mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2024-11-24 10:33:47 +03:00
Fixes #2471
This commit is contained in:
parent
c74756c3bc
commit
9b3d229294
|
@ -161,7 +161,7 @@ def _showInjections():
|
||||||
else:
|
else:
|
||||||
header = "sqlmap resumed the following injection point(s) from stored session"
|
header = "sqlmap resumed the following injection point(s) from stored session"
|
||||||
|
|
||||||
if hasattr(conf, "api"):
|
if conf.api:
|
||||||
conf.dumper.string("", {"url": conf.url, "query": conf.parameters.get(PLACE.GET), "data": conf.parameters.get(PLACE.POST)}, content_type=CONTENT_TYPE.TARGET)
|
conf.dumper.string("", {"url": conf.url, "query": conf.parameters.get(PLACE.GET), "data": conf.parameters.get(PLACE.POST)}, content_type=CONTENT_TYPE.TARGET)
|
||||||
conf.dumper.string("", kb.injections, content_type=CONTENT_TYPE.TECHNIQUES)
|
conf.dumper.string("", kb.injections, content_type=CONTENT_TYPE.TECHNIQUES)
|
||||||
else:
|
else:
|
||||||
|
|
|
@ -270,7 +270,7 @@ class Format(object):
|
||||||
infoApi = {}
|
infoApi = {}
|
||||||
|
|
||||||
if info and "type" in info:
|
if info and "type" in info:
|
||||||
if hasattr(conf, "api"):
|
if conf.api:
|
||||||
infoApi["%s operating system" % target] = info
|
infoApi["%s operating system" % target] = info
|
||||||
else:
|
else:
|
||||||
infoStr += "%s operating system: %s" % (target, Format.humanize(info["type"]))
|
infoStr += "%s operating system: %s" % (target, Format.humanize(info["type"]))
|
||||||
|
@ -288,12 +288,12 @@ class Format(object):
|
||||||
infoStr += " (%s)" % Format.humanize(info["codename"])
|
infoStr += " (%s)" % Format.humanize(info["codename"])
|
||||||
|
|
||||||
if "technology" in info:
|
if "technology" in info:
|
||||||
if hasattr(conf, "api"):
|
if conf.api:
|
||||||
infoApi["web application technology"] = Format.humanize(info["technology"], ", ")
|
infoApi["web application technology"] = Format.humanize(info["technology"], ", ")
|
||||||
else:
|
else:
|
||||||
infoStr += "\nweb application technology: %s" % Format.humanize(info["technology"], ", ")
|
infoStr += "\nweb application technology: %s" % Format.humanize(info["technology"], ", ")
|
||||||
|
|
||||||
if hasattr(conf, "api"):
|
if conf.api:
|
||||||
return infoApi
|
return infoApi
|
||||||
else:
|
else:
|
||||||
return infoStr.lstrip()
|
return infoStr.lstrip()
|
||||||
|
@ -896,7 +896,7 @@ def dataToStdout(data, forceOutput=False, bold=False, content_type=None, status=
|
||||||
message = data
|
message = data
|
||||||
|
|
||||||
try:
|
try:
|
||||||
if hasattr(conf, "api"):
|
if conf.get("api"):
|
||||||
sys.stdout.write(message, status, content_type)
|
sys.stdout.write(message, status, content_type)
|
||||||
else:
|
else:
|
||||||
sys.stdout.write(setColor(message, bold))
|
sys.stdout.write(setColor(message, bold))
|
||||||
|
|
|
@ -63,7 +63,7 @@ class Dump(object):
|
||||||
self._lock = threading.Lock()
|
self._lock = threading.Lock()
|
||||||
|
|
||||||
def _write(self, data, newline=True, console=True, content_type=None):
|
def _write(self, data, newline=True, console=True, content_type=None):
|
||||||
if hasattr(conf, "api"):
|
if conf.api:
|
||||||
dataToStdout(data, content_type=content_type, status=CONTENT_STATUS.COMPLETE)
|
dataToStdout(data, content_type=content_type, status=CONTENT_STATUS.COMPLETE)
|
||||||
return
|
return
|
||||||
|
|
||||||
|
@ -110,7 +110,7 @@ class Dump(object):
|
||||||
def string(self, header, data, content_type=None, sort=True):
|
def string(self, header, data, content_type=None, sort=True):
|
||||||
kb.stickyLevel = None
|
kb.stickyLevel = None
|
||||||
|
|
||||||
if hasattr(conf, "api"):
|
if conf.api:
|
||||||
self._write(data, content_type=content_type)
|
self._write(data, content_type=content_type)
|
||||||
return
|
return
|
||||||
|
|
||||||
|
@ -144,7 +144,7 @@ class Dump(object):
|
||||||
except:
|
except:
|
||||||
pass
|
pass
|
||||||
|
|
||||||
if hasattr(conf, "api"):
|
if conf.api:
|
||||||
self._write(elements, content_type=content_type)
|
self._write(elements, content_type=content_type)
|
||||||
return
|
return
|
||||||
|
|
||||||
|
@ -193,7 +193,7 @@ class Dump(object):
|
||||||
users = userSettings.keys()
|
users = userSettings.keys()
|
||||||
users.sort(key=lambda x: x.lower() if isinstance(x, basestring) else x)
|
users.sort(key=lambda x: x.lower() if isinstance(x, basestring) else x)
|
||||||
|
|
||||||
if hasattr(conf, "api"):
|
if conf.api:
|
||||||
self._write(userSettings, content_type=content_type)
|
self._write(userSettings, content_type=content_type)
|
||||||
return
|
return
|
||||||
|
|
||||||
|
@ -227,7 +227,7 @@ class Dump(object):
|
||||||
|
|
||||||
def dbTables(self, dbTables):
|
def dbTables(self, dbTables):
|
||||||
if isinstance(dbTables, dict) and len(dbTables) > 0:
|
if isinstance(dbTables, dict) and len(dbTables) > 0:
|
||||||
if hasattr(conf, "api"):
|
if conf.api:
|
||||||
self._write(dbTables, content_type=CONTENT_TYPE.TABLES)
|
self._write(dbTables, content_type=CONTENT_TYPE.TABLES)
|
||||||
return
|
return
|
||||||
|
|
||||||
|
@ -270,7 +270,7 @@ class Dump(object):
|
||||||
|
|
||||||
def dbTableColumns(self, tableColumns, content_type=None):
|
def dbTableColumns(self, tableColumns, content_type=None):
|
||||||
if isinstance(tableColumns, dict) and len(tableColumns) > 0:
|
if isinstance(tableColumns, dict) and len(tableColumns) > 0:
|
||||||
if hasattr(conf, "api"):
|
if conf.api:
|
||||||
self._write(tableColumns, content_type=content_type)
|
self._write(tableColumns, content_type=content_type)
|
||||||
return
|
return
|
||||||
|
|
||||||
|
@ -344,7 +344,7 @@ class Dump(object):
|
||||||
|
|
||||||
def dbTablesCount(self, dbTables):
|
def dbTablesCount(self, dbTables):
|
||||||
if isinstance(dbTables, dict) and len(dbTables) > 0:
|
if isinstance(dbTables, dict) and len(dbTables) > 0:
|
||||||
if hasattr(conf, "api"):
|
if conf.api:
|
||||||
self._write(dbTables, content_type=CONTENT_TYPE.COUNT)
|
self._write(dbTables, content_type=CONTENT_TYPE.COUNT)
|
||||||
return
|
return
|
||||||
|
|
||||||
|
@ -403,7 +403,7 @@ class Dump(object):
|
||||||
db = "All"
|
db = "All"
|
||||||
table = tableValues["__infos__"]["table"]
|
table = tableValues["__infos__"]["table"]
|
||||||
|
|
||||||
if hasattr(conf, "api"):
|
if conf.api:
|
||||||
self._write(tableValues, content_type=CONTENT_TYPE.DUMP_TABLE)
|
self._write(tableValues, content_type=CONTENT_TYPE.DUMP_TABLE)
|
||||||
return
|
return
|
||||||
|
|
||||||
|
@ -666,7 +666,7 @@ class Dump(object):
|
||||||
logger.warn(msg)
|
logger.warn(msg)
|
||||||
|
|
||||||
def dbColumns(self, dbColumnsDict, colConsider, dbs):
|
def dbColumns(self, dbColumnsDict, colConsider, dbs):
|
||||||
if hasattr(conf, "api"):
|
if conf.api:
|
||||||
self._write(dbColumnsDict, content_type=CONTENT_TYPE.COLUMNS)
|
self._write(dbColumnsDict, content_type=CONTENT_TYPE.COLUMNS)
|
||||||
return
|
return
|
||||||
|
|
||||||
|
|
|
@ -2192,7 +2192,7 @@ def _mergeOptions(inputOptions, overrideOptions):
|
||||||
if key not in conf or value not in (None, False) or overrideOptions:
|
if key not in conf or value not in (None, False) or overrideOptions:
|
||||||
conf[key] = value
|
conf[key] = value
|
||||||
|
|
||||||
if not hasattr(conf, "api"):
|
if not conf.api:
|
||||||
for key, value in conf.items():
|
for key, value in conf.items():
|
||||||
if value is not None:
|
if value is not None:
|
||||||
kb.explicitSettings.add(key)
|
kb.explicitSettings.add(key)
|
||||||
|
|
|
@ -19,7 +19,7 @@ from lib.core.enums import DBMS_DIRECTORY_NAME
|
||||||
from lib.core.enums import OS
|
from lib.core.enums import OS
|
||||||
|
|
||||||
# sqlmap version (<major>.<minor>.<month>.<monthly commit>)
|
# sqlmap version (<major>.<minor>.<month>.<monthly commit>)
|
||||||
VERSION = "1.1.4.13"
|
VERSION = "1.1.4.14"
|
||||||
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
|
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
|
||||||
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
|
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
|
||||||
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
|
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
|
||||||
|
|
|
@ -97,7 +97,7 @@ def bisection(payload, expression, length=None, charsetType=None, firstChar=None
|
||||||
# Set kb.partRun in case "common prediction" feature (a.k.a. "good samaritan") is used or the engine is called from the API
|
# Set kb.partRun in case "common prediction" feature (a.k.a. "good samaritan") is used or the engine is called from the API
|
||||||
if conf.predictOutput:
|
if conf.predictOutput:
|
||||||
kb.partRun = getPartRun()
|
kb.partRun = getPartRun()
|
||||||
elif hasattr(conf, "api"):
|
elif conf.api:
|
||||||
kb.partRun = getPartRun(alias=False)
|
kb.partRun = getPartRun(alias=False)
|
||||||
else:
|
else:
|
||||||
kb.partRun = None
|
kb.partRun = None
|
||||||
|
@ -168,7 +168,7 @@ def bisection(payload, expression, length=None, charsetType=None, firstChar=None
|
||||||
warnMsg += "usage of option '--threads' for faster data retrieval"
|
warnMsg += "usage of option '--threads' for faster data retrieval"
|
||||||
singleTimeWarnMessage(warnMsg)
|
singleTimeWarnMessage(warnMsg)
|
||||||
|
|
||||||
if conf.verbose in (1, 2) and not showEta and not hasattr(conf, "api"):
|
if conf.verbose in (1, 2) and not showEta and not conf.api:
|
||||||
if isinstance(length, int) and conf.threads > 1:
|
if isinstance(length, int) and conf.threads > 1:
|
||||||
dataToStdout("[%s] [INFO] retrieved: %s" % (time.strftime("%X"), "_" * min(length, conf.progressWidth)))
|
dataToStdout("[%s] [INFO] retrieved: %s" % (time.strftime("%X"), "_" * min(length, conf.progressWidth)))
|
||||||
dataToStdout("\r[%s] [INFO] retrieved: " % time.strftime("%X"))
|
dataToStdout("\r[%s] [INFO] retrieved: " % time.strftime("%X"))
|
||||||
|
@ -492,7 +492,7 @@ def bisection(payload, expression, length=None, charsetType=None, firstChar=None
|
||||||
if (endCharIndex - startCharIndex == conf.progressWidth) and (endCharIndex < length - 1):
|
if (endCharIndex - startCharIndex == conf.progressWidth) and (endCharIndex < length - 1):
|
||||||
output = output[:-2] + '..'
|
output = output[:-2] + '..'
|
||||||
|
|
||||||
if conf.verbose in (1, 2) and not showEta and not hasattr(conf, "api"):
|
if conf.verbose in (1, 2) and not showEta and not conf.api:
|
||||||
_ = count - firstChar
|
_ = count - firstChar
|
||||||
output += '_' * (min(length, conf.progressWidth) - len(output))
|
output += '_' * (min(length, conf.progressWidth) - len(output))
|
||||||
status = ' %d/%d (%d%%)' % (_, length, round(100.0 * _ / length))
|
status = ' %d/%d (%d%%)' % (_, length, round(100.0 * _ / length))
|
||||||
|
@ -522,7 +522,7 @@ def bisection(payload, expression, length=None, charsetType=None, firstChar=None
|
||||||
finalValue = "".join(value)
|
finalValue = "".join(value)
|
||||||
infoMsg = "\r[%s] [INFO] retrieved: %s" % (time.strftime("%X"), filterControlChars(finalValue))
|
infoMsg = "\r[%s] [INFO] retrieved: %s" % (time.strftime("%X"), filterControlChars(finalValue))
|
||||||
|
|
||||||
if conf.verbose in (1, 2) and not showEta and infoMsg and not hasattr(conf, "api"):
|
if conf.verbose in (1, 2) and not showEta and infoMsg and not conf.api:
|
||||||
dataToStdout(infoMsg)
|
dataToStdout(infoMsg)
|
||||||
|
|
||||||
# No multi-threading (--threads = 1)
|
# No multi-threading (--threads = 1)
|
||||||
|
@ -558,7 +558,7 @@ def bisection(payload, expression, length=None, charsetType=None, firstChar=None
|
||||||
if result:
|
if result:
|
||||||
if showEta:
|
if showEta:
|
||||||
progress.progress(time.time() - charStart, len(commonValue))
|
progress.progress(time.time() - charStart, len(commonValue))
|
||||||
elif conf.verbose in (1, 2) or hasattr(conf, "api"):
|
elif conf.verbose in (1, 2) or conf.api:
|
||||||
dataToStdout(filterControlChars(commonValue[index - 1:]))
|
dataToStdout(filterControlChars(commonValue[index - 1:]))
|
||||||
|
|
||||||
finalValue = commonValue
|
finalValue = commonValue
|
||||||
|
@ -608,7 +608,7 @@ def bisection(payload, expression, length=None, charsetType=None, firstChar=None
|
||||||
|
|
||||||
if showEta:
|
if showEta:
|
||||||
progress.progress(time.time() - charStart, index)
|
progress.progress(time.time() - charStart, index)
|
||||||
elif conf.verbose in (1, 2) or hasattr(conf, "api"):
|
elif conf.verbose in (1, 2) or conf.api:
|
||||||
dataToStdout(filterControlChars(val))
|
dataToStdout(filterControlChars(val))
|
||||||
|
|
||||||
# some DBMSes (e.g. Firebird, DB2, etc.) have issues with trailing spaces
|
# some DBMSes (e.g. Firebird, DB2, etc.) have issues with trailing spaces
|
||||||
|
@ -635,11 +635,11 @@ def bisection(payload, expression, length=None, charsetType=None, firstChar=None
|
||||||
elif partialValue:
|
elif partialValue:
|
||||||
hashDBWrite(expression, "%s%s" % (PARTIAL_VALUE_MARKER if not conf.hexConvert else PARTIAL_HEX_VALUE_MARKER, partialValue))
|
hashDBWrite(expression, "%s%s" % (PARTIAL_VALUE_MARKER if not conf.hexConvert else PARTIAL_HEX_VALUE_MARKER, partialValue))
|
||||||
|
|
||||||
if conf.hexConvert and not abortedFlag and not hasattr(conf, "api"):
|
if conf.hexConvert and not abortedFlag and not conf.api:
|
||||||
infoMsg = "\r[%s] [INFO] retrieved: %s %s\n" % (time.strftime("%X"), filterControlChars(finalValue), " " * retrievedLength)
|
infoMsg = "\r[%s] [INFO] retrieved: %s %s\n" % (time.strftime("%X"), filterControlChars(finalValue), " " * retrievedLength)
|
||||||
dataToStdout(infoMsg)
|
dataToStdout(infoMsg)
|
||||||
else:
|
else:
|
||||||
if conf.verbose in (1, 2) and not showEta and not hasattr(conf, "api"):
|
if conf.verbose in (1, 2) and not showEta and not conf.api:
|
||||||
dataToStdout("\n")
|
dataToStdout("\n")
|
||||||
|
|
||||||
if (conf.verbose in (1, 2) and showEta) or conf.verbose >= 3:
|
if (conf.verbose in (1, 2) and showEta) or conf.verbose >= 3:
|
||||||
|
|
|
@ -114,7 +114,7 @@ def tableExists(tableFile, regex=None):
|
||||||
threadData.shared.value.append(table)
|
threadData.shared.value.append(table)
|
||||||
threadData.shared.unique.add(table.lower())
|
threadData.shared.unique.add(table.lower())
|
||||||
|
|
||||||
if conf.verbose in (1, 2) and not hasattr(conf, "api"):
|
if conf.verbose in (1, 2) and not conf.api:
|
||||||
clearConsoleLine(True)
|
clearConsoleLine(True)
|
||||||
infoMsg = "[%s] [INFO] retrieved: %s\n" % (time.strftime("%X"), unsafeSQLIdentificatorNaming(table))
|
infoMsg = "[%s] [INFO] retrieved: %s\n" % (time.strftime("%X"), unsafeSQLIdentificatorNaming(table))
|
||||||
dataToStdout(infoMsg, True)
|
dataToStdout(infoMsg, True)
|
||||||
|
@ -222,7 +222,7 @@ def columnExists(columnFile, regex=None):
|
||||||
if result:
|
if result:
|
||||||
threadData.shared.value.append(column)
|
threadData.shared.value.append(column)
|
||||||
|
|
||||||
if conf.verbose in (1, 2) and not hasattr(conf, "api"):
|
if conf.verbose in (1, 2) and not conf.api:
|
||||||
clearConsoleLine(True)
|
clearConsoleLine(True)
|
||||||
infoMsg = "[%s] [INFO] retrieved: %s\n" % (time.strftime("%X"), unsafeSQLIdentificatorNaming(column))
|
infoMsg = "[%s] [INFO] retrieved: %s\n" % (time.strftime("%X"), unsafeSQLIdentificatorNaming(column))
|
||||||
dataToStdout(infoMsg, True)
|
dataToStdout(infoMsg, True)
|
||||||
|
|
|
@ -301,7 +301,7 @@ def errorUse(expression, dump=False):
|
||||||
_, _, _, _, _, expressionFieldsList, expressionFields, _ = agent.getFields(expression)
|
_, _, _, _, _, expressionFieldsList, expressionFields, _ = agent.getFields(expression)
|
||||||
|
|
||||||
# Set kb.partRun in case the engine is called from the API
|
# Set kb.partRun in case the engine is called from the API
|
||||||
kb.partRun = getPartRun(alias=False) if hasattr(conf, "api") else None
|
kb.partRun = getPartRun(alias=False) if conf.api else None
|
||||||
|
|
||||||
# We have to check if the SQL query might return multiple entries
|
# We have to check if the SQL query might return multiple entries
|
||||||
# and in such case forge the SQL limiting the query output one
|
# and in such case forge the SQL limiting the query output one
|
||||||
|
|
|
@ -215,7 +215,7 @@ def unionUse(expression, unpack=True, dump=False):
|
||||||
_, _, _, _, _, expressionFieldsList, expressionFields, _ = agent.getFields(origExpr)
|
_, _, _, _, _, expressionFieldsList, expressionFields, _ = agent.getFields(origExpr)
|
||||||
|
|
||||||
# Set kb.partRun in case the engine is called from the API
|
# Set kb.partRun in case the engine is called from the API
|
||||||
kb.partRun = getPartRun(alias=False) if hasattr(conf, "api") else None
|
kb.partRun = getPartRun(alias=False) if conf.api else None
|
||||||
|
|
||||||
if Backend.isDbms(DBMS.MSSQL) and kb.dumpColumns:
|
if Backend.isDbms(DBMS.MSSQL) and kb.dumpColumns:
|
||||||
kb.rowXmlMode = True
|
kb.rowXmlMode = True
|
||||||
|
|
|
@ -282,7 +282,7 @@ class LogRecorder(logging.StreamHandler):
|
||||||
|
|
||||||
|
|
||||||
def setRestAPILog():
|
def setRestAPILog():
|
||||||
if hasattr(conf, "api"):
|
if conf.api:
|
||||||
try:
|
try:
|
||||||
conf.databaseCursor = Database(conf.database)
|
conf.databaseCursor = Database(conf.database)
|
||||||
conf.databaseCursor.connect("client")
|
conf.databaseCursor.connect("client")
|
||||||
|
|
|
@ -583,7 +583,7 @@ def _bruteProcessVariantA(attack_info, hash_regex, suffix, retVal, proc_id, proc
|
||||||
|
|
||||||
status = 'current status: %s... %s' % (word.ljust(5)[:5], ROTATING_CHARS[rotator])
|
status = 'current status: %s... %s' % (word.ljust(5)[:5], ROTATING_CHARS[rotator])
|
||||||
|
|
||||||
if not hasattr(conf, "api"):
|
if not conf.api:
|
||||||
dataToStdout("\r[%s] [INFO] %s" % (time.strftime("%X"), status))
|
dataToStdout("\r[%s] [INFO] %s" % (time.strftime("%X"), status))
|
||||||
|
|
||||||
except KeyboardInterrupt:
|
except KeyboardInterrupt:
|
||||||
|
@ -657,7 +657,7 @@ def _bruteProcessVariantB(user, hash_, kwargs, hash_regex, suffix, retVal, found
|
||||||
if user and not user.startswith(DUMMY_USER_PREFIX):
|
if user and not user.startswith(DUMMY_USER_PREFIX):
|
||||||
status += ' (user: %s)' % user
|
status += ' (user: %s)' % user
|
||||||
|
|
||||||
if not hasattr(conf, "api"):
|
if not conf.api:
|
||||||
dataToStdout("\r[%s] [INFO] %s" % (time.strftime("%X"), status))
|
dataToStdout("\r[%s] [INFO] %s" % (time.strftime("%X"), status))
|
||||||
|
|
||||||
except KeyboardInterrupt:
|
except KeyboardInterrupt:
|
||||||
|
|
|
@ -28,13 +28,13 @@ class Fingerprint(GenericFingerprint):
|
||||||
value = ""
|
value = ""
|
||||||
wsOsFp = Format.getOs("web server", kb.headersFp)
|
wsOsFp = Format.getOs("web server", kb.headersFp)
|
||||||
|
|
||||||
if wsOsFp and not hasattr(conf, "api"):
|
if wsOsFp and not conf.api:
|
||||||
value += "%s\n" % wsOsFp
|
value += "%s\n" % wsOsFp
|
||||||
|
|
||||||
if kb.data.banner:
|
if kb.data.banner:
|
||||||
dbmsOsFp = Format.getOs("back-end DBMS", kb.bannerFp)
|
dbmsOsFp = Format.getOs("back-end DBMS", kb.bannerFp)
|
||||||
|
|
||||||
if dbmsOsFp and not hasattr(conf, "api"):
|
if dbmsOsFp and not conf.api:
|
||||||
value += "%s\n" % dbmsOsFp
|
value += "%s\n" % dbmsOsFp
|
||||||
|
|
||||||
value += "back-end DBMS: "
|
value += "back-end DBMS: "
|
||||||
|
|
|
@ -95,13 +95,13 @@ class Fingerprint(GenericFingerprint):
|
||||||
value = ""
|
value = ""
|
||||||
wsOsFp = Format.getOs("web server", kb.headersFp)
|
wsOsFp = Format.getOs("web server", kb.headersFp)
|
||||||
|
|
||||||
if wsOsFp and not hasattr(conf, "api"):
|
if wsOsFp and not conf.api:
|
||||||
value += "%s\n" % wsOsFp
|
value += "%s\n" % wsOsFp
|
||||||
|
|
||||||
if kb.data.banner:
|
if kb.data.banner:
|
||||||
dbmsOsFp = Format.getOs("back-end DBMS", kb.bannerFp)
|
dbmsOsFp = Format.getOs("back-end DBMS", kb.bannerFp)
|
||||||
|
|
||||||
if dbmsOsFp and not hasattr(conf, "api"):
|
if dbmsOsFp and not conf.api:
|
||||||
value += "%s\n" % dbmsOsFp
|
value += "%s\n" % dbmsOsFp
|
||||||
|
|
||||||
value += "back-end DBMS: "
|
value += "back-end DBMS: "
|
||||||
|
|
|
@ -123,7 +123,7 @@ def main():
|
||||||
cmdLineOptions.update(cmdLineParser().__dict__)
|
cmdLineOptions.update(cmdLineParser().__dict__)
|
||||||
initOptions(cmdLineOptions)
|
initOptions(cmdLineOptions)
|
||||||
|
|
||||||
if hasattr(conf, "api"):
|
if conf.get("api"):
|
||||||
# heavy imports
|
# heavy imports
|
||||||
from lib.utils.api import StdDbOut
|
from lib.utils.api import StdDbOut
|
||||||
from lib.utils.api import setRestAPILog
|
from lib.utils.api import setRestAPILog
|
||||||
|
@ -285,7 +285,7 @@ def main():
|
||||||
errMsg = maskSensitiveData(errMsg)
|
errMsg = maskSensitiveData(errMsg)
|
||||||
excMsg = maskSensitiveData(excMsg)
|
excMsg = maskSensitiveData(excMsg)
|
||||||
|
|
||||||
if hasattr(conf, "api"):
|
if conf.get("api"):
|
||||||
logger.critical("%s\n%s" % (errMsg, excMsg))
|
logger.critical("%s\n%s" % (errMsg, excMsg))
|
||||||
else:
|
else:
|
||||||
logger.critical(errMsg)
|
logger.critical(errMsg)
|
||||||
|
@ -326,7 +326,7 @@ def main():
|
||||||
kb.clear()
|
kb.clear()
|
||||||
main()
|
main()
|
||||||
|
|
||||||
if hasattr(conf, "api"):
|
if conf.get("api"):
|
||||||
try:
|
try:
|
||||||
conf.databaseCursor.disconnect()
|
conf.databaseCursor.disconnect()
|
||||||
except KeyboardInterrupt:
|
except KeyboardInterrupt:
|
||||||
|
|
|
@ -21,31 +21,31 @@ c55b400b72acc43e0e59c87dd8bb8d75 extra/shellcodeexec/windows/shellcodeexec.x32.
|
||||||
7713aa366c983cdf1f3dbaa7383ea9e1 extra/sqlharvest/sqlharvest.py
|
7713aa366c983cdf1f3dbaa7383ea9e1 extra/sqlharvest/sqlharvest.py
|
||||||
5df358defc488bee9b40084892e3d1cb lib/controller/action.py
|
5df358defc488bee9b40084892e3d1cb lib/controller/action.py
|
||||||
9cb94acd4c59822a5e1a258c4d1a4860 lib/controller/checks.py
|
9cb94acd4c59822a5e1a258c4d1a4860 lib/controller/checks.py
|
||||||
dc386321e8813788f155dc557a78be8d lib/controller/controller.py
|
20fbacfdcef41214dc2e9ad31fbc28ad lib/controller/controller.py
|
||||||
d79481ab99acd739615e747d4a79d9d0 lib/controller/handler.py
|
d79481ab99acd739615e747d4a79d9d0 lib/controller/handler.py
|
||||||
310efc965c862cfbd7b0da5150a5ad36 lib/controller/__init__.py
|
310efc965c862cfbd7b0da5150a5ad36 lib/controller/__init__.py
|
||||||
19905ecb4437b94512cf21d5f1720091 lib/core/agent.py
|
19905ecb4437b94512cf21d5f1720091 lib/core/agent.py
|
||||||
6cc95a117fbd34ef31b9aa25520f0e31 lib/core/bigarray.py
|
6cc95a117fbd34ef31b9aa25520f0e31 lib/core/bigarray.py
|
||||||
652266ff49168dd88a9d5649003a3951 lib/core/common.py
|
95e165749bdb830e51be2159bc2c021e lib/core/common.py
|
||||||
5065a4242a8cccf72f91e22e1007ae63 lib/core/convert.py
|
5065a4242a8cccf72f91e22e1007ae63 lib/core/convert.py
|
||||||
a8143dab9d3a27490f7d49b6b29ea530 lib/core/data.py
|
a8143dab9d3a27490f7d49b6b29ea530 lib/core/data.py
|
||||||
7936d78b1a7f1f008ff92bf2f88574ba lib/core/datatype.py
|
7936d78b1a7f1f008ff92bf2f88574ba lib/core/datatype.py
|
||||||
36c85e9ef109c5b4af3ca9bb1065ef1f lib/core/decorators.py
|
36c85e9ef109c5b4af3ca9bb1065ef1f lib/core/decorators.py
|
||||||
47eecd5499eaa15e931793e1d1ac3566 lib/core/defaults.py
|
47eecd5499eaa15e931793e1d1ac3566 lib/core/defaults.py
|
||||||
7309cf449b009723d1a4655fcf1a96d7 lib/core/dicts.py
|
7309cf449b009723d1a4655fcf1a96d7 lib/core/dicts.py
|
||||||
77edcfd3d7c5522bb64baf59ac23a047 lib/core/dump.py
|
65b9187de3d8c9c28ddab53ef2b399bc lib/core/dump.py
|
||||||
b9ff4e622c416116bee6024c0f050349 lib/core/enums.py
|
b9ff4e622c416116bee6024c0f050349 lib/core/enums.py
|
||||||
9381a0c7e8bc19986299e84f4edda1a0 lib/core/exception.py
|
9381a0c7e8bc19986299e84f4edda1a0 lib/core/exception.py
|
||||||
310efc965c862cfbd7b0da5150a5ad36 lib/core/__init__.py
|
310efc965c862cfbd7b0da5150a5ad36 lib/core/__init__.py
|
||||||
9ba39bf66e9ecd469446bdbbeda906c3 lib/core/log.py
|
9ba39bf66e9ecd469446bdbbeda906c3 lib/core/log.py
|
||||||
ebb778c2d26eba8b34d7d8658e4105a6 lib/core/optiondict.py
|
ebb778c2d26eba8b34d7d8658e4105a6 lib/core/optiondict.py
|
||||||
bffd3f1bffa71a3c0ffc14768631f8ed lib/core/option.py
|
69e879487399f3028fe0291817f2f998 lib/core/option.py
|
||||||
5f2f56e6c5f274408df61943f1e080c0 lib/core/profiling.py
|
5f2f56e6c5f274408df61943f1e080c0 lib/core/profiling.py
|
||||||
40be71cd774662a7b420caeb7051e7d5 lib/core/readlineng.py
|
40be71cd774662a7b420caeb7051e7d5 lib/core/readlineng.py
|
||||||
d8e9250f3775119df07e9070eddccd16 lib/core/replication.py
|
d8e9250f3775119df07e9070eddccd16 lib/core/replication.py
|
||||||
785f86e3f963fa3798f84286a4e83ff2 lib/core/revision.py
|
785f86e3f963fa3798f84286a4e83ff2 lib/core/revision.py
|
||||||
40c80b28b3a5819b737a5a17d4565ae9 lib/core/session.py
|
40c80b28b3a5819b737a5a17d4565ae9 lib/core/session.py
|
||||||
89f327b249b0c1267c92889ceca475a9 lib/core/settings.py
|
eb44bcdbc0438b1ac1772b05f0e89b08 lib/core/settings.py
|
||||||
d91291997d2bd2f6028aaf371bf1d3b6 lib/core/shell.py
|
d91291997d2bd2f6028aaf371bf1d3b6 lib/core/shell.py
|
||||||
2ad85c130cc5f2b3701ea85c2f6bbf20 lib/core/subprocessng.py
|
2ad85c130cc5f2b3701ea85c2f6bbf20 lib/core/subprocessng.py
|
||||||
afd0636d2e93c23f4f0a5c9b6023ea17 lib/core/target.py
|
afd0636d2e93c23f4f0a5c9b6023ea17 lib/core/target.py
|
||||||
|
@ -86,25 +86,25 @@ ac541a0d38e4ecb4e41e97799a7235f4 lib/takeover/registry.py
|
||||||
4cd0322f22fbc26284cffa9f8f7545ef lib/takeover/udf.py
|
4cd0322f22fbc26284cffa9f8f7545ef lib/takeover/udf.py
|
||||||
c131528696edb96695aa1b58803bd6ae lib/takeover/web.py
|
c131528696edb96695aa1b58803bd6ae lib/takeover/web.py
|
||||||
e5a82481947e798d0c11f3acf3e9db60 lib/takeover/xp_cmdshell.py
|
e5a82481947e798d0c11f3acf3e9db60 lib/takeover/xp_cmdshell.py
|
||||||
cae752650755c706272a45ae84519a4b lib/techniques/blind/inference.py
|
9f03972ea5ce2df74d43be5f30f068eb lib/techniques/blind/inference.py
|
||||||
310efc965c862cfbd7b0da5150a5ad36 lib/techniques/blind/__init__.py
|
310efc965c862cfbd7b0da5150a5ad36 lib/techniques/blind/__init__.py
|
||||||
310efc965c862cfbd7b0da5150a5ad36 lib/techniques/brute/__init__.py
|
310efc965c862cfbd7b0da5150a5ad36 lib/techniques/brute/__init__.py
|
||||||
a693c023a9fed1eebb9ca9ef51e0aeb8 lib/techniques/brute/use.py
|
ac3a32b7a84517730fa2885f4e8721ba lib/techniques/brute/use.py
|
||||||
310efc965c862cfbd7b0da5150a5ad36 lib/techniques/dns/__init__.py
|
310efc965c862cfbd7b0da5150a5ad36 lib/techniques/dns/__init__.py
|
||||||
ab1601a7f429b47637c4fb8af703d0f1 lib/techniques/dns/test.py
|
ab1601a7f429b47637c4fb8af703d0f1 lib/techniques/dns/test.py
|
||||||
d3da4c7ceaf57c4687a052d58722f6bb lib/techniques/dns/use.py
|
d3da4c7ceaf57c4687a052d58722f6bb lib/techniques/dns/use.py
|
||||||
310efc965c862cfbd7b0da5150a5ad36 lib/techniques/error/__init__.py
|
310efc965c862cfbd7b0da5150a5ad36 lib/techniques/error/__init__.py
|
||||||
2fb0eb698fc9d6e19960d2136bce787d lib/techniques/error/use.py
|
be752c8075641bc390368c9955f34c91 lib/techniques/error/use.py
|
||||||
310efc965c862cfbd7b0da5150a5ad36 lib/techniques/__init__.py
|
310efc965c862cfbd7b0da5150a5ad36 lib/techniques/__init__.py
|
||||||
310efc965c862cfbd7b0da5150a5ad36 lib/techniques/union/__init__.py
|
310efc965c862cfbd7b0da5150a5ad36 lib/techniques/union/__init__.py
|
||||||
19fd73af7a278fd72b46a5a60f5bdd09 lib/techniques/union/test.py
|
19fd73af7a278fd72b46a5a60f5bdd09 lib/techniques/union/test.py
|
||||||
8cd5655c60a638caa30ca1220896aeda lib/techniques/union/use.py
|
09b23d3ecb6c0e6e276822a3f2f3bf7b lib/techniques/union/use.py
|
||||||
9fca8077f1ee6f701ce7b7972e05ee53 lib/utils/api.py
|
981318873e2df1cc55173e8b8a4a7637 lib/utils/api.py
|
||||||
29e32d59fcdd63c5a13498af1f367c8c lib/utils/crawler.py
|
29e32d59fcdd63c5a13498af1f367c8c lib/utils/crawler.py
|
||||||
ba12c69a90061aa14d848b8396e79191 lib/utils/deps.py
|
ba12c69a90061aa14d848b8396e79191 lib/utils/deps.py
|
||||||
3b9fd519164e0bf275d5fd361c3f11ff lib/utils/getch.py
|
3b9fd519164e0bf275d5fd361c3f11ff lib/utils/getch.py
|
||||||
ccfdad414ce2ec0c394c3deaa39a82bf lib/utils/hashdb.py
|
ccfdad414ce2ec0c394c3deaa39a82bf lib/utils/hashdb.py
|
||||||
aff7355d582fc6c00a675eeee2a5217a lib/utils/hash.py
|
712ef6a703c9101690b9177b09a31b4c lib/utils/hash.py
|
||||||
e76a08237ee6a4cd6855af79610ea8a5 lib/utils/htmlentities.py
|
e76a08237ee6a4cd6855af79610ea8a5 lib/utils/htmlentities.py
|
||||||
310efc965c862cfbd7b0da5150a5ad36 lib/utils/__init__.py
|
310efc965c862cfbd7b0da5150a5ad36 lib/utils/__init__.py
|
||||||
9d8c858417d356e49e1959ba253aede4 lib/utils/pivotdumptable.py
|
9d8c858417d356e49e1959ba253aede4 lib/utils/pivotdumptable.py
|
||||||
|
@ -139,7 +139,7 @@ f86ace7fcaea5ff3f9e86ab2dce052c5 plugins/dbms/firebird/__init__.py
|
||||||
3a97bd07cce66bc812309341e7b54697 plugins/dbms/hsqldb/connector.py
|
3a97bd07cce66bc812309341e7b54697 plugins/dbms/hsqldb/connector.py
|
||||||
015281fb8f96dbade0d2e30fc8da9c4c plugins/dbms/hsqldb/enumeration.py
|
015281fb8f96dbade0d2e30fc8da9c4c plugins/dbms/hsqldb/enumeration.py
|
||||||
c0b14e62e1ecbb679569a1abb9cf1913 plugins/dbms/hsqldb/filesystem.py
|
c0b14e62e1ecbb679569a1abb9cf1913 plugins/dbms/hsqldb/filesystem.py
|
||||||
82304c5d7b06bb564dcdd8cda84dbeae plugins/dbms/hsqldb/fingerprint.py
|
ad3090f3212a007274e016c3af90dddf plugins/dbms/hsqldb/fingerprint.py
|
||||||
0b18e3cf582b128cf9f16ee34ef85727 plugins/dbms/hsqldb/__init__.py
|
0b18e3cf582b128cf9f16ee34ef85727 plugins/dbms/hsqldb/__init__.py
|
||||||
65e8f8edc9d18fe482deb474a29f83ff plugins/dbms/hsqldb/syntax.py
|
65e8f8edc9d18fe482deb474a29f83ff plugins/dbms/hsqldb/syntax.py
|
||||||
0a1584e2b01f33abe3ef91d99bafbd3f plugins/dbms/hsqldb/takeover.py
|
0a1584e2b01f33abe3ef91d99bafbd3f plugins/dbms/hsqldb/takeover.py
|
||||||
|
@ -168,7 +168,7 @@ a7ed0510e47384eaf93164d53e2b6b36 plugins/dbms/mssqlserver/enumeration.py
|
||||||
48fb283a0dbf980495ca054f7b55783f plugins/dbms/mysql/connector.py
|
48fb283a0dbf980495ca054f7b55783f plugins/dbms/mysql/connector.py
|
||||||
7fe94b803fa273baf479b76ce7a3fb51 plugins/dbms/mysql/enumeration.py
|
7fe94b803fa273baf479b76ce7a3fb51 plugins/dbms/mysql/enumeration.py
|
||||||
1bd5e659962e814b66a451b807de9110 plugins/dbms/mysql/filesystem.py
|
1bd5e659962e814b66a451b807de9110 plugins/dbms/mysql/filesystem.py
|
||||||
1a17c2dea2cd7554cf9082fdf96f8360 plugins/dbms/mysql/fingerprint.py
|
5947eb45c33e183c61efc3e41a232c00 plugins/dbms/mysql/fingerprint.py
|
||||||
42568a66a13a43ed46748290c503a652 plugins/dbms/mysql/__init__.py
|
42568a66a13a43ed46748290c503a652 plugins/dbms/mysql/__init__.py
|
||||||
96dfafcc4aecc1c574148ac05dbdb6da plugins/dbms/mysql/syntax.py
|
96dfafcc4aecc1c574148ac05dbdb6da plugins/dbms/mysql/syntax.py
|
||||||
33b2dc28075ab560fd8a4dc898682a0d plugins/dbms/mysql/takeover.py
|
33b2dc28075ab560fd8a4dc898682a0d plugins/dbms/mysql/takeover.py
|
||||||
|
@ -224,7 +224,7 @@ c3cc8b7727161e64ab59f312c33b541a shell/stager.aspx_
|
||||||
1f7f125f30e0e800beb21e2ebbab18e1 shell/stager.jsp_
|
1f7f125f30e0e800beb21e2ebbab18e1 shell/stager.jsp_
|
||||||
01e3505e796edf19aad6a996101c81c9 shell/stager.php_
|
01e3505e796edf19aad6a996101c81c9 shell/stager.php_
|
||||||
0751a45ac4c130131f2cdb74d866b664 sqlmapapi.py
|
0751a45ac4c130131f2cdb74d866b664 sqlmapapi.py
|
||||||
dee6a537359c049dabe4ffe3de881359 sqlmap.py
|
e6e6fbed25e09f29ce62a2d55932e331 sqlmap.py
|
||||||
08c711a470d7e0bf705320ba3c48b886 tamper/apostrophemask.py
|
08c711a470d7e0bf705320ba3c48b886 tamper/apostrophemask.py
|
||||||
e8509df10d3f1c28014d7825562d32dd tamper/apostrophenullencode.py
|
e8509df10d3f1c28014d7825562d32dd tamper/apostrophenullencode.py
|
||||||
bb27f7dc980ea07fcfedbd7da5e5e029 tamper/appendnullbyte.py
|
bb27f7dc980ea07fcfedbd7da5e5e029 tamper/appendnullbyte.py
|
||||||
|
|
Loading…
Reference in New Issue
Block a user