From 9766f6025ea0f311953cb9ec505a7e56be3a9bc7 Mon Sep 17 00:00:00 2001 From: Bernardo Damele Date: Wed, 9 Jan 2013 22:09:50 +0000 Subject: [PATCH] logging is now handled in a separate file descriptor :) - issue #297 --- lib/parse/cmdline.py | 2 +- lib/utils/api.py | 38 ++++++++++++++++++-------------------- 2 files changed, 19 insertions(+), 21 deletions(-) diff --git a/lib/parse/cmdline.py b/lib/parse/cmdline.py index 945fad0ad..f3b02981a 100644 --- a/lib/parse/cmdline.py +++ b/lib/parse/cmdline.py @@ -664,7 +664,7 @@ def cmdLineParser(): help="Simple wizard interface for beginner users") # Hidden and/or experimental options - parser.add_option("--pickle", dest="pickledOptions", help=SUPPRESS_HELP) + parser.add_option("--pickled-options", dest="pickledOptions", help=SUPPRESS_HELP) parser.add_option("--profile", dest="profile", action="store_true", help=SUPPRESS_HELP) diff --git a/lib/utils/api.py b/lib/utils/api.py index 7106814bc..13341a034 100644 --- a/lib/utils/api.py +++ b/lib/utils/api.py @@ -19,16 +19,15 @@ from subprocess import Popen from lib.controller.controller import start from lib.core.common import unArrayizeValue from lib.core.convert import base64pickle +from lib.core.convert import base64unpickle from lib.core.convert import hexencode +from lib.core.convert import jsonize from lib.core.convert import stdoutencode from lib.core.data import paths -from lib.core.datatype import AttribDict from lib.core.data import kb from lib.core.data import logger +from lib.core.datatype import AttribDict from lib.core.defaults import _defaults -from lib.core.log import FORMATTER -from lib.core.log import LOGGER_HANDLER -from lib.core.log import LOGGER_OUTPUT from lib.core.exception import SqlmapMissingDependence from lib.core.optiondict import optDict from lib.core.option import init @@ -49,13 +48,11 @@ RESTAPI_SERVER_PORT = 8775 # Local global variables adminid = "" +pipes = dict() procs = dict() tasks = AttribDict() # Generic functions -def jsonize(data): - return json.dumps(data, sort_keys=False, indent=4) - def is_admin(taskid): global adminid if adminid != taskid: @@ -254,6 +251,7 @@ def scan_start(taskid): """ global tasks global procs + global pipes if taskid not in tasks: abort(500, "Invalid task ID") @@ -269,8 +267,13 @@ def scan_start(taskid): # Launch sqlmap engine in a separate thread logger.debug("starting a scan for task ID %s" % taskid) - procs[taskid] = Popen("python sqlmap.py --pickle %s" % base64pickle(tasks[taskid]), shell=True, stdin=PIPE, stdout=PIPE, stderr=PIPE) - stdout, stderr = procs[taskid].communicate() + pipes[taskid] = os.pipe() + + # Provide sqlmap engine with the writable pipe for logging + tasks[taskid]["fdLog"] = pipes[taskid][1] + + # Launch sqlmap engine + procs[taskid] = Popen("python sqlmap.py --pickled-options %s" % base64pickle(tasks[taskid]), shell=True, stdin=PIPE, stdout=PIPE, stderr=PIPE, close_fds=False) return jsonize({"success": True}) @@ -279,17 +282,17 @@ def scan_output(taskid): """ Read the standard output of sqlmap core execution """ + global pipes global tasks if taskid not in tasks: abort(500, "Invalid task ID") - sys.stdout.seek(0) - output = sys.stdout.read() - sys.stdout.flush() - sys.stdout.truncate(0) + stdout, stderr = procs[taskid].communicate() - return jsonize({"output": output}) + print "stderr:", stderr + + return jsonize({"stdout": stdout, "stderr": stderr}) @get("/scan//delete") def scan_delete(taskid): @@ -315,12 +318,7 @@ def scan_log(taskid): if taskid not in tasks: abort(500, "Invalid task ID") - LOGGER_OUTPUT.seek(0) - output = LOGGER_OUTPUT.read() - LOGGER_OUTPUT.flush() - LOGGER_OUTPUT.truncate(0) - - return jsonize({"log": output}) + return jsonize({"log": base64unpickle(os.read(pipes[taskid][0], 100000))}) # Function to handle files inside the output directory @get("/download///")