mirror of
				https://github.com/sqlmapproject/sqlmap.git
				synced 2025-10-25 21:21:03 +03:00 
			
		
		
		
	now status is no longer represented in percentage (impossible in cases where we need to support too small and too large dictionaries - technical issues regarding counting) but by the rotating char
This commit is contained in:
		
							parent
							
								
									ff8fc90ac7
								
							
						
					
					
						commit
						9cf33ec997
					
				|  | @ -324,7 +324,7 @@ URLENCODE_CHAR_LIMIT = 2000 | |||
| DEFAULT_MSSQL_SCHEMA = 'dbo' | ||||
| 
 | ||||
| # Display hash attack info every mod number of items | ||||
| HASH_MOD_ITEM_DISPLAY = 1117 | ||||
| HASH_MOD_ITEM_DISPLAY = 1597 | ||||
| 
 | ||||
| # Maximum integer value | ||||
| MAX_INT = sys.maxint | ||||
|  | @ -379,3 +379,6 @@ BRUTE_COLUMN_EXISTS_TEMPLATE = "EXISTS(SELECT %s FROM %s)" | |||
| 
 | ||||
| # Payload used for checking of existence of IDS/WAF (dummier the better) | ||||
| IDS_WAF_CHECK_PAYLOAD = "AND 1=1 UNION ALL SELECT 1,2,3,table_name FROM information_schema.tables" | ||||
| 
 | ||||
| # Used for status representation in dictionary attack phase | ||||
| ROTATING_CHARS = ('\\', '|', '|', '/', '-') | ||||
|  |  | |||
|  | @ -54,6 +54,7 @@ from lib.core.settings import IS_WIN | |||
| from lib.core.settings import PYVERSION | ||||
| from lib.core.settings import ML | ||||
| from lib.core.settings import UNICODE_ENCODING | ||||
| from lib.core.settings import ROTATING_CHARS | ||||
| 
 | ||||
| if PYVERSION >= "2.6": | ||||
|     import multiprocessing | ||||
|  | @ -323,6 +324,7 @@ def hashRecognition(value): | |||
| 
 | ||||
| def __bruteProcessVariantA(attack_info, hash_regex, wordlist, suffix, retVal, proc_id, proc_count): | ||||
|     count = 0 | ||||
|     rotator = 0 | ||||
| 
 | ||||
|     try: | ||||
|         for word in wordlist: | ||||
|  | @ -360,13 +362,17 @@ def __bruteProcessVariantA(attack_info, hash_regex, wordlist, suffix, retVal, pr | |||
|                         attack_info.remove(item) | ||||
| 
 | ||||
|                     elif proc_id == 0 and count % HASH_MOD_ITEM_DISPLAY == 0 or hash_regex in (HASH.ORACLE_OLD) or hash_regex == HASH.CRYPT_GENERIC and IS_WIN: | ||||
|                         status = 'current status: %d%s (%s...)' % (proc_count * wordlist.percentage(), '%', word.ljust(5)[:5]) | ||||
|                         rotator += 1 | ||||
|                         if rotator >= len(ROTATING_CHARS): | ||||
|                             rotator = 0 | ||||
|                         status = 'current status: %s... %s' % (word.ljust(5)[:5], ROTATING_CHARS[rotator]) | ||||
|                         dataToStdout("\r[%s] [INFO] %s" % (time.strftime("%X"), status)) | ||||
| 
 | ||||
|             except KeyboardInterrupt: | ||||
|                 raise | ||||
| 
 | ||||
|             except: | ||||
|             except Exception, msg: | ||||
|                 print msg | ||||
|                 warnMsg = "there was a problem while hashing entry: %s. " % repr(word) | ||||
|                 warnMsg += "Please report by e-mail to %s" % ML | ||||
|                 logger.critical(warnMsg) | ||||
|  | @ -376,6 +382,7 @@ def __bruteProcessVariantA(attack_info, hash_regex, wordlist, suffix, retVal, pr | |||
| 
 | ||||
| def __bruteProcessVariantB(user, hash_, kwargs, hash_regex, wordlist, suffix, retVal, found, proc_id, proc_count): | ||||
|     count = 0 | ||||
|     rotator = 0 | ||||
| 
 | ||||
|     try: | ||||
|         for word in wordlist: | ||||
|  | @ -411,7 +418,10 @@ def __bruteProcessVariantB(user, hash_, kwargs, hash_regex, wordlist, suffix, re | |||
| 
 | ||||
|                     found.value = True | ||||
|                 elif proc_id == 0 and count % HASH_MOD_ITEM_DISPLAY == 0 or hash_regex in (HASH.ORACLE_OLD) or hash_regex == HASH.CRYPT_GENERIC and IS_WIN: | ||||
|                     status = 'current status: %d%s (%s...)' % (proc_count * wordlist.percentage(), '%', word.ljust(5)[:5]) | ||||
|                     rotator += 1 | ||||
|                     if rotator >= len(ROTATING_CHARS): | ||||
|                         rotator = 0 | ||||
|                     status = 'current status: %s... %s' % (word.ljust(5)[:5], ROTATING_CHARS[rotator]) | ||||
|                     if not user.startswith(DUMMY_USER_PREFIX): | ||||
|                         status += ' (user: %s)' % user | ||||
|                     dataToStdout("\r[%s] [INFO] %s" % (time.strftime("%X"), status)) | ||||
|  |  | |||
		Loading…
	
		Reference in New Issue
	
	Block a user