mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2024-11-28 20:43:49 +03:00
Minor cleanup and initial work for #58
This commit is contained in:
parent
4beef0900d
commit
a711c9ed36
|
@ -2768,7 +2768,7 @@ def maskSensitiveData(msg):
|
||||||
|
|
||||||
retVal = msg
|
retVal = msg
|
||||||
|
|
||||||
for item in filter(None, map(lambda x: conf.get(x), ("hostname", "googleDork", "aCred", "pCred", "tbl", "db", "col", "user", "cookie", "proxy"))):
|
for item in filter(None, map(lambda x: conf.get(x), ("hostname", "googleDork", "authCred", "proxyCred", "tbl", "db", "col", "user", "cookie", "proxy"))):
|
||||||
regex = SENSITIVE_DATA_REGEX % re.sub("(\W)", r"\\\1", item)
|
regex = SENSITIVE_DATA_REGEX % re.sub("(\W)", r"\\\1", item)
|
||||||
while extractRegexResult(regex, retVal):
|
while extractRegexResult(regex, retVal):
|
||||||
value = extractRegexResult(regex, retVal)
|
value = extractRegexResult(regex, retVal)
|
||||||
|
|
|
@ -180,7 +180,7 @@ def _urllib2Opener():
|
||||||
if conf.proxy:
|
if conf.proxy:
|
||||||
warnMsg += "with HTTP(s) proxy"
|
warnMsg += "with HTTP(s) proxy"
|
||||||
logger.warn(warnMsg)
|
logger.warn(warnMsg)
|
||||||
elif conf.aType:
|
elif conf.authType:
|
||||||
warnMsg += "with authentication methods"
|
warnMsg += "with authentication methods"
|
||||||
logger.warn(warnMsg)
|
logger.warn(warnMsg)
|
||||||
else:
|
else:
|
||||||
|
@ -1011,8 +1011,8 @@ def _setHTTPProxy():
|
||||||
errMsg = "proxy value must be in format '(%s)://url:port'" % "|".join(_[0].lower() for _ in getPublicTypeMembers(PROXY_TYPE))
|
errMsg = "proxy value must be in format '(%s)://url:port'" % "|".join(_[0].lower() for _ in getPublicTypeMembers(PROXY_TYPE))
|
||||||
raise SqlmapSyntaxException(errMsg)
|
raise SqlmapSyntaxException(errMsg)
|
||||||
|
|
||||||
if conf.pCred:
|
if conf.proxyCred:
|
||||||
_ = re.search("^(.*?):(.*?)$", conf.pCred)
|
_ = re.search("^(.*?):(.*?)$", conf.proxyCred)
|
||||||
if not _:
|
if not _:
|
||||||
errMsg = "Proxy authentication credentials "
|
errMsg = "Proxy authentication credentials "
|
||||||
errMsg += "value must be in format username:password"
|
errMsg += "value must be in format username:password"
|
||||||
|
@ -1025,9 +1025,9 @@ def _setHTTPProxy():
|
||||||
socks.setdefaultproxy(socks.PROXY_TYPE_SOCKS5 if scheme == PROXY_TYPE.SOCKS5 else socks.PROXY_TYPE_SOCKS4, hostname, port, username=username, password=password)
|
socks.setdefaultproxy(socks.PROXY_TYPE_SOCKS5 if scheme == PROXY_TYPE.SOCKS5 else socks.PROXY_TYPE_SOCKS4, hostname, port, username=username, password=password)
|
||||||
socks.wrapmodule(urllib2)
|
socks.wrapmodule(urllib2)
|
||||||
else:
|
else:
|
||||||
if conf.pCred:
|
if conf.proxyCred:
|
||||||
# Reference: http://stackoverflow.com/questions/34079/how-to-specify-an-authenticated-proxy-for-a-python-http-connection
|
# Reference: http://stackoverflow.com/questions/34079/how-to-specify-an-authenticated-proxy-for-a-python-http-connection
|
||||||
proxyString = "%s@" % conf.pCred
|
proxyString = "%s@" % conf.proxyCred
|
||||||
else:
|
else:
|
||||||
proxyString = ""
|
proxyString = ""
|
||||||
|
|
||||||
|
@ -1097,24 +1097,24 @@ def _setHTTPAuthentication():
|
||||||
|
|
||||||
global authHandler
|
global authHandler
|
||||||
|
|
||||||
if not conf.aType and not conf.aCred and not conf.aCert:
|
if not conf.authType and not conf.authCred and not conf.authCert:
|
||||||
return
|
return
|
||||||
|
|
||||||
elif conf.aType and not conf.aCred and not conf.aCert:
|
elif conf.authType and not conf.authCred and not conf.authCert:
|
||||||
errMsg = "you specified the HTTP authentication type, but "
|
errMsg = "you specified the HTTP authentication type, but "
|
||||||
errMsg += "did not provide the credentials"
|
errMsg += "did not provide the credentials"
|
||||||
raise SqlmapSyntaxException(errMsg)
|
raise SqlmapSyntaxException(errMsg)
|
||||||
|
|
||||||
elif not conf.aType and conf.aCred:
|
elif not conf.authType and conf.authCred:
|
||||||
errMsg = "you specified the HTTP authentication credentials, "
|
errMsg = "you specified the HTTP authentication credentials, "
|
||||||
errMsg += "but did not provide the type"
|
errMsg += "but did not provide the type"
|
||||||
raise SqlmapSyntaxException(errMsg)
|
raise SqlmapSyntaxException(errMsg)
|
||||||
|
|
||||||
if not conf.aCert:
|
if not conf.authCert:
|
||||||
debugMsg = "setting the HTTP authentication type and credentials"
|
debugMsg = "setting the HTTP authentication type and credentials"
|
||||||
logger.debug(debugMsg)
|
logger.debug(debugMsg)
|
||||||
|
|
||||||
aTypeLower = conf.aType.lower()
|
aTypeLower = conf.authType.lower()
|
||||||
|
|
||||||
if aTypeLower not in (AUTH_TYPE.BASIC, AUTH_TYPE.DIGEST, AUTH_TYPE.NTLM, AUTH_TYPE.CERT):
|
if aTypeLower not in (AUTH_TYPE.BASIC, AUTH_TYPE.DIGEST, AUTH_TYPE.NTLM, AUTH_TYPE.CERT):
|
||||||
errMsg = "HTTP authentication type value must be "
|
errMsg = "HTTP authentication type value must be "
|
||||||
|
@ -1133,7 +1133,7 @@ def _setHTTPAuthentication():
|
||||||
errMsg += "usage of option `--auth-cert`"
|
errMsg += "usage of option `--auth-cert`"
|
||||||
raise SqlmapSyntaxException(errMsg)
|
raise SqlmapSyntaxException(errMsg)
|
||||||
|
|
||||||
aCredRegExp = re.search(regExp, conf.aCred)
|
aCredRegExp = re.search(regExp, conf.authCred)
|
||||||
|
|
||||||
if not aCredRegExp:
|
if not aCredRegExp:
|
||||||
raise SqlmapSyntaxException(errMsg)
|
raise SqlmapSyntaxException(errMsg)
|
||||||
|
@ -1165,7 +1165,7 @@ def _setHTTPAuthentication():
|
||||||
debugMsg = "setting the HTTP(s) authentication certificate"
|
debugMsg = "setting the HTTP(s) authentication certificate"
|
||||||
logger.debug(debugMsg)
|
logger.debug(debugMsg)
|
||||||
|
|
||||||
aCertRegExp = re.search("^(.+?),\s*(.+?)$", conf.aCert)
|
aCertRegExp = re.search("^(.+?),\s*(.+?)$", conf.authCert)
|
||||||
|
|
||||||
if not aCertRegExp:
|
if not aCertRegExp:
|
||||||
errMsg = "HTTP authentication certificate option "
|
errMsg = "HTTP authentication certificate option "
|
||||||
|
|
|
@ -33,11 +33,12 @@ optDict = {
|
||||||
"host": "string",
|
"host": "string",
|
||||||
"referer": "string",
|
"referer": "string",
|
||||||
"headers": "string",
|
"headers": "string",
|
||||||
"aType": "string",
|
"authType": "string",
|
||||||
"aCred": "string",
|
"authCred": "string",
|
||||||
"aCert": "string",
|
"authCert": "string",
|
||||||
"proxy": "string",
|
"proxy": "string",
|
||||||
"pCred": "string",
|
"proxyCred": "string",
|
||||||
|
"proxyFile": "string",
|
||||||
"ignoreProxy": "boolean",
|
"ignoreProxy": "boolean",
|
||||||
"tor": "boolean",
|
"tor": "boolean",
|
||||||
"torPort": "integer",
|
"torPort": "integer",
|
||||||
|
|
|
@ -108,25 +108,28 @@ def cmdLineParser():
|
||||||
request.add_option("--headers", dest="headers",
|
request.add_option("--headers", dest="headers",
|
||||||
help="Extra headers (e.g. \"Accept-Language: fr\\nETag: 123\")")
|
help="Extra headers (e.g. \"Accept-Language: fr\\nETag: 123\")")
|
||||||
|
|
||||||
request.add_option("--auth-type", dest="aType",
|
request.add_option("--auth-type", dest="authType",
|
||||||
help="HTTP authentication type "
|
help="HTTP authentication type "
|
||||||
"(Basic, Digest, NTLM or Cert)")
|
"(Basic, Digest, NTLM or Cert)")
|
||||||
|
|
||||||
request.add_option("--auth-cred", dest="aCred",
|
request.add_option("--auth-cred", dest="authCred",
|
||||||
help="HTTP authentication credentials "
|
help="HTTP authentication credentials "
|
||||||
"(name:password)")
|
"(name:password)")
|
||||||
|
|
||||||
request.add_option("--auth-cert", dest="aCert",
|
request.add_option("--auth-cert", dest="authCert",
|
||||||
help="HTTP authentication certificate ("
|
help="HTTP authentication certificate ("
|
||||||
"key_file,cert_file)")
|
"key_file,cert_file)")
|
||||||
|
|
||||||
request.add_option("--proxy", dest="proxy",
|
request.add_option("--proxy", dest="proxy",
|
||||||
help="Use a proxy to connect to the target URL")
|
help="Use a proxy to connect to the target URL")
|
||||||
|
|
||||||
request.add_option("--proxy-cred", dest="pCred",
|
request.add_option("--proxy-cred", dest="proxyCred",
|
||||||
help="Proxy authentication credentials "
|
help="Proxy authentication credentials "
|
||||||
"(name:password)")
|
"(name:password)")
|
||||||
|
|
||||||
|
request.add_option("--proxy-file", dest="proxyFile",
|
||||||
|
help="Load proxy list from a file")
|
||||||
|
|
||||||
request.add_option("--ignore-proxy", dest="ignoreProxy", action="store_true",
|
request.add_option("--ignore-proxy", dest="ignoreProxy", action="store_true",
|
||||||
help="Ignore system default proxy settings")
|
help="Ignore system default proxy settings")
|
||||||
|
|
||||||
|
|
|
@ -372,7 +372,7 @@ class Connect(object):
|
||||||
|
|
||||||
conn = urllib2.urlopen(req)
|
conn = urllib2.urlopen(req)
|
||||||
|
|
||||||
if not kb.authHeader and getRequestHeader(req, HTTP_HEADER.AUTHORIZATION) and conf.aType == AUTH_TYPE.BASIC:
|
if not kb.authHeader and getRequestHeader(req, HTTP_HEADER.AUTHORIZATION) and conf.authType == AUTH_TYPE.BASIC:
|
||||||
kb.authHeader = getRequestHeader(req, HTTP_HEADER.AUTHORIZATION)
|
kb.authHeader = getRequestHeader(req, HTTP_HEADER.AUTHORIZATION)
|
||||||
|
|
||||||
if not kb.proxyAuthHeader and getRequestHeader(req, HTTP_HEADER.PROXY_AUTHORIZATION):
|
if not kb.proxyAuthHeader and getRequestHeader(req, HTTP_HEADER.PROXY_AUTHORIZATION):
|
||||||
|
|
14
sqlmap.conf
14
sqlmap.conf
|
@ -18,6 +18,9 @@ url =
|
||||||
# 'conversations/' folder path
|
# 'conversations/' folder path
|
||||||
logFile =
|
logFile =
|
||||||
|
|
||||||
|
# Scan multiple targets enlisted in a given textual file
|
||||||
|
bulkFile =
|
||||||
|
|
||||||
# Load HTTP request from a file
|
# Load HTTP request from a file
|
||||||
# Example (file content): POST /login.jsp HTTP/1.1\nHost: example.com\nUser-Agent: Mozilla/4.0\n\nuserid=joe&password=guessme
|
# Example (file content): POST /login.jsp HTTP/1.1\nHost: example.com\nUser-Agent: Mozilla/4.0\n\nuserid=joe&password=guessme
|
||||||
requestFile =
|
requestFile =
|
||||||
|
@ -76,17 +79,17 @@ headers = Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9
|
||||||
# HTTP Authentication type. Useful only if the target URL requires
|
# HTTP Authentication type. Useful only if the target URL requires
|
||||||
# HTTP Basic, Digest or NTLM authentication and you have such data.
|
# HTTP Basic, Digest or NTLM authentication and you have such data.
|
||||||
# Valid: Basic, Digest, NTLM or Cert
|
# Valid: Basic, Digest, NTLM or Cert
|
||||||
aType =
|
authType =
|
||||||
|
|
||||||
# HTTP authentication credentials. Useful only if the target URL requires
|
# HTTP authentication credentials. Useful only if the target URL requires
|
||||||
# HTTP Basic, Digest or NTLM authentication and you have such data.
|
# HTTP Basic, Digest or NTLM authentication and you have such data.
|
||||||
# Syntax: username:password
|
# Syntax: username:password
|
||||||
aCred =
|
authCred =
|
||||||
|
|
||||||
# HTTP Authentication certificate. Useful only if the target URL requires
|
# HTTP Authentication certificate. Useful only if the target URL requires
|
||||||
# logon certificate and you have such data.
|
# logon certificate and you have such data.
|
||||||
# Syntax: key_file,cert_file
|
# Syntax: key_file,cert_file
|
||||||
aCert =
|
authCert =
|
||||||
|
|
||||||
# Use a proxy to connect to the target URL.
|
# Use a proxy to connect to the target URL.
|
||||||
# Syntax: http://address:port
|
# Syntax: http://address:port
|
||||||
|
@ -95,7 +98,10 @@ proxy =
|
||||||
# Proxy authentication credentials. Useful only if the proxy requires
|
# Proxy authentication credentials. Useful only if the proxy requires
|
||||||
# Basic or Digest authentication and you have such data.
|
# Basic or Digest authentication and you have such data.
|
||||||
# Syntax: username:password
|
# Syntax: username:password
|
||||||
pCred =
|
proxyCred =
|
||||||
|
|
||||||
|
# Load proxy list from a file
|
||||||
|
proxyFile =
|
||||||
|
|
||||||
# Ignore system default proxy settings.
|
# Ignore system default proxy settings.
|
||||||
# Valid: True or False
|
# Valid: True or False
|
||||||
|
|
|
@ -3423,8 +3423,8 @@
|
||||||
<switches>
|
<switches>
|
||||||
<url value="http://debiandev/sqlmap/mysql/basic/get_int.php?id=1"/>
|
<url value="http://debiandev/sqlmap/mysql/basic/get_int.php?id=1"/>
|
||||||
<tech value="E"/>
|
<tech value="E"/>
|
||||||
<aType value="Basic"/>
|
<authType value="Basic"/>
|
||||||
<aCred value="testuser:testpass"/>
|
<authCred value="testuser:testpass"/>
|
||||||
<getBanner value="True"/>
|
<getBanner value="True"/>
|
||||||
</switches>
|
</switches>
|
||||||
<parse>
|
<parse>
|
||||||
|
@ -3435,8 +3435,8 @@
|
||||||
<switches>
|
<switches>
|
||||||
<url value="http://debiandev/sqlmap/mysql/digest/get_int.php?id=1"/>
|
<url value="http://debiandev/sqlmap/mysql/digest/get_int.php?id=1"/>
|
||||||
<tech value="E"/>
|
<tech value="E"/>
|
||||||
<aType value="Digest"/>
|
<authType value="Digest"/>
|
||||||
<aCred value="testuser:testpass"/>
|
<authCred value="testuser:testpass"/>
|
||||||
<getBanner value="True"/>
|
<getBanner value="True"/>
|
||||||
</switches>
|
</switches>
|
||||||
<parse>
|
<parse>
|
||||||
|
|
Loading…
Reference in New Issue
Block a user