sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-02-19 21:10:36 +03:00
Code Issues Packages Projects Releases Wiki Activity

Update for an Issue #287

Browse Source
This commit is contained in:
Miroslav Stampar 2012-12-12 11:54:59 +01:00
parent ef33729381
commit a6448e8768
5 changed files with 54 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
_sqlmap.py
View File

@ -6,6 +6,7 @@ See the file 'doc/COPYING' for copying permission
""" """
import bdb import bdb
import logging
import os import os
import sys import sys
import time import time
@ -33,6 +34,7 @@ from lib.core.exception import SqlmapUserQuitException
from lib.core.option import init from lib.core.option import init
from lib.core.profiling import profile from lib.core.profiling import profile
from lib.core.settings import LEGAL_DISCLAIMER from lib.core.settings import LEGAL_DISCLAIMER
from lib.core.settings import XMLRPC_SERVER_PORT
from lib.core.testing import smokeTest from lib.core.testing import smokeTest
from lib.core.testing import liveTest from lib.core.testing import liveTest
from lib.parse.cmdline import cmdLineParser from lib.parse.cmdline import cmdLineParser
@ -63,7 +65,8 @@ def main():
cmdLineOptions.update(cmdLineParser().__dict__) cmdLineOptions.update(cmdLineParser().__dict__)
if cmdLineOptions.xmlRpc: if cmdLineOptions.xmlRpc:
server = XMLRPCServer() logger.setLevel(logging.INFO)
server = XMLRPCServer(cmdLineOptions.xmlRpcPort or XMLRPC_SERVER_PORT)
server.serve() server.serve()
else: else:
init(cmdLineOptions) init(cmdLineOptions)

4
lib/core/common.py
View File

@ -421,11 +421,11 @@ class Backend:
dbms = Backend.getForcedDbms() dbms = Backend.getForcedDbms()
elif Backend.getDbms() is not None: elif Backend.getDbms() is not None:
dbms = kb.dbms dbms = kb.dbms
elif conf.get('dbms'): elif conf.get("dbms"):
dbms = conf.dbms dbms = conf.dbms
elif Backend.getErrorParsedDBMSes(): elif Backend.getErrorParsedDBMSes():
dbms = unArrayizeValue(Backend.getErrorParsedDBMSes()) dbms = unArrayizeValue(Backend.getErrorParsedDBMSes())
elif kb.injection.dbms: elif kb.get("injection") and kb.injection.dbms:
dbms = unArrayizeValue(kb.injection.dbms) dbms = unArrayizeValue(kb.injection.dbms)
return aliasToDbmsEnum(dbms) return aliasToDbmsEnum(dbms)

2
lib/core/settings.py
View File

@ -483,7 +483,7 @@ EVENTVALIDATION_REGEX = r'(?i)(?P<name>__EVENTVALIDATION[^"]*)[^>]+value="(?P<re
LIMITED_ROWS_TEST_NUMBER = 15 LIMITED_ROWS_TEST_NUMBER = 15
# Default TCP port used for XML-RPC server instance # Default TCP port used for XML-RPC server instance
XML_RPC_SERVER_PORT = 8776 XMLRPC_SERVER_PORT = 8776
# Regular expression for SOAP-like POST data # Regular expression for SOAP-like POST data
SOAP_RECOGNITION_REGEX = r"(?s)\A(<\?xml[^>]+>)?\s*<([^> ]+)( [^>]+)?>.+</\2.*>\s*\Z" SOAP_RECOGNITION_REGEX = r"(?s)\A(<\?xml[^>]+>)?\s*<([^> ]+)( [^>]+)?>.+</\2.*>\s*\Z"

3
lib/parse/cmdline.py
View File

@ -685,6 +685,9 @@ def cmdLineParser():
parser.add_option("--xmlrpc", dest="xmlRpc", action="store_true", parser.add_option("--xmlrpc", dest="xmlRpc", action="store_true",
help=SUPPRESS_HELP) help=SUPPRESS_HELP)
parser.add_option("--xmlrpc-port", dest="xmlRpcPort", type="int",
help=SUPPRESS_HELP)
parser.add_option_group(target) parser.add_option_group(target)
parser.add_option_group(request) parser.add_option_group(request)
parser.add_option_group(optimization) parser.add_option_group(optimization)

55
lib/utils/xmlrpc.py
View File

@ -5,18 +5,25 @@ Copyright (c) 2006-2012 sqlmap developers (http://sqlmap.org/)
See the file 'doc/COPYING' for copying permission See the file 'doc/COPYING' for copying permission
""" """
from SimpleXMLRPCServer import SimpleXMLRPCServer import sys
import xmlrpclib
from lib.controller.controller import start try:
from lib.core.datatype import AttribDict from SimpleXMLRPCServer import SimpleXMLRPCServer
from lib.core.data import cmdLineOptions
from lib.core.data import logger from lib.controller.controller import start
from lib.core.option import init from lib.core.datatype import AttribDict
from lib.core.settings import XML_RPC_SERVER_PORT from lib.core.data import cmdLineOptions
from lib.core.settings import UNICODE_ENCODING from lib.core.data import logger
from lib.core.option import init
from lib.core.settings import UNICODE_ENCODING
from lib.core.settings import XMLRPC_SERVER_PORT
except ImportError:
pass
class XMLRPCServer: class XMLRPCServer:
def __init__(self): def __init__(self, port):
self.port = port
self.reset() self.reset()
def reset(self): def reset(self):
@ -36,11 +43,37 @@ class XMLRPCServer:
return start() return start()
def serve(self): def serve(self):
server = SimpleXMLRPCServer(addr=("", XML_RPC_SERVER_PORT), logRequests=False, allow_none=True, encoding=UNICODE_ENCODING) server = SimpleXMLRPCServer(addr=("", self.port), logRequests=False, allow_none=True, encoding=UNICODE_ENCODING)
server.register_introspection_functions()
server.register_function(self.reset) server.register_function(self.reset)
server.register_function(self.set_option) server.register_function(self.set_option)
server.register_function(self.get_option) server.register_function(self.get_option)
server.register_function(self.get_option_names) server.register_function(self.get_option_names)
server.register_function(self.run) server.register_function(self.run)
logger.info("Registering RPC methods: %s" % str(server.system_listMethods()).strip("[]"))
server.register_introspection_functions()
logger.info("Running XML-RPC server at '0.0.0.0:%d'..." % self.port)
server.serve_forever() server.serve_forever()
if __name__ == "__main__":
try:
import readline
except ImportError:
pass
server = xmlrpclib.ServerProxy("http://localhost:%d" % (int(sys.argv[1]) if len(sys.argv) > 1 else 8776))
print "[o] Server instance: 'server'"
print "[i] Available RPC methods: %s" % str(server.system.listMethods()).strip("[]")
print "[i] Sample usage: 'server.system.listMethods()'"
while True:
try:
_ = raw_input("> ")
if not _.startswith("print"):
print eval(_) or ""
else:
exec(_)
except KeyboardInterrupt:
exit(0)
except Exception, ex:
print "[x] '%s'" % str(ex)