62 +17,21 @@ import traceback
from extra.safe2bin.safe2bin import safecharencode
from lib.core.agent import agent
from lib.core.common import asciifyUrl
from lib.core.common import calculateDeltaSeconds
from lib.core.common import clearConsoleLine
from lib.core.common import cpuThrottle
from lib.core.common import evaluateCode
from lib.core.common import extractRegexResult
from lib.core.common import findMultipartPostBoundary
from lib.core.common import getCurrentThreadData
from lib.core.common import getHostHeader
from lib.core.common import getRequestHeader
from lib.core.common import getUnicode
from lib.core.common import logHTTPTraffic
from lib.core.common import randomizeParameterValue
from lib.core.common import readInput
from lib.core.common import removeReflectiveValues
from lib.core.common import singleTimeWarnMessage
from lib.core.common import stdev
from lib.core.common import wasLastRequestDelayed
from lib.core.common import unicodeencode
from lib.core.common import urlencode
from lib.core.data import conf
from lib.core.data import kb
from lib.core.data import logger
from lib.core.common import asciifyUrl, calculateDeltaSeconds, clearConsoleLine, cpuThrottle, evaluateCode,\
extractRegexResult, findMultipartPostBoundary, getCurrentThreadData, getHostHeader, getRequestHeader,\
getUnicode, logHTTPTraffic, randomizeParameterValue, readInput, removeReflectiveValues, singleTimeWarnMessage,\
stdev, wasLastRequestDelayed, unicodeencode, urlencode
from lib.core.data import conf, kb, logger
from lib.core.dicts import POST_HINT_CONTENT_TYPES
from lib.core.enums import ADJUST_TIME_DELAY
from lib.core.enums import CUSTOM_LOGGING
from lib.core.enums import HTTPHEADER
from lib.core.enums import HTTPMETHOD
from lib.core.enums import NULLCONNECTION
from lib.core.enums import PAYLOAD
from lib.core.enums import PLACE
from lib.core.enums import POST_HINT
from lib.core.enums import REDIRECTION
from lib.core.exception import sqlmapCompressionException
from lib.core.exception import sqlmapConnectionException
from lib.core.exception import sqlmapSyntaxException
from lib.core.exception import sqlmapValueException
from lib.core.settings import CUSTOM_INJECTION_MARK_CHAR
from lib.core.settings import DEFAULT_CONTENT_TYPE
from lib.core.settings import HTTP_ACCEPT_HEADER_VALUE
from lib.core.settings import HTTP_ACCEPT_ENCODING_HEADER_VALUE
from lib.core.settings import HTTP_SILENT_TIMEOUT
from lib.core.settings import MAX_CONNECTION_CHUNK_SIZE
from lib.core.settings import MAX_CONNECTIONS_REGEX
from lib.core.settings import MAX_CONNECTION_TOTAL_SIZE
from lib.core.settings import META_REFRESH_REGEX
from lib.core.settings import MIN_TIME_RESPONSES
from lib.core.settings import IS_WIN
from lib.core.settings import LARGE_CHUNK_TRIM_MARKER
from lib.core.settings import PERMISSION_DENIED_REGEX
from lib.core.settings import UNENCODED_ORIGINAL_VALUE
from lib.core.settings import URI_HTTP_HEADER
from lib.core.settings import WARN_TIME_STDEV
from lib.request.basic import decodePage
from lib.request.basic import forgeHeaders
from lib.request.basic import processResponse
from lib.core.enums import ADJUST_TIME_DELAY, CUSTOM_LOGGING, HTTPHEADER, HTTPMETHOD, NULLCONNECTION, PAYLOAD,\
PLACE, POST_HINT, REDIRECTION
from lib.core.exception import sqlmapCompressionException, sqlmapConnectionException, sqlmapSyntaxException,\
sqlmapValueException
from lib.core.settings import CUSTOM_INJECTION_MARK_CHAR, DEFAULT_CONTENT_TYPE, HTTP_ACCEPT_HEADER_VALUE,\
HTTP_ACCEPT_ENCODING_HEADER_VALUE, HTTP_SILENT_TIMEOUT, MAX_CONNECTION_CHUNK_SIZE, MAX_CONNECTIONS_REGEX,\
MAX_CONNECTION_TOTAL_SIZE, META_REFRESH_REGEX, MIN_TIME_RESPONSES, IS_WIN, LARGE_CHUNK_TRIM_MARKER,\
PERMISSION_DENIED_REGEX, UNENCODED_ORIGINAL_VALUE, URI_HTTP_HEADER, WARN_TIME_STDEV
from lib.request.basic import decodePage, forgeHeaders, processResponse
from lib.request.direct import direct
from lib.request.comparison import comparison
from lib.request.methodrequest import MethodRequest
@ -146,7 +105,8 @@ class Connect:
if len(_) == MAX_CONNECTION_CHUNK_SIZE:
warnMsg = "large response detected. This could take a while"
singleTimeWarnMessage(warnMsg)
_ = re.sub(r"(?si)%s.+?%s" % (kb.chars.stop, kb.chars.start), "%s%s%s" % (kb.chars.stop, LARGE_CHUNK_TRIM_MARKER, kb.chars.start), _)
_ = re.sub(r"(?si)%s.+?%s" % (kb.chars.stop, kb.chars.start),
"%s%s%s" % (kb.chars.stop, LARGE_CHUNK_TRIM_MARKER, kb.chars.start), _)
retVal += _
else:
retVal += _
@ -197,7 +157,8 @@ class Connect:
url = urlparse.urljoin(conf.url, url)
# flag to know if we are dealing with the same target host
target = reduce(lambda x, y: x == y, map(lambda x: urlparse.urlparse(x).netloc.split(':')[0], [url, conf.url or ""]))
target = reduce(lambda x, y: x == y,
map(lambda x: urlparse.urlparse(x).netloc.split(':')[0], [url, conf.url or ""]))
if not retrying:
# Reset the number of connection retries
@ -211,8 +172,10 @@ class Connect:
page = None
_ = urlparse.urlsplit(url)
requestMsg = u"HTTP request [#%d]:\n%s " % (threadData.lastRequestUID, method or (HTTPMETHOD.POST if post is not None else HTTPMETHOD.GET))
requestMsg += ("%s%s" % (_.path or "/", ("?%s" % _.query) if _.query else "")) if not any((refreshing, crawling)) else url
requestMsg = u"HTTP request [#%d]:\n%s " % (
threadData.lastRequestUID, method or (HTTPMETHOD.POST if post is not None else HTTPMETHOD.GET))
requestMsg += ("%s%s" % (_.path or "/", ("?%s" % _.query) if _.query else "")) if not any(
(refreshing, crawling)) else url
responseMsg = u"HTTP response "
requestHeaders = u""
responseHeaders = None
@ -252,7 +215,8 @@ class Connect:
page = Connect.__connReadProxy(conn)
responseHeaders = conn.info()
responseHeaders[URI_HTTP_HEADER] = conn.geturl()
page = decodePage(page, responseHeaders.get(HTTPHEADER.CONTENT_ENCODING), responseHeaders.get(HTTPHEADER.CONTENT_TYPE))
page = decodePage(page, responseHeaders.get(HTTPHEADER.CONTENT_ENCODING),
responseHeaders.get(HTTPHEADER.CONTENT_TYPE))
return page
@ -289,7 +253,8 @@ class Connect:
headers[HTTPHEADER.PROXY_AUTHORIZATION] = kb.proxyAuthHeader
headers[HTTPHEADER.ACCEPT] = HTTP_ACCEPT_HEADER_VALUE
headers[HTTPHEADER.ACCEPT_ENCODING] = HTTP_ACCEPT_ENCODING_HEADER_VALUE if method != HTTPMETHOD.HEAD and kb.pageCompress else "identity"
headers[
HTTPHEADER.ACCEPT_ENCODING] = HTTP_ACCEPT_ENCODING_HEADER_VALUE if method != HTTPMETHOD.HEAD and kb.pageCompress else "identity"
headers[HTTPHEADER.HOST] = host or getHostHeader(url)
if post is not None and HTTPHEADER.CONTENT_TYPE not in headers:
@ -320,12 +285,15 @@ class Connect:
else:
req = urllib2.Request(url, post, headers)
requestHeaders += "\n".join("%s: %s" % (key.capitalize() if isinstance(key, basestring) else key, getUnicode(value)) for (key, value) in req.header_items())
requestHeaders += "\n".join(
"%s: %s" % (key.capitalize() if isinstance(key, basestring) else key, getUnicode(value)) for (
key, value) in req.header_items())
if not getRequestHeader(req, HTTPHEADER.COOKIE) and conf.cj:
conf.cj._policy._now = conf.cj._now = int(time.time())
cookies = conf.cj._cookies_for_request(req)
requestHeaders += "\n%s" % ("Cookie: %s" % ";".join("%s=%s" % (getUnicode(cookie.name), getUnicode(cookie.value)) for cookie in cookies))
requestHeaders += "\n%s" % ("Cookie: %s" % ";".join(
"%s=%s" % (getUnicode(cookie.name), getUnicode(cookie.value)) for cookie in cookies))
if post is not None:
if not getRequestHeader(req, HTTPHEADER.CONTENT_LENGTH):
@ -369,7 +337,8 @@ class Connect:
code = code or conn.code
responseHeaders = conn.info()
responseHeaders[URI_HTTP_HEADER] = conn.geturl()
page = decodePage(page, responseHeaders.get(HTTPHEADER.CONTENT_ENCODING), responseHeaders.get(HTTPHEADER.CONTENT_TYPE))
page = decodePage(page, responseHeaders.get(HTTPHEADER.CONTENT_ENCODING),
responseHeaders.get(HTTPHEADER.CONTENT_TYPE))
status = getUnicode(conn.msg)
if extractRegexResult(META_REFRESH_REGEX, page) and not refreshing:
@ -421,7 +390,8 @@ class Connect:
page = e.read()
responseHeaders = e.info()
responseHeaders[URI_HTTP_HEADER] = e.geturl()
page = decodePage(page, responseHeaders.get(HTTPHEADER.CONTENT_ENCODING), responseHeaders.get(HTTPHEADER.CONTENT_TYPE))
page = decodePage(page, responseHeaders.get(HTTPHEADER.CONTENT_ENCODING),
responseHeaders.get(HTTPHEADER.CONTENT_TYPE))
except socket.timeout:
warnMsg = "connection timed out while trying "
warnMsg += "to get error page information (%d)" % e.code
@ -443,9 +413,12 @@ class Connect:
responseMsg += "[#%d] (%d %s):\n" % (threadData.lastRequestUID, code, status)
if responseHeaders:
logHeaders = "\n".join("%s: %s" % (key.capitalize() if isinstance(key, basestring) else key, getUnicode(value)) for (key, value) in responseHeaders.items())
logHeaders = "\n".join(
"%s: %s" % (key.capitalize() if isinstance(key, basestring) else key, getUnicode(value)) for (
key, value) in responseHeaders.items())
logHTTPTraffic(requestMsg, "%s%s\n\n%s" % (responseMsg, logHeaders, (page or "")[:MAX_CONNECTION_CHUNK_SIZE]))
logHTTPTraffic(requestMsg,
"%s%s\n\n%s" % (responseMsg, logHeaders, (page or "")[:MAX_CONNECTION_CHUNK_SIZE]))
skipLogTraffic = True
@ -486,7 +459,9 @@ class Connect:
debugMsg = "got HTTP error code: %d (%s)" % (code, status)
logger.debug(debugMsg)
except (urllib2.URLError, socket.error, socket.timeout, httplib.BadStatusLine, httplib.IncompleteRead, ProxyError, sqlmapCompressionException), e:
except (
urllib2.URLError, socket.error, socket.timeout, httplib.BadStatusLine, httplib.IncompleteRead, ProxyError,
sqlmapCompressionException), e:
tbMsg = traceback.format_exc()
if "no host given" in tbMsg:
@ -534,10 +509,13 @@ class Connect:
responseMsg += "[#%d] (%d %s):\n" % (threadData.lastRequestUID, code, status)
if responseHeaders:
logHeaders = "\n".join("%s: %s" % (key.capitalize() if isinstance(key, basestring) else key, getUnicode(value)) for (key, value) in responseHeaders.items())
logHeaders = "\n".join(
"%s: %s" % (key.capitalize() if isinstance(key, basestring) else key, getUnicode(value)) for (
key, value) in responseHeaders.items())
if not skipLogTraffic:
logHTTPTraffic(requestMsg, "%s%s\n\n%s" % (responseMsg, logHeaders, (page or "")[:MAX_CONNECTION_CHUNK_SIZE]))
logHTTPTraffic(requestMsg,
"%s%s\n\n%s" % (responseMsg, logHeaders, (page or "")[:MAX_CONNECTION_CHUNK_SIZE]))
if conf.verbose <= 5:
responseMsg += getUnicode(logHeaders)
@ -549,7 +527,9 @@ class Connect:
return page, responseHeaders, code
@staticmethod
def queryPage(value=None, place=None, content=False, getRatioValue=False, silent=False, method=None, timeBasedCompare=False, noteResponseTime=True, auxHeaders=None, response=False, raise404=None, removeReflection=True):
def queryPage(value=None, place=None, content=False, getRatioValue=False, silent=False, method=None,
timeBasedCompare=False, noteResponseTime=True, auxHeaders=None, response=False, raise404=None,
removeReflection=True):
"""
This method calls a function to get the target url page content
and returns its page MD5 hash or a boolean value in case of
@ -614,7 +594,8 @@ class Connect:
else:
if place != PLACE.URI or (value and payload and '?' in value and value.find('?') < value.find(payload)):
# GET, URI and Cookie need to be throughly URL encoded (POST is encoded down below)
payload = urlencode(payload, '%', False, True) if place in (PLACE.GET, PLACE.COOKIE, PLACE.URI) and not skipUrlEncode else payload
payload = urlencode(payload, '%', False, True) if place in (
PLACE.GET, PLACE.COOKIE, PLACE.URI) and not skipUrlEncode else payload
value = agent.replacePayload(value, payload)
if place:
@ -630,7 +611,8 @@ class Connect:
post = conf.parameters[PLACE.POST] if place != PLACE.POST or not value else value
if PLACE.CUSTOM_POST in conf.parameters:
post = conf.parameters[PLACE.CUSTOM_POST].replace(CUSTOM_INJECTION_MARK_CHAR, "") if place != PLACE.CUSTOM_POST or not value else value
post = conf.parameters[PLACE.CUSTOM_POST].replace(CUSTOM_INJECTION_MARK_CHAR,
"") if place != PLACE.CUSTOM_POST or not value else value
if PLACE.COOKIE in conf.parameters:
cookie = conf.parameters[PLACE.COOKIE] if place != PLACE.COOKIE or not value else value
@ -655,7 +637,8 @@ class Connect:
match = re.search("%s=(?P<value>[^&;]+)" % randomParameter, paramString)
if match:
origValue = match.group("value")
retVal = re.sub("%s=[^&;]+" % randomParameter, "%s=%s" % (randomParameter, randomizeParameterValue(origValue)), paramString)
retVal = re.sub("%s=[^&;]+" % randomParameter,
"%s=%s" % (randomParameter, randomizeParameterValue(origValue)), paramString)
return retVal
for randomParameter in conf.rParam:
@ -737,7 +720,8 @@ class Connect:
if conf.safUrl and conf.saFreq > 0:
kb.queryCounter += 1
if kb.queryCounter % conf.saFreq == 0:
Connect.getPage(url=conf.safUrl, cookie=cookie, direct=True, silent=True, ua=ua, referer=referer, host=host)
Connect.getPage(url=conf.safUrl, cookie=cookie, direct=True, silent=True, ua=ua, referer=referer,
host=host)
start = time.time()
@ -752,19 +736,25 @@ class Connect:
auxHeaders[HTTPHEADER.RANGE] = "bytes=-1"
_, headers, code = Connect.getPage(url=uri, get=get, post=post, cookie=cookie, ua=ua, referer=referer, host=host, silent=silent, method=method, auxHeaders=auxHeaders, raise404=raise404)
_, headers, code = Connect.getPage(url=uri, get=get, post=post, cookie=cookie, ua=ua, referer=referer,
host=host, silent=silent, method=method, auxHeaders=auxHeaders, raise404=raise404)
if headers:
if kb.nullConnection == NULLCONNECTION.HEAD and HTTPHEADER.CONTENT_LENGTH in headers:
pageLength = int(headers[HTTPHEADER.CONTENT_LENGTH])
elif kb.nullConnection == NULLCONNECTION.RANGE and HTTPHEADER.CONTENT_RANGE in headers:
pageLength = int(headers[HTTPHEADER.CONTENT_RANGE][headers[HTTPHEADER.CONTENT_RANGE].find('/') + 1:])
pageLength = int(
headers[HTTPHEADER.CONTENT_RANGE][headers[HTTPHEADER.CONTENT_RANGE].find('/') + 1:])
if not pageLength:
page, headers, code = Connect.getPage(url=uri, get=get, post=post, cookie=cookie, ua=ua, referer=referer, host=host, silent=silent, method=method, auxHeaders=auxHeaders, response=response, raise404=raise404, ignoreTimeout=timeBasedCompare)
page, headers, code = Connect.getPage(url=uri, get=get, post=post, cookie=cookie, ua=ua, referer=referer,
host=host, silent=silent, method=method, auxHeaders=auxHeaders, response=response, raise404=raise404,
ignoreTimeout=timeBasedCompare)
if conf.secondOrder:
page, headers, code = Connect.getPage(url=conf.secondOrder, cookie=cookie, ua=ua, silent=silent, auxHeaders=auxHeaders, response=response, raise404=False, ignoreTimeout=timeBasedCompare, refreshing=True)
page, headers, code = Connect.getPage(url=conf.secondOrder, cookie=cookie, ua=ua, silent=silent,
auxHeaders=auxHeaders, response=response, raise404=False, ignoreTimeout=timeBasedCompare,
refreshing=True)
threadData.lastQueryDuration = calculateDeltaSeconds(start)
@ -788,7 +778,8 @@ class Connect:
return page, headers
if getRatioValue:
return comparison(page, headers, code, getRatioValue=False, pageLength=pageLength), comparison(page, headers, code, getRatioValue=True, pageLength=pageLength)
return comparison(page, headers, code, getRatioValue=False, pageLength=pageLength), comparison(page,
headers, code, getRatioValue=True, pageLength=pageLength)
elif pageLength or page:
return comparison(page, headers, code, getRatioValue, pageLength)
else:

17
lib/request/direct.py
View File

@ -9,20 +9,11 @@ import time
from extra.safe2bin.safe2bin import safecharencode
from lib.core.agent import agent
from lib.core.common import Backend
from lib.core.common import calculateDeltaSeconds
from lib.core.common import extractExpectedValue
from lib.core.common import getCurrentThreadData
from lib.core.common import getUnicode
from lib.core.common import hashDBRetrieve
from lib.core.common import hashDBWrite
from lib.core.common import isListLike
from lib.core.data import conf
from lib.core.data import kb
from lib.core.data import logger
from lib.core.common import Backend, calculateDeltaSeconds, extractExpectedValue, getCurrentThreadData, \
getUnicode, hashDBRetrieve, hashDBWrite, isListLike
from lib.core.data import conf, kb, logger
from lib.core.dicts import SQL_STATEMENTS
from lib.core.enums import DBMS
from lib.core.enums import EXPECTED
from lib.core.enums import DBMS, EXPECTED
from lib.core.settings import UNICODE_ENCODING
from lib.utils.timeout import timeout

2
lib/request/dns.py
View File

@ -4,9 +4,7 @@
Copyright (c) 2006-2012 sqlmap developers (http://sqlmap.org/)
See the file 'doc/COPYING' for copying permission
"""
import os
import random
import re
import socket
import threading

41
lib/request/inject.py
View File

@ -10,41 +10,16 @@ import time
from lib.core.agent import agent
from lib.core.bigarray import BigArray
from lib.core.common import Backend
from lib.core.common import calculateDeltaSeconds
from lib.core.common import cleanQuery
from lib.core.common import expandAsteriskForColumns
from lib.core.common import extractExpectedValue
from lib.core.common import getPublicTypeMembers
from lib.core.common import hashDBRetrieve
from lib.core.common import hashDBWrite
from lib.core.common import initTechnique
from lib.core.common import isNoneValue
from lib.core.common import isNumPosStrValue
from lib.core.common import isTechniqueAvailable
from lib.core.common import parseUnionPage
from lib.core.common import popValue
from lib.core.common import pushValue
from lib.core.common import randomInt
from lib.core.common import readInput
from lib.core.common import safeStringFormat
from lib.core.common import singleTimeWarnMessage
from lib.core.data import conf
from lib.core.data import kb
from lib.core.data import logger
from lib.core.data import queries
from lib.core.common import Backend, calculateDeltaSeconds, cleanQuery, expandAsteriskForColumns, \
extractExpectedValue, getPublicTypeMembers, hashDBRetrieve, hashDBWrite, initTechnique, \
isNoneValue, isNumPosStrValue, isTechniqueAvailable, parseUnionPage, popValue, pushValue, readInput,\
singleTimeWarnMessage
from lib.core.data import conf, kb, logger, queries
from lib.core.dicts import FROM_DUMMY_TABLE
from lib.core.enums import CHARSET_TYPE
from lib.core.enums import DBMS
from lib.core.enums import EXPECTED
from lib.core.enums import PAYLOAD
from lib.core.exception import sqlmapNotVulnerableException
from lib.core.exception import sqlmapUserQuitException
from lib.core.settings import MIN_TIME_RESPONSES
from lib.core.settings import MAX_TECHNIQUES_PER_VALUE
from lib.core.settings import SQL_SCALAR_REGEX
from lib.core.enums import CHARSET_TYPE, DBMS, EXPECTED, PAYLOAD
from lib.core.exception import sqlmapNotVulnerableException, sqlmapUserQuitException
from lib.core.settings import MAX_TECHNIQUES_PER_VALUE, SQL_SCALAR_REGEX
from lib.core.threads import getCurrentThreadData
from lib.core.unescaper import unescaper
from lib.request.connect import Connect as Request
from lib.request.direct import direct
from lib.techniques.blind.inference import bisection

2
lib/request/rangehandler.py
View File

@ -18,7 +18,7 @@ class HTTPRangeHandler(urllib2.BaseHandler):
This was extremely simple. The Range header is a HTTP feature to
begin with so all this class does is tell urllib2 that the
"206 Partial Content" reponse from the HTTP server is what we
"206 Partial Content" response from the HTTP server is what we
expected.
Example:

15
lib/request/redirecthandler.py
View File

@ -8,18 +8,11 @@ See the file 'doc/COPYING' for copying permission
import urllib2
import urlparse
from lib.core.data import conf
from lib.core.data import kb
from lib.core.data import logger
from lib.core.common import getHostHeader
from lib.core.common import getUnicode
from lib.core.common import logHTTPTraffic
from lib.core.common import readInput
from lib.core.enums import HTTPHEADER
from lib.core.enums import REDIRECTION
from lib.core.data import kb, logger
from lib.core.common import getHostHeader, getUnicode, logHTTPTraffic, readInput
from lib.core.enums import HTTPHEADER, REDIRECTION
from lib.core.exception import sqlmapConnectionException
from lib.core.settings import MAX_SINGLE_URL_REDIRECTIONS
from lib.core.settings import MAX_TOTAL_REDIRECTIONS
from lib.core.settings import MAX_SINGLE_URL_REDIRECTIONS, MAX_TOTAL_REDIRECTIONS
from lib.core.threads import getCurrentThreadData
from lib.request.basic import decodePage

14
lib/takeover/abstraction.py
View File

@ -6,15 +6,9 @@ See the file 'doc/COPYING' for copying permission
"""
from extra.safe2bin.safe2bin import safechardecode
from lib.core.common import dataToStdout
from lib.core.common import Backend
from lib.core.common import getSQLSnippet
from lib.core.common import isTechniqueAvailable
from lib.core.common import readInput
from lib.core.data import conf
from lib.core.data import logger
from lib.core.enums import DBMS
from lib.core.enums import PAYLOAD
from lib.core.common import dataToStdout, Backend, getSQLSnippet, isTechniqueAvailable, readInput
from lib.core.data import conf, logger
from lib.core.enums import DBMS, PAYLOAD
from lib.core.exception import sqlmapUnsupportedFeatureException
from lib.core.shell import autoCompletion
from lib.request import inject
@ -25,7 +19,7 @@ from lib.takeover.xp_cmdshell import xp_cmdshell
class Abstraction(Web, UDF, xp_cmdshell):
"""
This class defines an abstraction layer for OS takeover functionalities
This class defines an abstraction layer for OS takeover functionality
to UDF / xp_cmdshell objects
"""

13
lib/takeover/icmpsh.py
View File

@ -9,18 +9,11 @@ import os
import time
from extra.icmpsh.icmpsh_m import main as icmpshmaster
from lib.core.common import getLocalIP
from lib.core.common import getRemoteIP
from lib.core.common import normalizePath
from lib.core.common import ntToPosixSlashes
from lib.core.common import randomStr
from lib.core.common import readInput
from lib.core.data import conf
from lib.core.data import logger
from lib.core.data import paths
from lib.core.common import getLocalIP, getRemoteIP, normalizePath, ntToPosixSlashes, randomStr, readInput
from lib.core.data import conf, logger, paths
class ICMPsh:
class ICMPsh(object):
"""
This class defines methods to call icmpsh for plugins.
"""

48
lib/takeover/metasploit.py
View File

@ -12,35 +12,18 @@ import sys
import time
from select import select
from subprocess import PIPE
from subprocess import Popen as execute
from subprocess import PIPE, Popen as execute
from lib.core.common import dataToStdout
from lib.core.common import Backend
from lib.core.common import getLocalIP
from lib.core.common import getRemoteIP
from lib.core.common import getUnicode
from lib.core.common import normalizePath
from lib.core.common import ntToPosixSlashes
from lib.core.common import randomRange
from lib.core.common import randomStr
from lib.core.common import readInput
from lib.core.data import conf
from lib.core.data import logger
from lib.core.data import paths
from lib.core.enums import DBMS
from lib.core.enums import OS
from lib.core.exception import sqlmapDataException
from lib.core.exception import sqlmapFilePathException
from lib.core.settings import IS_WIN
from lib.core.settings import UNICODE_ENCODING
from lib.core.subprocessng import blockingReadFromFD
from lib.core.subprocessng import blockingWriteToFD
from lib.core.subprocessng import pollProcess
from lib.core.subprocessng import setNonBlocking
from lib.core.common import dataToStdout, Backend, getLocalIP, getRemoteIP, getUnicode, normalizePath,\
ntToPosixSlashes, randomRange, randomStr, readInput
from lib.core.data import conf, logger, paths
from lib.core.enums import DBMS, OS
from lib.core.exception import sqlmapDataException, sqlmapFilePathException
from lib.core.settings import IS_WIN, UNICODE_ENCODING
from lib.core.subprocessng import blockingReadFromFD, blockingWriteToFD, pollProcess, setNonBlocking
class Metasploit:
class Metasploit(object):
"""
This class defines methods to call Metasploit for plugins.
"""
@ -80,9 +63,13 @@ class Metasploit:
self.__msfConnectionsList = {
"windows": {
1: ( "Reverse TCP: Connect back from the database host to this machine (default)", "reverse_tcp" ),
2: ( "Reverse TCP: Try to connect back from the database host to this machine, on all ports between the specified and 65535", "reverse_tcp_allports" ),
3: ( "Reverse HTTP: Connect back from the database host to this machine tunnelling traffic over HTTP", "reverse_http" ),
4: ( "Reverse HTTPS: Connect back from the database host to this machine tunnelling traffic over HTTPS", "reverse_https" ),
2: (
"Reverse TCP: Try to connect back from the database host to this machine, on all ports between the specified and 65535",
"reverse_tcp_allports" ),
3: ("Reverse HTTP: Connect back from the database host to this machine tunnelling traffic over HTTP",
"reverse_http" ),
4: ("Reverse HTTPS: Connect back from the database host to this machine tunnelling traffic over HTTPS",
"reverse_https" ),
5: ( "Bind TCP: Listen on the database host for a connection", "bind_tcp" )
},
"linux": {
@ -360,7 +347,8 @@ class Metasploit:
self.__payloadCmd += " PrependChrootBreak=true PrependSetuid=true"
if extra == "BufferRegister=EAX":
self.__payloadCmd += " R | %s -a x86 -e %s -o \"%s\" -t %s" % (self.__msfEncode, self.encoderStr, outFile, format)
self.__payloadCmd += " R | %s -a x86 -e %s -o \"%s\" -t %s" % (
self.__msfEncode, self.encoderStr, outFile, format)
if extra is not None:
self.__payloadCmd += " %s" % extra

24
lib/takeover/udf.py
View File

@ -8,28 +8,16 @@ See the file 'doc/COPYING' for copying permission
import os
from lib.core.agent import agent
from lib.core.common import dataToStdout
from lib.core.common import Backend
from lib.core.common import isTechniqueAvailable
from lib.core.common import readInput
from lib.core.data import conf
from lib.core.data import kb
from lib.core.data import logger
from lib.core.data import queries
from lib.core.enums import DBMS
from lib.core.enums import CHARSET_TYPE
from lib.core.enums import EXPECTED
from lib.core.enums import OS
from lib.core.enums import PAYLOAD
from lib.core.common import dataToStdout, Backend, isTechniqueAvailable, readInput
from lib.core.data import conf, logger, queries
from lib.core.enums import DBMS, CHARSET_TYPE, EXPECTED, OS, PAYLOAD
from lib.core.common import unArrayizeValue
from lib.core.exception import sqlmapFilePathException
from lib.core.exception import sqlmapMissingMandatoryOptionException
from lib.core.exception import sqlmapUnsupportedFeatureException
from lib.core.exception import sqlmapUserQuitException
from lib.core.exception import sqlmapFilePathException, sqlmapMissingMandatoryOptionException, \
sqlmapUnsupportedFeatureException, sqlmapUserQuitException
from lib.core.unescaper import unescaper
from lib.request import inject
class UDF:
class UDF(object):
"""
This class defines methods to deal with User-Defined Functions for
plugins.

41
lib/takeover/web.py
View File

@ -14,42 +14,19 @@ from tempfile import mkstemp
from extra.cloak.cloak import decloak
from lib.core.agent import agent
from lib.core.common import arrayizeValue
from lib.core.common import Backend
from lib.core.common import decloakToNamedStream
from lib.core.common import extractRegexResult
from lib.core.common import getDirs
from lib.core.common import getDocRoot
from lib.core.common import getPublicTypeMembers
from lib.core.common import getSQLSnippet
from lib.core.common import getUnicode
from lib.core.common import ntToPosixSlashes
from lib.core.common import isTechniqueAvailable
from lib.core.common import isWindowsDriveLetterPath
from lib.core.common import normalizePath
from lib.core.common import posixToNtSlashes
from lib.core.common import randomInt
from lib.core.common import randomStr
from lib.core.common import readInput
from lib.core.common import singleTimeWarnMessage
from lib.core.convert import hexencode
from lib.core.convert import utf8encode
from lib.core.data import conf
from lib.core.data import kb
from lib.core.data import logger
from lib.core.data import paths
from lib.core.enums import DBMS
from lib.core.enums import OS
from lib.core.enums import PAYLOAD
from lib.core.enums import WEB_API
from lib.core.settings import EVENTVALIDATION_REGEX
from lib.core.settings import VIEWSTATE_REGEX
from lib.core.common import arrayizeValue, Backend, decloakToNamedStream, extractRegexResult, getDirs, getDocRoot, \
getPublicTypeMembers, getSQLSnippet, getUnicode, ntToPosixSlashes, isTechniqueAvailable, isWindowsDriveLetterPath,\
normalizePath, posixToNtSlashes, randomInt, randomStr, readInput, singleTimeWarnMessage
from lib.core.convert import hexencode, utf8encode
from lib.core.data import conf, kb, logger, paths
from lib.core.enums import DBMS, OS, PAYLOAD, WEB_API
from lib.core.settings import EVENTVALIDATION_REGEX, VIEWSTATE_REGEX
from lib.request.connect import Connect as Request
class Web:
class Web(object):
"""
This class defines web-oriented OS takeover functionalities for
This class defines web-oriented OS takeover functionality for
plugins.
"""

28
lib/takeover/xp_cmdshell.py
View File

@ -6,34 +6,16 @@ See the file 'doc/COPYING' for copying permission
"""
from lib.core.agent import agent
from lib.core.common import Backend
from lib.core.common import getLimitRange
from lib.core.common import getSQLSnippet
from lib.core.common import hashDBWrite
from lib.core.common import isListLike
from lib.core.common import isNoneValue
from lib.core.common import isNumPosStrValue
from lib.core.common import isTechniqueAvailable
from lib.core.common import pushValue
from lib.core.common import popValue
from lib.core.common import randomStr
from lib.core.common import readInput
from lib.core.common import wasLastRequestDelayed
from lib.core.common import Backend, getLimitRange, getSQLSnippet, hashDBWrite, isListLike, isNoneValue, \
isNumPosStrValue, isTechniqueAvailable, pushValue, popValue, randomStr, readInput, wasLastRequestDelayed
from lib.core.convert import hexencode
from lib.core.data import conf
from lib.core.data import kb
from lib.core.data import logger
from lib.core.enums import CHARSET_TYPE
from lib.core.enums import DBMS
from lib.core.enums import EXPECTED
from lib.core.enums import HASHDB_KEYS
from lib.core.enums import PAYLOAD
from lib.core.data import conf, kb, logger
from lib.core.enums import CHARSET_TYPE, DBMS, EXPECTED, HASHDB_KEYS, PAYLOAD
from lib.core.exception import sqlmapUnsupportedFeatureException
from lib.core.threads import getCurrentThreadData
from lib.core.unescaper import unescaper
from lib.request import inject
class xp_cmdshell:
class xp_cmdshell(object):
"""
This class defines methods to deal with Microsoft SQL Server
xp_cmdshell extended procedure for plugins.

1
lib/techniques/__init__.py
View File

@ -5,4 +5,3 @@ Copyright (c) 2006-2012 sqlmap developers (http://sqlmap.org/)
See the file 'doc/COPYING' for copying permission
"""
pass

1
lib/techniques/blind/__init__.py
View File

@ -5,4 +5,3 @@ Copyright (c) 2006-2012 sqlmap developers (http://sqlmap.org/)
See the file 'doc/COPYING' for copying permission
"""
pass

45
lib/techniques/blind/inference.py
View File

@ -5,49 +5,22 @@ Copyright (c) 2006-2012 sqlmap developers (http://sqlmap.org/)
See the file 'doc/COPYING' for copying permission
"""
import re
import threading
import time
from extra.safe2bin.safe2bin import safecharencode
from lib.core.agent import agent
from lib.core.common import Backend
from lib.core.common import calculateDeltaSeconds
from lib.core.common import dataToStdout
from lib.core.common import decodeHexValue
from lib.core.common import decodeIntToUnicode
from lib.core.common import filterControlChars
from lib.core.common import getCharset
from lib.core.common import getCounter
from lib.core.common import goGoodSamaritan
from lib.core.common import getPartRun
from lib.core.common import hashDBRetrieve
from lib.core.common import hashDBWrite
from lib.core.common import incrementCounter
from lib.core.common import randomStr
from lib.core.common import safeStringFormat
from lib.core.common import singleTimeWarnMessage
from lib.core.data import conf
from lib.core.data import kb
from lib.core.data import logger
from lib.core.data import queries
from lib.core.enums import ADJUST_TIME_DELAY
from lib.core.enums import CHARSET_TYPE
from lib.core.enums import DBMS
from lib.core.enums import PAYLOAD
from lib.core.common import Backend, calculateDeltaSeconds, dataToStdout, decodeHexValue, decodeIntToUnicode,\
filterControlChars, getCharset, getCounter, goGoodSamaritan, getPartRun, hashDBRetrieve, hashDBWrite,\
incrementCounter, safeStringFormat, singleTimeWarnMessage
from lib.core.data import conf, kb, logger, queries
from lib.core.enums import ADJUST_TIME_DELAY, CHARSET_TYPE, DBMS, PAYLOAD
from lib.core.exception import sqlmapThreadException
from lib.core.progress import ProgressBar
from lib.core.settings import CHAR_INFERENCE_MARK
from lib.core.settings import INFERENCE_BLANK_BREAK
from lib.core.settings import INFERENCE_UNKNOWN_CHAR
from lib.core.settings import INFERENCE_GREATER_CHAR
from lib.core.settings import INFERENCE_EQUALS_CHAR
from lib.core.settings import INFERENCE_NOT_EQUALS_CHAR
from lib.core.settings import MAX_TIME_REVALIDATION_STEPS
from lib.core.settings import PARTIAL_VALUE_MARKER
from lib.core.settings import VALID_TIME_CHARS_RUN_THRESHOLD
from lib.core.threads import getCurrentThreadData
from lib.core.threads import runThreads
from lib.core.settings import CHAR_INFERENCE_MARK, INFERENCE_BLANK_BREAK, INFERENCE_UNKNOWN_CHAR,\
INFERENCE_GREATER_CHAR, INFERENCE_EQUALS_CHAR, INFERENCE_NOT_EQUALS_CHAR, MAX_TIME_REVALIDATION_STEPS,\
PARTIAL_VALUE_MARKER, VALID_TIME_CHARS_RUN_THRESHOLD
from lib.core.threads import getCurrentThreadData, runThreads
from lib.core.unescaper import unescaper
from lib.request.connect import Connect as Request

1
lib/techniques/brute/__init__.py
View File

@ -5,4 +5,3 @@ Copyright (c) 2006-2012 sqlmap developers (http://sqlmap.org/)
See the file 'doc/COPYING' for copying permission
"""
pass

37
lib/techniques/brute/use.py
View File

@ -7,37 +7,19 @@ See the file 'doc/COPYING' for copying permission
import time
from lib.core.common import clearConsoleLine
from lib.core.common import dataToStdout
from lib.core.common import filterListValue
from lib.core.common import getFileItems
from lib.core.common import Backend
from lib.core.common import getPageWordSet
from lib.core.common import hashDBRetrieve
from lib.core.common import hashDBWrite
from lib.core.common import randomInt
from lib.core.common import randomStr
from lib.core.common import safeStringFormat
from lib.core.common import safeSQLIdentificatorNaming
from lib.core.data import conf
from lib.core.data import kb
from lib.core.data import logger
from lib.core.enums import DBMS
from lib.core.enums import HASHDB_KEYS
from lib.core.exception import sqlmapDataException
from lib.core.exception import sqlmapMissingMandatoryOptionException
from lib.core.settings import METADB_SUFFIX
from lib.core.settings import BRUTE_COLUMN_EXISTS_TEMPLATE
from lib.core.settings import BRUTE_TABLE_EXISTS_TEMPLATE
from lib.core.threads import getCurrentThreadData
from lib.core.threads import runThreads
from lib.core.common import clearConsoleLine, dataToStdout, filterListValue, getFileItems, Backend, \
getPageWordSet, hashDBWrite, randomInt, randomStr, safeStringFormat, safeSQLIdentificatorNaming
from lib.core.data import conf, kb, logger
from lib.core.enums import DBMS, HASHDB_KEYS
from lib.core.exception import sqlmapDataException, sqlmapMissingMandatoryOptionException
from lib.core.settings import METADB_SUFFIX, BRUTE_COLUMN_EXISTS_TEMPLATE, BRUTE_TABLE_EXISTS_TEMPLATE
from lib.core.threads import getCurrentThreadData, runThreads
from lib.request import inject
def __addPageTextWords():
wordsList = []
infoMsg = "adding words used on web page to the check list"
logger.info(infoMsg)
logger.info("adding words used on web page to the check list")
pageWords = getPageWordSet(kb.originalPage)
for word in pageWords:
@ -58,8 +40,7 @@ def tableExists(tableFile, regex=None):
tables = getFileItems(tableFile, lowercase=Backend.getIdentifiedDbms() in (DBMS.ACCESS,), unique=True)
infoMsg = "checking table existence using items from '%s'" % tableFile
logger.info(infoMsg)
logger.info("checking table existence using items from '%s'" % tableFile)
tables.extend(__addPageTextWords())
tables = filterListValue(tables, regex)

1
lib/techniques/dns/__init__.py
View File

@ -5,4 +5,3 @@ Copyright (c) 2006-2012 sqlmap developers (http://sqlmap.org/)
See the file 'doc/COPYING' for copying permission
"""
pass

7
lib/techniques/dns/test.py
View File

@ -7,9 +7,7 @@ See the file 'doc/COPYING' for copying permission
from lib.core.common import Backend
from lib.core.common import randomInt
from lib.core.data import conf
from lib.core.data import kb
from lib.core.data import logger
from lib.core.data import conf, kb, logger
from lib.core.dicts import FROM_DUMMY_TABLE
from lib.core.exception import sqlmapNotVulnerableException
from lib.techniques.dns.use import dnsUse
@ -19,7 +17,8 @@ def dnsTest(payload):
logger.info("testing for data retrieval through DNS channel")
randInt = randomInt()
kb.dnsTest = dnsUse(payload, "SELECT %d%s" % (randInt, FROM_DUMMY_TABLE.get(Backend.getIdentifiedDbms(), ""))) == str(randInt)
kb.dnsTest = dnsUse(payload,
"SELECT %d%s" % (randInt, FROM_DUMMY_TABLE.get(Backend.getIdentifiedDbms(), ""))) == str(randInt)
if not kb.dnsTest:
errMsg = "data retrieval through DNS channel failed"

16
lib/techniques/dns/use.py
View File

@ -7,23 +7,11 @@ See the file 'doc/COPYING' for copying permission
import re
import time
import string
from extra.safe2bin.safe2bin import safecharencode
from lib.core.agent import agent
from lib.core.common import Backend
from lib.core.common import calculateDeltaSeconds
from lib.core.common import dataToStdout
from lib.core.common import decodeHexValue
from lib.core.common import extractRegexResult
from lib.core.common import getSQLSnippet
from lib.core.common import hashDBRetrieve
from lib.core.common import hashDBWrite
from lib.core.common import randomInt
from lib.core.common import randomStr
from lib.core.common import safecharencode
from lib.core.common import safeStringFormat
from lib.core.common import singleTimeWarnMessage
from lib.core.common import Backend, calculateDeltaSeconds, dataToStdout, decodeHexValue, extractRegexResult,\
getSQLSnippet, hashDBRetrieve, hashDBWrite, randomInt, randomStr, safeStringFormat, singleTimeWarnMessage
from lib.core.data import conf
from lib.core.data import kb
from lib.core.data import logger

1
lib/techniques/error/__init__.py
View File

@ -5,4 +5,3 @@ Copyright (c) 2006-2012 sqlmap developers (http://sqlmap.org/)
See the file 'doc/COPYING' for copying permission
"""
pass

36
lib/techniques/error/use.py
View File

@ -11,38 +11,16 @@ import time
from extra.safe2bin.safe2bin import safecharencode
from lib.core.agent import agent
from lib.core.bigarray import BigArray
from lib.core.common import Backend
from lib.core.common import calculateDeltaSeconds
from lib.core.common import dataToStdout
from lib.core.common import decodeHexValue
from lib.core.common import extractRegexResult
from lib.core.common import getUnicode
from lib.core.common import hashDBRetrieve
from lib.core.common import hashDBWrite
from lib.core.common import incrementCounter
from lib.core.common import initTechnique
from lib.core.common import isListLike
from lib.core.common import isNumPosStrValue
from lib.core.common import listToStrValue
from lib.core.common import readInput
from lib.core.common import Backend, calculateDeltaSeconds, dataToStdout, decodeHexValue, extractRegexResult,\
getUnicode, hashDBRetrieve, hashDBWrite, incrementCounter, initTechnique, isListLike, isNumPosStrValue,\
listToStrValue, readInput
from lib.core.convert import htmlunescape
from lib.core.data import conf
from lib.core.data import kb
from lib.core.data import logger
from lib.core.data import queries
from lib.core.data import conf, kb, logger, queries
from lib.core.dicts import FROM_DUMMY_TABLE
from lib.core.enums import DBMS
from lib.core.enums import PAYLOAD
from lib.core.settings import CHECK_ZERO_COLUMNS_THRESHOLD
from lib.core.settings import MYSQL_ERROR_CHUNK_LENGTH
from lib.core.settings import MSSQL_ERROR_CHUNK_LENGTH
from lib.core.settings import NULL
from lib.core.settings import PARTIAL_VALUE_MARKER
from lib.core.settings import SLOW_ORDER_COUNT_THRESHOLD
from lib.core.settings import SQL_SCALAR_REGEX
from lib.core.settings import TURN_OFF_RESUME_INFO_LIMIT
from lib.core.threads import getCurrentThreadData
from lib.core.threads import runThreads
from lib.core.settings import CHECK_ZERO_COLUMNS_THRESHOLD, MYSQL_ERROR_CHUNK_LENGTH, MSSQL_ERROR_CHUNK_LENGTH, \
NULL, PARTIAL_VALUE_MARKER, SLOW_ORDER_COUNT_THRESHOLD, SQL_SCALAR_REGEX, TURN_OFF_RESUME_INFO_LIMIT
from lib.core.threads import getCurrentThreadData, runThreads
from lib.core.unescaper import unescaper
from lib.request.connect import Connect as Request

38
lib/techniques/union/use.py
View File

@ -11,39 +11,17 @@ import time
from extra.safe2bin.safe2bin import safecharencode
from lib.core.agent import agent
from lib.core.bigarray import BigArray
from lib.core.common import arrayizeValue
from lib.core.common import Backend
from lib.core.common import calculateDeltaSeconds
from lib.core.common import clearConsoleLine
from lib.core.common import dataToStdout
from lib.core.common import extractRegexResult
from lib.core.common import flattenValue
from lib.core.common import getConsoleWidth
from lib.core.common import getUnicode
from lib.core.common import hashDBRetrieve
from lib.core.common import hashDBWrite
from lib.core.common import incrementCounter
from lib.core.common import initTechnique
from lib.core.common import isNoneValue
from lib.core.common import isNumPosStrValue
from lib.core.common import listToStrValue
from lib.core.common import parseUnionPage
from lib.core.common import removeReflectiveValues
from lib.core.common import singleTimeWarnMessage
from lib.core.common import wasLastRequestDBMSError
from lib.core.common import arrayizeValue, Backend, calculateDeltaSeconds, clearConsoleLine, dataToStdout, \
extractRegexResult, flattenValue, getConsoleWidth, getUnicode, hashDBRetrieve, hashDBWrite, incrementCounter, \
initTechnique, isNoneValue, isNumPosStrValue, listToStrValue, parseUnionPage, removeReflectiveValues,\
singleTimeWarnMessage, wasLastRequestDBMSError
from lib.core.convert import htmlunescape
from lib.core.data import conf
from lib.core.data import kb
from lib.core.data import logger
from lib.core.data import queries
from lib.core.data import conf,kb, logger, queries
from lib.core.dicts import FROM_DUMMY_TABLE
from lib.core.enums import DBMS
from lib.core.enums import PAYLOAD
from lib.core.enums import DBMS, PAYLOAD
from lib.core.exception import sqlmapSyntaxException
from lib.core.settings import SQL_SCALAR_REGEX
from lib.core.settings import TURN_OFF_RESUME_INFO_LIMIT
from lib.core.threads import getCurrentThreadData
from lib.core.threads import runThreads
from lib.core.settings import SQL_SCALAR_REGEX, TURN_OFF_RESUME_INFO_LIMIT
from lib.core.threads import getCurrentThreadData, runThreads
from lib.core.unescaper import unescaper
from lib.request.connect import Connect as Request

20
lib/utils/checkpayload.py
View File

@ -5,21 +5,19 @@ Copyright (c) 2006-2012 sqlmap developers (http://sqlmap.org/)
See the file 'doc/COPYING' for copying permission
"""
import re
from re import sub, search
from lib.core.common import readXmlFile
from lib.core.common import urldecode
from lib.core.data import paths
from lib.core.data import logger
from lib.core.common import readXmlFile, urldecode
from lib.core.data import paths, logger
rules = None
def __adjustGrammar(string):
string = re.sub('\ADetects', 'Detected', string)
string = re.sub('\Afinds', 'Found', string)
string = re.sub('attempts\Z', 'attempt', string)
string = re.sub('injections\Z', 'injection', string)
string = re.sub('attacks\Z', 'attack', string)
string = sub('\ADetects', 'Detected', string)
string = sub('\Afinds', 'Found', string)
string = sub('attempts\Z', 'attempt', string)
string = sub('injections\Z', 'injection', string)
string = sub('attacks\Z', 'attack', string)
return string
@ -48,7 +46,7 @@ def checkPayload(payload):
if payload:
for rule, desc in rules:
if re.search(rule, payload):
if search(rule, payload):
detected = True
logger.warn("highly probable IDS/IPS detection: '%s: %s'" % (desc, payload))

12
lib/utils/crawler.py
View File

@ -10,17 +10,11 @@ import re
import urlparse
import time
from lib.core.common import clearConsoleLine
from lib.core.common import dataToStdout
from lib.core.common import findPageForms
from lib.core.common import singleTimeWarnMessage
from lib.core.data import conf
from lib.core.data import kb
from lib.core.data import logger
from lib.core.common import clearConsoleLine, dataToStdout, findPageForms, singleTimeWarnMessage
from lib.core.data import conf, kb, logger
from lib.core.exception import sqlmapConnectionException
from lib.core.settings import CRAWL_EXCLUDE_EXTENSIONS
from lib.core.threads import getCurrentThreadData
from lib.core.threads import runThreads
from lib.core.threads import getCurrentThreadData, runThreads
from lib.request.connect import Connect as Request
from thirdparty.beautifulsoup.beautifulsoup import BeautifulSoup
from thirdparty.oset.pyoset import oset

19
lib/utils/google.py
View File

@ -12,21 +12,12 @@ import socket
import urllib
import urllib2
from lib.core.common import getUnicode
from lib.core.common import readInput
from lib.core.common import urldecode
from lib.core.common import urlencode
from lib.core.data import conf
from lib.core.data import kb
from lib.core.data import logger
from lib.core.exception import sqlmapConnectionException
from lib.core.exception import sqlmapGenericException
from lib.core.settings import GOOGLE_REGEX
from lib.core.settings import UNICODE_ENCODING
from lib.core.settings import URI_INJECTABLE_REGEX
from lib.request.basic import decodePage
from lib.core.common import getUnicode, urlencode
from lib.core.data import conf, logger
from lib.core.exception import sqlmapConnectionException, sqlmapGenericException
from lib.core.settings import GOOGLE_REGEX, UNICODE_ENCODING, decodePage
class Google:
class Google(object):
"""
This class defines methods used to perform Google dorking (command
line option '-g <google dork>'

45
lib/utils/hash.py
View File

@ -30,43 +30,16 @@ from hashlib import md5
from hashlib import sha1
from Queue import Queue
from lib.core.common import Backend
from lib.core.common import checkFile
from lib.core.common import clearConsoleLine
from lib.core.common import dataToStdout
from lib.core.common import getFileItems
from lib.core.common import getPublicTypeMembers
from lib.core.common import hashDBRetrieve
from lib.core.common import hashDBWrite
from lib.core.common import normalizeUnicode
from lib.core.common import paths
from lib.core.common import readInput
from lib.core.common import singleTimeLogMessage
from lib.core.common import singleTimeWarnMessage
from lib.core.convert import hexdecode
from lib.core.convert import hexencode
from lib.core.convert import utf8encode
from lib.core.data import conf
from lib.core.data import kb
from lib.core.data import logger
from lib.core.enums import DBMS
from lib.core.enums import HASH
from lib.core.exception import sqlmapFilePathException
from lib.core.exception import sqlmapUserQuitException
from lib.core.settings import COMMON_PASSWORD_SUFFIXES
from lib.core.settings import COMMON_USER_COLUMNS
from lib.core.settings import DUMMY_USER_PREFIX
from lib.core.settings import HASH_MOD_ITEM_DISPLAY
from lib.core.settings import HASH_RECOGNITION_QUIT_THRESHOLD
from lib.core.settings import IS_WIN
from lib.core.settings import ITOA64
from lib.core.settings import ML
from lib.core.settings import NULL
from lib.core.settings import UNICODE_ENCODING
from lib.core.settings import ROTATING_CHARS
from lib.core.common import Backend, checkFile, clearConsoleLine, dataToStdout, getFileItems, getPublicTypeMembers,\
hashDBRetrieve, hashDBWrite, normalizeUnicode, paths, readInput, singleTimeLogMessage, singleTimeWarnMessage
from lib.core.convert import hexdecode, hexencode, utf8encode
from lib.core.data import conf, kb, logger
from lib.core.enums import DBMS, HASH
from lib.core.exception import sqlmapFilePathException, sqlmapUserQuitException
from lib.core.settings import COMMON_PASSWORD_SUFFIXES, COMMON_USER_COLUMNS, DUMMY_USER_PREFIX, HASH_MOD_ITEM_DISPLAY,\
HASH_RECOGNITION_QUIT_THRESHOLD, IS_WIN, ITOA64, ML, NULL, UNICODE_ENCODING, ROTATING_CHARS
from lib.core.wordlist import Wordlist
from thirdparty.pydes.pyDes import des
from thirdparty.pydes.pyDes import CBC
from thirdparty.pydes.pyDes import des, CBC
def mysql_passwd(password, uppercase=True):
"""

11
lib/utils/hashdb.py
View File

@ -11,16 +11,11 @@ import sqlite3
import threading
import time
from lib.core.common import getUnicode
from lib.core.common import serializeObject
from lib.core.common import unserializeObject
from lib.core.common import getUnicode, serializeObject, unserializeObject
from lib.core.data import logger
from lib.core.exception import sqlmapDataException
from lib.core.settings import HASHDB_FLUSH_RETRIES
from lib.core.settings import HASHDB_FLUSH_THRESHOLD
from lib.core.settings import UNICODE_ENCODING
from lib.core.threads import getCurrentThreadData
from lib.core.threads import getCurrentThreadName
from lib.core.settings import HASHDB_FLUSH_RETRIES, HASHDB_FLUSH_THRESHOLD, UNICODE_ENCODING
from lib.core.threads import getCurrentThreadData, getCurrentThreadName
class HashDB(object):
def __init__(self, filepath):

20
lib/utils/pivotdumptable.py
View File

@ -7,21 +7,11 @@ See the file 'doc/COPYING' for copying permission
from extra.safe2bin.safe2bin import safechardecode
from lib.core.bigarray import BigArray
from lib.core.common import Backend
from lib.core.common import decodeIntToUnicode
from lib.core.common import isNoneValue
from lib.core.common import isNumPosStrValue
from lib.core.common import singleTimeWarnMessage
from lib.core.common import unArrayizeValue
from lib.core.common import unsafeSQLIdentificatorNaming
from lib.core.data import conf
from lib.core.data import logger
from lib.core.data import queries
from lib.core.enums import CHARSET_TYPE
from lib.core.enums import EXPECTED
from lib.core.exception import sqlmapConnectionException
from lib.core.exception import sqlmapNoneDataException
from lib.core.settings import INFERENCE_UNKNOWN_CHAR
from lib.core.common import Backend, isNoneValue, isNumPosStrValue, singleTimeWarnMessage, unArrayizeValue, \
unsafeSQLIdentificatorNaming
from lib.core.data import conf, logger, queries
from lib.core.enums import CHARSET_TYPE, EXPECTED
from lib.core.exception import sqlmapConnectionException, sqlmapNoneDataException
from lib.core.settings import MAX_INT
from lib.core.unescaper import unescaper
from lib.request import inject

2
plugins/__init__.py
View File

@ -4,5 +4,3 @@
Copyright (c) 2006-2012 sqlmap developers (http://sqlmap.org/)
See the file 'doc/COPYING' for copying permission
"""
pass

1
plugins/dbms/__init__.py
View File

@ -5,4 +5,3 @@ Copyright (c) 2006-2012 sqlmap developers (http://sqlmap.org/)
See the file 'doc/COPYING' for copying permission
"""
pass

2
plugins/dbms/access/connector.py
View File

@ -7,7 +7,7 @@ See the file 'doc/COPYING' for copying permission
try:
import pyodbc
except ImportError, _:
except ImportError:
pass
import logging

17
plugins/dbms/access/fingerprint.py
View File

@ -7,15 +7,8 @@ See the file 'doc/COPYING' for copying permission
import re
from lib.core.common import Backend
from lib.core.common import Format
from lib.core.common import getCurrentThreadData
from lib.core.common import randomInt
from lib.core.common import randomStr
from lib.core.common import wasLastRequestDBMSError
from lib.core.data import conf
from lib.core.data import kb
from lib.core.data import logger
from lib.core.common import Backend, Format, getCurrentThreadData, randomInt, randomStr, wasLastRequestDBMSError
from lib.core.data import conf, kb, logger
from lib.core.enums import DBMS
from lib.core.session import setDbms
from lib.core.settings import ACCESS_ALIASES
@ -68,7 +61,8 @@ class Fingerprint(GenericFingerprint):
table = table[1:]
randInt = randomInt()
result = inject.checkBooleanExpression("EXISTS(SELECT * FROM %s WHERE %d=%d)" % (table, randInt, randInt))
result = inject.checkBooleanExpression(
"EXISTS(SELECT * FROM %s WHERE %d=%d)" % (table, randInt, randInt))
if result is None:
result = False
@ -93,7 +87,8 @@ class Fingerprint(GenericFingerprint):
randInt = randomInt()
randStr = randomStr()
_ = inject.checkBooleanExpression("EXISTS(SELECT * FROM %s.%s WHERE %d=%d)" % (randStr, randStr, randInt, randInt))
_ = inject.checkBooleanExpression(
"EXISTS(SELECT * FROM %s.%s WHERE %d=%d)" % (randStr, randStr, randInt, randInt))
if wasLastRequestDBMSError():
threadData = getCurrentThreadData()

3
plugins/dbms/db2/connector.py
View File

@ -12,8 +12,7 @@ except ImportError, _:
import logging
from lib.core.data import conf
from lib.core.data import logger
from lib.core.data import conf, logger
from lib.core.exception import sqlmapConnectionException
from plugins.generic.connector import Connector as GenericConnector

1
plugins/dbms/db2/enumeration.py
View File

@ -7,7 +7,6 @@ Copyright (c) 2006-2012 sqlmap developers (http://sqlmap.org/)
See the file 'doc/COPYING' for copying permission
"""
from lib.core.data import logger
from plugins.generic.enumeration import Enumeration as GenericEnumeration

11
plugins/dbms/db2/fingerprint.py
View File

@ -6,14 +6,9 @@ See the file 'doc/COPYING' for copying permission
"""
from lib.core.common import Backend
from lib.core.common import Format
from lib.core.common import randomInt
from lib.core.data import conf
from lib.core.data import kb
from lib.core.data import logger
from lib.core.enums import DBMS
from lib.core.enums import OS
from lib.core.common import Backend, Format, randomInt
from lib.core.data import conf, kb, logger
from lib.core.enums import DBMS, OS
from lib.core.session import setDbms
from lib.core.settings import DB2_ALIASES
from lib.request import inject

14
plugins/dbms/firebird/fingerprint.py
View File

@ -7,19 +7,11 @@ See the file 'doc/COPYING' for copying permission
import re
from lib.core.common import Backend
from lib.core.common import Format
from lib.core.common import getUnicode
from lib.core.common import randomInt
from lib.core.common import randomRange
from lib.core.data import conf
from lib.core.data import kb
from lib.core.data import logger
from lib.core.common import Backend, Format, getUnicode, randomInt, randomRange
from lib.core.data import conf, kb, logger
from lib.core.enums import DBMS
from lib.core.session import setDbms
from lib.core.settings import FIREBIRD_ALIASES
from lib.core.settings import METADB_SUFFIX
from lib.core.settings import UNKNOWN_DBMS_VERSION
from lib.core.settings import FIREBIRD_ALIASES, METADB_SUFFIX, UNKNOWN_DBMS_VERSION
from lib.request import inject
from plugins.generic.fingerprint import Fingerprint as GenericFingerprint

4
plugins/dbms/maxdb/fingerprint.py
View File

@ -8,9 +8,7 @@ See the file 'doc/COPYING' for copying permission
from lib.core.agent import agent
from lib.core.common import Backend
from lib.core.common import Format
from lib.core.data import conf
from lib.core.data import kb
from lib.core.data import logger
from lib.core.data import conf, kb, logger
from lib.core.enums import DBMS
from lib.core.session import setDbms
from lib.core.settings import MAXDB_ALIASES

20
plugins/dbms/mssqlserver/enumeration.py
View File

@ -6,22 +6,10 @@ See the file 'doc/COPYING' for copying permission
"""
from lib.core.agent import agent
from lib.core.common import arrayizeValue
from lib.core.common import Backend
from lib.core.common import getLimitRange
from lib.core.common import isInferenceAvailable
from lib.core.common import isNoneValue
from lib.core.common import isNumPosStrValue
from lib.core.common import isTechniqueAvailable
from lib.core.common import safeSQLIdentificatorNaming
from lib.core.common import unsafeSQLIdentificatorNaming
from lib.core.data import conf
from lib.core.data import kb
from lib.core.data import logger
from lib.core.data import queries
from lib.core.enums import CHARSET_TYPE
from lib.core.enums import EXPECTED
from lib.core.enums import PAYLOAD
from lib.core.common import arrayizeValue, Backend, getLimitRange, isInferenceAvailable, isNoneValue,\
isNumPosStrValue, isTechniqueAvailable, safeSQLIdentificatorNaming, unsafeSQLIdentificatorNaming
from lib.core.data import conf, kb, logger, queries
from lib.core.enums import CHARSET_TYPE, EXPECTED, PAYLOAD
from lib.core.exception import sqlmapNoneDataException
from lib.core.settings import CURRENT_DB
from lib.request import inject

18
plugins/dbms/mssqlserver/filesystem.py
View File

@ -9,20 +9,12 @@ import codecs
import ntpath
import os
from lib.core.common import getLimitRange
from lib.core.common import isNumPosStrValue
from lib.core.common import isTechniqueAvailable
from lib.core.common import posixToNtSlashes
from lib.core.common import randomStr
from lib.core.common import readInput
from lib.core.common import getLimitRange, isNumPosStrValue, isTechniqueAvailable, posixToNtSlashes, \
randomStr, readInput
from lib.core.convert import hexencode
from lib.core.data import conf
from lib.core.data import logger
from lib.core.enums import CHARSET_TYPE
from lib.core.enums import EXPECTED
from lib.core.enums import PAYLOAD
from lib.core.exception import sqlmapNoneDataException
from lib.core.exception import sqlmapUnsupportedFeatureException
from lib.core.data import conf, logger
from lib.core.enums import CHARSET_TYPE, EXPECTED, PAYLOAD
from lib.core.exception import sqlmapNoneDataException, sqlmapUnsupportedFeatureException
from lib.request import inject
from plugins.generic.filesystem import Filesystem as GenericFilesystem

12
plugins/dbms/mssqlserver/fingerprint.py
View File

@ -5,15 +5,9 @@ Copyright (c) 2006-2012 sqlmap developers (http://sqlmap.org/)
See the file 'doc/COPYING' for copying permission
"""
from lib.core.common import Backend
from lib.core.common import Format
from lib.core.common import getUnicode
from lib.core.common import randomInt
from lib.core.data import conf
from lib.core.data import kb
from lib.core.data import logger
from lib.core.enums import DBMS
from lib.core.enums import OS
from lib.core.common import Backend, Format, getUnicode, randomInt
from lib.core.data import conf, kb, logger
from lib.core.enums import DBMS, OS
from lib.core.session import setDbms
from lib.core.settings import MSSQL_ALIASES
from lib.request import inject

5
plugins/dbms/mysql/connector.py
View File

@ -7,13 +7,12 @@ See the file 'doc/COPYING' for copying permission
try:
import pymysql
except ImportError, _:
except ImportError:
pass
import logging
from lib.core.data import conf
from lib.core.data import logger
from lib.core.data import conf, logger
from lib.core.exception import sqlmapConnectionException
from plugins.generic.connector import Connector as GenericConnector

14
plugins/dbms/mysql/filesystem.py
View File

@ -5,17 +5,9 @@ Copyright (c) 2006-2012 sqlmap developers (http://sqlmap.org/)
See the file 'doc/COPYING' for copying permission
"""
from lib.core.common import isNumPosStrValue
from lib.core.common import isTechniqueAvailable
from lib.core.common import randomStr
from lib.core.common import singleTimeWarnMessage
from lib.core.data import conf
from lib.core.data import kb
from lib.core.data import logger
from lib.core.enums import CHARSET_TYPE
from lib.core.enums import EXPECTED
from lib.core.enums import PAYLOAD
from lib.core.enums import PLACE
from lib.core.common import isNumPosStrValue, isTechniqueAvailable, randomStr, singleTimeWarnMessage
from lib.core.data import conf, kb, logger
from lib.core.enums import CHARSET_TYPE, EXPECTED, PAYLOAD, PLACE
from lib.core.exception import sqlmapNoneDataException
from lib.request import inject
from lib.techniques.union.use import unionUse

12
plugins/dbms/mysql/fingerprint.py
View File

@ -7,15 +7,9 @@ See the file 'doc/COPYING' for copying permission
import re
from lib.core.common import Backend
from lib.core.common import Format
from lib.core.common import getUnicode
from lib.core.common import randomInt
from lib.core.data import conf
from lib.core.data import kb
from lib.core.data import logger
from lib.core.enums import DBMS
from lib.core.enums import OS
from lib.core.common import Backend, Format, getUnicode, randomInt
from lib.core.data import conf, kb, logger
from lib.core.enums import DBMS, OS
from lib.core.session import setDbms
from lib.core.settings import MYSQL_ALIASES
from lib.core.settings import UNKNOWN_DBMS_VERSION

17
plugins/dbms/mysql/takeover.py
View File

@ -8,17 +8,9 @@ See the file 'doc/COPYING' for copying permission
import re
from lib.core.agent import agent
from lib.core.common import Backend
from lib.core.common import isTechniqueAvailable
from lib.core.common import normalizePath
from lib.core.common import ntToPosixSlashes
from lib.core.common import randomStr
from lib.core.common import unArrayizeValue
from lib.core.data import kb
from lib.core.data import logger
from lib.core.data import paths
from lib.core.enums import OS
from lib.core.enums import PAYLOAD
from lib.core.common import Backend, isTechniqueAvailable, normalizePath, ntToPosixSlashes, randomStr, unArrayizeValue
from lib.core.data import kb, logger, paths
from lib.core.enums import OS, PAYLOAD
from lib.request import inject
from lib.request.connect import Connect as Request
from plugins.generic.takeover import Takeover as GenericTakeover
@ -93,7 +85,8 @@ class Takeover(GenericTakeover):
# Reference: http://dev.mysql.com/doc/refman/5.1/en/create-function-udf.html
inject.goStacked("DROP FUNCTION %s" % udf)
inject.goStacked("CREATE FUNCTION %s RETURNS %s SONAME '%s.%s'" % (udf, ret, self.udfSharedLibName, self.udfSharedLibExt))
inject.goStacked("CREATE FUNCTION %s RETURNS %s SONAME '%s.%s'" % (
udf, ret, self.udfSharedLibName, self.udfSharedLibExt))
self.createdUdf.add(udf)
else:

3
plugins/dbms/oracle/connector.py
View File

@ -40,7 +40,8 @@ class Connector(GenericConnector):
self.password = utf8encode(self.password)
try:
self.connector = cx_Oracle.connect(dsn=self.__dsn, user=self.user, password=self.password, mode=cx_Oracle.SYSDBA)
self.connector = cx_Oracle.connect(dsn=self.__dsn, user=self.user, password=self.password,
mode=cx_Oracle.SYSDBA)
logger.info("successfully connected as SYSDBA")
except (cx_Oracle.OperationalError, cx_Oracle.DatabaseError), _:
try:

26
plugins/dbms/oracle/enumeration.py
View File

@ -5,20 +5,10 @@ Copyright (c) 2006-2012 sqlmap developers (http://sqlmap.org/)
See the file 'doc/COPYING' for copying permission
"""
from lib.core.common import Backend
from lib.core.common import getLimitRange
from lib.core.common import isAdminFromPrivileges
from lib.core.common import isInferenceAvailable
from lib.core.common import isNoneValue
from lib.core.common import isNumPosStrValue
from lib.core.common import isTechniqueAvailable
from lib.core.data import conf
from lib.core.data import kb
from lib.core.data import logger
from lib.core.data import queries
from lib.core.enums import CHARSET_TYPE
from lib.core.enums import EXPECTED
from lib.core.enums import PAYLOAD
from lib.core.common import Backend, getLimitRange, isAdminFromPrivileges, isInferenceAvailable, isNoneValue,\
isNumPosStrValue, isTechniqueAvailable
from lib.core.data import conf, kb, logger, queries
from lib.core.enums import CHARSET_TYPE, EXPECTED, PAYLOAD
from lib.core.exception import sqlmapNoneDataException
from lib.request import inject
from plugins.generic.enumeration import Enumeration as GenericEnumeration
@ -41,7 +31,8 @@ class Enumeration(GenericEnumeration):
# Set containing the list of DBMS administrators
areAdmins = set()
if any(isTechniqueAvailable(_) for _ in (PAYLOAD.TECHNIQUE.UNION, PAYLOAD.TECHNIQUE.ERROR, PAYLOAD.TECHNIQUE.QUERY)) or conf.direct:
if any(isTechniqueAvailable(_) for _ in (
PAYLOAD.TECHNIQUE.UNION, PAYLOAD.TECHNIQUE.ERROR, PAYLOAD.TECHNIQUE.QUERY)) or conf.direct:
if query2:
query = rootQuery.inband.query2
condition = rootQuery.inband.condition2
@ -119,7 +110,8 @@ class Enumeration(GenericEnumeration):
query = rootQuery.blind.count2 % queryUser
else:
query = rootQuery.blind.count % queryUser
count = inject.getValue(query, union=False, error=False, expected=EXPECTED.INT, charsetType=CHARSET_TYPE.DIGITS)
count = inject.getValue(query, union=False, error=False, expected=EXPECTED.INT,
charsetType=CHARSET_TYPE.DIGITS)
if not isNumPosStrValue(count):
if count != 0 and not query2:
@ -164,4 +156,4 @@ class Enumeration(GenericEnumeration):
errMsg += "for the database users"
raise sqlmapNoneDataException, errMsg
return ( kb.data.cachedUsersRoles, areAdmins )
return kb.data.cachedUsersRoles, areAdmins

7
plugins/dbms/oracle/fingerprint.py
View File

@ -7,11 +7,8 @@ See the file 'doc/COPYING' for copying permission
import re
from lib.core.common import Backend
from lib.core.common import Format
from lib.core.data import conf
from lib.core.data import kb
from lib.core.data import logger
from lib.core.common import Backend, Format
from lib.core.data import conf, kb, logger
from lib.core.enums import DBMS
from lib.core.session import setDbms
from lib.core.settings import ORACLE_ALIASES

2
plugins/dbms/postgresql/connector.py
View File

@ -10,7 +10,7 @@ try:
import psycopg2.extensions
psycopg2.extensions.register_type(psycopg2.extensions.UNICODE)
psycopg2.extensions.register_type(psycopg2.extensions.UNICODEARRAY)
except ImportError, _:
except ImportError:
pass
from lib.core.data import logger

3
plugins/dbms/postgresql/filesystem.py
View File

@ -8,8 +8,7 @@ See the file 'doc/COPYING' for copying permission
import os
from lib.core.common import randomInt
from lib.core.data import kb
from lib.core.data import logger
from lib.core.data import kb, logger
from lib.core.exception import sqlmapUnsupportedFeatureException
from lib.request import inject
from plugins.generic.filesystem import Filesystem as GenericFilesystem

15
plugins/dbms/postgresql/fingerprint.py
View File

@ -5,18 +5,11 @@ Copyright (c) 2006-2012 sqlmap developers (http://sqlmap.org/)
See the file 'doc/COPYING' for copying permission
"""
from lib.core.common import Backend
from lib.core.common import Format
from lib.core.common import getUnicode
from lib.core.common import randomInt
from lib.core.data import conf
from lib.core.data import kb
from lib.core.data import logger
from lib.core.enums import DBMS
from lib.core.enums import OS
from lib.core.common import Backend, Format, getUnicode, randomInt
from lib.core.data import conf, kb, logger
from lib.core.enums import DBMS, OS
from lib.core.session import setDbms
from lib.core.settings import PGSQL_ALIASES
from lib.core.settings import PGSQL_SYSTEM_DBS
from lib.core.settings import PGSQL_ALIASES, PGSQL_SYSTEM_DBS
from lib.request import inject
from plugins.generic.fingerprint import Fingerprint as GenericFingerprint

4
plugins/dbms/postgresql/takeover.py
View File

@ -7,9 +7,7 @@ See the file 'doc/COPYING' for copying permission
from lib.core.common import Backend
from lib.core.common import randomStr
from lib.core.data import kb
from lib.core.data import logger
from lib.core.data import paths
from lib.core.data import kb, logger, paths
from lib.core.enums import OS
from lib.core.exception import sqlmapUnsupportedFeatureException
from lib.request import inject

8
plugins/dbms/sqlite/connector.py
View File

@ -7,16 +7,14 @@ See the file 'doc/COPYING' for copying permission
try:
import sqlite3
except ImportError, _:
except ImportError:
pass
import logging
from lib.core.convert import utf8encode
from lib.core.data import conf
from lib.core.data import logger
from lib.core.exception import sqlmapConnectionException
from lib.core.exception import sqlmapMissingDependence
from lib.core.data import conf, logger
from lib.core.exception import sqlmapConnectionException, sqlmapMissingDependence
from plugins.generic.connector import Connector as GenericConnector

10
plugins/dbms/sqlite/fingerprint.py
View File

@ -5,15 +5,11 @@ Copyright (c) 2006-2012 sqlmap developers (http://sqlmap.org/)
See the file 'doc/COPYING' for copying permission
"""
from lib.core.common import Backend
from lib.core.common import Format
from lib.core.data import conf
from lib.core.data import kb
from lib.core.data import logger
from lib.core.common import Backend, Format
from lib.core.data import conf, kb, logger
from lib.core.enums import DBMS
from lib.core.session import setDbms
from lib.core.settings import METADB_SUFFIX
from lib.core.settings import SQLITE_ALIASES
from lib.core.settings import METADB_SUFFIX, SQLITE_ALIASES
from lib.request import inject
from plugins.generic.fingerprint import Fingerprint as GenericFingerprint

3
plugins/dbms/sybase/connector.py
View File

@ -40,7 +40,8 @@ class Connector(GenericConnector):
self.initConnection()
try:
self.connector = pymssql.connect(host="%s:%d" % (self.hostname, self.port), user=self.user, password=self.password, database=self.db, login_timeout=conf.timeout, timeout=conf.timeout)
self.connector = pymssql.connect(host="%s:%d" % (self.hostname, self.port), user=self.user,
password=self.password, database=self.db, login_timeout=conf.timeout, timeout=conf.timeout)
except pymssql.OperationalError, msg:
raise sqlmapConnectionException, msg

15
plugins/dbms/sybase/enumeration.py
View File

@ -5,20 +5,11 @@ Copyright (c) 2006-2012 sqlmap developers (http://sqlmap.org/)
See the file 'doc/COPYING' for copying permission
"""
from lib.core.common import Backend
from lib.core.common import filterPairValues
from lib.core.common import isTechniqueAvailable
from lib.core.common import randomStr
from lib.core.common import safeSQLIdentificatorNaming
from lib.core.common import unsafeSQLIdentificatorNaming
from lib.core.data import conf
from lib.core.data import kb
from lib.core.data import logger
from lib.core.data import queries
from lib.core.common import Backend, filterPairValues, isTechniqueAvailable, randomStr, safeSQLIdentificatorNaming, unsafeSQLIdentificatorNaming
from lib.core.data import conf, kb, logger, queries
from lib.core.dicts import SYBASE_TYPES
from lib.core.enums import PAYLOAD
from lib.core.exception import sqlmapMissingMandatoryOptionException
from lib.core.exception import sqlmapNoneDataException
from lib.core.exception import sqlmapMissingMandatoryOptionException, sqlmapNoneDataException
from lib.core.settings import CURRENT_DB
from lib.utils.pivotdumptable import pivotDumpTable
from plugins.generic.enumeration import Enumeration as GenericEnumeration

10
plugins/dbms/sybase/fingerprint.py
View File

@ -5,13 +5,9 @@ Copyright (c) 2006-2012 sqlmap developers (http://sqlmap.org/)
See the file 'doc/COPYING' for copying permission
"""
from lib.core.common import Backend
from lib.core.common import Format
from lib.core.data import conf
from lib.core.data import kb
from lib.core.data import logger
from lib.core.enums import DBMS
from lib.core.enums import OS
from lib.core.common import Backend, Format
from lib.core.data import conf, kb, logger
from lib.core.enums import DBMS, OS
from lib.core.session import setDbms
from lib.core.settings import SYBASE_ALIASES
from lib.request import inject

2
plugins/generic/__init__.py
View File

@ -4,5 +4,3 @@
Copyright (c) 2006-2012 sqlmap developers (http://sqlmap.org/)
See the file 'doc/COPYING' for copying permission
"""
pass

10
plugins/generic/connector.py
View File

@ -7,14 +7,12 @@ See the file 'doc/COPYING' for copying permission
import os
from lib.core.data import conf
from lib.core.data import logger
from lib.core.exception import sqlmapFilePathException
from lib.core.exception import sqlmapUndefinedMethod
from lib.core.data import conf, logger
from lib.core.exception import sqlmapFilePathException, sqlmapUndefinedMethod
class Connector:
class Connector(object):
"""
This class defines generic dbms protocol functionalities for plugins.
This class defines generic dbms protocol functionality for plugins.
"""
def __init__(self):

12
plugins/generic/custom.py
View File

@ -7,22 +7,16 @@ See the file 'doc/COPYING' for copying permission
import re
from lib.core.common import Backend
from lib.core.common import dataToStdout
from lib.core.common import getSQLSnippet
from lib.core.common import isTechniqueAvailable
from lib.core.common import Backend, dataToStdout, getSQLSnippet, isTechniqueAvailable
from lib.core.convert import utf8decode
from lib.core.data import conf
from lib.core.data import kb
from lib.core.data import logger
from lib.core.data import queries
from lib.core.data import conf, logger
from lib.core.dicts import SQL_STATEMENTS
from lib.core.enums import PAYLOAD
from lib.core.settings import PARAMETER_SPLITTING_REGEX
from lib.core.shell import autoCompletion
from lib.request import inject
class Custom:
class Custom(object):
"""
This class defines custom enumeration functionalities for plugins.
"""

39
plugins/generic/databases.py
View File

@ -6,41 +6,18 @@ See the file 'doc/COPYING' for copying permission
"""
from lib.core.agent import agent
from lib.core.common import arrayizeValue
from lib.core.common import Backend
from lib.core.common import filterPairValues
from lib.core.common import getLimitRange
from lib.core.common import isInferenceAvailable
from lib.core.common import isListLike
from lib.core.common import isNoneValue
from lib.core.common import isNumPosStrValue
from lib.core.common import isTechniqueAvailable
from lib.core.common import parseSqliteTableSchema
from lib.core.common import popValue
from lib.core.common import pushValue
from lib.core.common import readInput
from lib.core.common import safeSQLIdentificatorNaming
from lib.core.common import unArrayizeValue
from lib.core.common import unsafeSQLIdentificatorNaming
from lib.core.data import conf
from lib.core.data import kb
from lib.core.data import logger
from lib.core.data import paths
from lib.core.data import queries
from lib.core.common import arrayizeValue, Backend, filterPairValues, getLimitRange,\
isInferenceAvailable, isListLike, isNoneValue, isNumPosStrValue, isTechniqueAvailable, parseSqliteTableSchema,\
popValue, pushValue, readInput, safeSQLIdentificatorNaming, unArrayizeValue, unsafeSQLIdentificatorNaming
from lib.core.data import conf, kb, paths, logger, queries
from lib.core.dicts import FIREBIRD_TYPES
from lib.core.enums import CHARSET_TYPE
from lib.core.enums import DBMS
from lib.core.enums import EXPECTED
from lib.core.enums import PAYLOAD
from lib.core.exception import sqlmapMissingMandatoryOptionException
from lib.core.exception import sqlmapNoneDataException
from lib.core.exception import sqlmapUserQuitException
from lib.core.enums import CHARSET_TYPE, DBMS, EXPECTED, PAYLOAD
from lib.core.exception import sqlmapMissingMandatoryOptionException, sqlmapNoneDataException, sqlmapUserQuitException
from lib.core.settings import CURRENT_DB
from lib.request import inject
from lib.techniques.brute.use import columnExists
from lib.techniques.brute.use import tableExists
from lib.techniques.brute.use import columnExists, tableExists
class Databases:
class Databases(object):
"""
This class defines databases' enumeration functionalities for plugins.
"""

Some files were not shown because too many files have changed in this diff Show More