From a6448e87683f60624aabd0f147a0a78bd7046d3e Mon Sep 17 00:00:00 2001
From: Miroslav Stampar <miroslav.stampar@gmail.com>
Date: Wed, 12 Dec 2012 11:54:59 +0100
Subject: [PATCH] Update for an Issue #287

---
 _sqlmap.py           |  5 +++-
 lib/core/common.py   |  4 ++--
 lib/core/settings.py |  2 +-
 lib/parse/cmdline.py |  3 +++
 lib/utils/xmlrpc.py  | 55 +++++++++++++++++++++++++++++++++++---------
 5 files changed, 54 insertions(+), 15 deletions(-)

diff --git a/_sqlmap.py b/_sqlmap.py
index b05c9f4b0..a18ccb9bd 100755
--- a/_sqlmap.py
+++ b/_sqlmap.py
@@ -6,6 +6,7 @@ See the file 'doc/COPYING' for copying permission
 """
 
 import bdb
+import logging
 import os
 import sys
 import time
@@ -33,6 +34,7 @@ from lib.core.exception import SqlmapUserQuitException
 from lib.core.option import init
 from lib.core.profiling import profile
 from lib.core.settings import LEGAL_DISCLAIMER
+from lib.core.settings import XMLRPC_SERVER_PORT
 from lib.core.testing import smokeTest
 from lib.core.testing import liveTest
 from lib.parse.cmdline import cmdLineParser
@@ -63,7 +65,8 @@ def main():
         cmdLineOptions.update(cmdLineParser().__dict__)
 
         if cmdLineOptions.xmlRpc:
-            server = XMLRPCServer()
+            logger.setLevel(logging.INFO)
+            server = XMLRPCServer(cmdLineOptions.xmlRpcPort or XMLRPC_SERVER_PORT)
             server.serve()
         else:
             init(cmdLineOptions)
diff --git a/lib/core/common.py b/lib/core/common.py
index 7b2c9854a..b3d8c3437 100644
--- a/lib/core/common.py
+++ b/lib/core/common.py
@@ -421,11 +421,11 @@ class Backend:
             dbms = Backend.getForcedDbms()
         elif Backend.getDbms() is not None:
             dbms = kb.dbms
-        elif conf.get('dbms'):
+        elif conf.get("dbms"):
             dbms = conf.dbms
         elif Backend.getErrorParsedDBMSes():
             dbms = unArrayizeValue(Backend.getErrorParsedDBMSes())
-        elif kb.injection.dbms:
+        elif kb.get("injection") and kb.injection.dbms:
             dbms = unArrayizeValue(kb.injection.dbms)
 
         return aliasToDbmsEnum(dbms)
diff --git a/lib/core/settings.py b/lib/core/settings.py
index 8d4b4adcf..6e1a930f2 100644
--- a/lib/core/settings.py
+++ b/lib/core/settings.py
@@ -483,7 +483,7 @@ EVENTVALIDATION_REGEX = r'(?i)(?P<name>__EVENTVALIDATION[^"]*)[^>]+value="(?P<re
 LIMITED_ROWS_TEST_NUMBER = 15
 
 # Default TCP port used for XML-RPC server instance
-XML_RPC_SERVER_PORT = 8776
+XMLRPC_SERVER_PORT = 8776
 
 # Regular expression for SOAP-like POST data
 SOAP_RECOGNITION_REGEX = r"(?s)\A(<\?xml[^>]+>)?\s*<([^> ]+)( [^>]+)?>.+</\2.*>\s*\Z"
diff --git a/lib/parse/cmdline.py b/lib/parse/cmdline.py
index f5ab6ad12..fee52f85f 100644
--- a/lib/parse/cmdline.py
+++ b/lib/parse/cmdline.py
@@ -685,6 +685,9 @@ def cmdLineParser():
         parser.add_option("--xmlrpc", dest="xmlRpc", action="store_true",
                           help=SUPPRESS_HELP)
 
+        parser.add_option("--xmlrpc-port", dest="xmlRpcPort", type="int",
+                          help=SUPPRESS_HELP)
+
         parser.add_option_group(target)
         parser.add_option_group(request)
         parser.add_option_group(optimization)
diff --git a/lib/utils/xmlrpc.py b/lib/utils/xmlrpc.py
index 21e44b2a1..4767fc12b 100644
--- a/lib/utils/xmlrpc.py
+++ b/lib/utils/xmlrpc.py
@@ -5,18 +5,25 @@ Copyright (c) 2006-2012 sqlmap developers (http://sqlmap.org/)
 See the file 'doc/COPYING' for copying permission
 """
 
-from SimpleXMLRPCServer import SimpleXMLRPCServer
+import sys
+import xmlrpclib
 
-from lib.controller.controller import start
-from lib.core.datatype import AttribDict
-from lib.core.data import cmdLineOptions
-from lib.core.data import logger
-from lib.core.option import init
-from lib.core.settings import XML_RPC_SERVER_PORT
-from lib.core.settings import UNICODE_ENCODING
+try:
+    from SimpleXMLRPCServer import SimpleXMLRPCServer
+
+    from lib.controller.controller import start
+    from lib.core.datatype import AttribDict
+    from lib.core.data import cmdLineOptions
+    from lib.core.data import logger
+    from lib.core.option import init
+    from lib.core.settings import UNICODE_ENCODING
+    from lib.core.settings import XMLRPC_SERVER_PORT
+except ImportError:
+    pass
 
 class XMLRPCServer:
-    def __init__(self):
+    def __init__(self, port):
+        self.port = port
         self.reset()
 
     def reset(self):
@@ -36,11 +43,37 @@ class XMLRPCServer:
         return start()
 
     def serve(self):
-        server = SimpleXMLRPCServer(addr=("", XML_RPC_SERVER_PORT), logRequests=False, allow_none=True, encoding=UNICODE_ENCODING)
-        server.register_introspection_functions()
+        server = SimpleXMLRPCServer(addr=("", self.port), logRequests=False, allow_none=True, encoding=UNICODE_ENCODING)
         server.register_function(self.reset)
         server.register_function(self.set_option)
         server.register_function(self.get_option)
         server.register_function(self.get_option_names)
         server.register_function(self.run)
+        logger.info("Registering RPC methods: %s" % str(server.system_listMethods()).strip("[]"))
+        server.register_introspection_functions()
+        logger.info("Running XML-RPC server at '0.0.0.0:%d'..." % self.port)
         server.serve_forever()
+
+if __name__ == "__main__":
+    try:
+        import readline
+    except ImportError:
+        pass
+
+    server = xmlrpclib.ServerProxy("http://localhost:%d" % (int(sys.argv[1]) if len(sys.argv) > 1 else 8776))
+
+    print "[o] Server instance: 'server'"
+    print "[i] Available RPC methods: %s" % str(server.system.listMethods()).strip("[]")
+    print "[i] Sample usage: 'server.system.listMethods()'"
+
+    while True:
+        try:
+            _ = raw_input("> ")
+            if not _.startswith("print"):
+                print eval(_) or ""
+            else:
+                exec(_)
+        except KeyboardInterrupt:
+            exit(0)
+        except Exception, ex:
+            print "[x] '%s'" % str(ex)