From b0ab8378321178ef85dc443d15de72b308621979 Mon Sep 17 00:00:00 2001 From: Bernardo Damele Date: Fri, 20 Jul 2012 21:46:36 +0100 Subject: [PATCH] minor code refactoring and implemented issue #95 --- plugins/generic/entries.py | 69 +++++++++++++++++++++++++++++++++----- plugins/generic/search.py | 19 +++++++++-- 2 files changed, 77 insertions(+), 11 deletions(-) diff --git a/plugins/generic/entries.py b/plugins/generic/entries.py index 9920fa591..1c5f774d7 100644 --- a/plugins/generic/entries.py +++ b/plugins/generic/entries.py @@ -483,14 +483,6 @@ class Entries: logger.info(infoMsg) def dumpFoundColumn(self, dbs, foundCols, colConsider): - if not dbs: - warnMsg = "no databases have tables containing any of the " - warnMsg += "provided columns" - logger.warn(warnMsg) - return - - conf.dumper.dbColumns(foundCols, colConsider, dbs) - message = "do you want to dump entries? [Y/n] " output = readInput(message, default="Y") @@ -552,3 +544,64 @@ class Entries: if data: conf.dumper.dbTableValues(data) + + def dumpFoundTables(self, tables): + print "tables:", tables + + message = "do you want to dump tables' entries? [Y/n] " + output = readInput(message, default="Y") + + if output and output[0].lower() != "y": + return + + dumpFromDbs = [] + message = "which database(s)?\n[a]ll (default)\n" + + for db, tablesList in tables.items(): + if tablesList: + message += "[%s]\n" % db + + message += "[q]uit" + test = readInput(message, default="a") + + if not test or test.lower() == "a": + dumpFromDbs = tables.keys() + elif test.lower() == "q": + return + else: + dumpFromDbs = test.replace(" ", "").split(",") + + for db, tablesList in tables.items(): + if db not in dumpFromDbs or not tablesList: + continue + + conf.db = db + dumpFromTbls = [] + message = "which table(s) of database '%s'?\n" % db + message += "[a]ll (default)\n" + + for tbl in tablesList: + message += "[%s]\n" % tbl + + message += "[s]kip\n" + message += "[q]uit" + test = readInput(message, default="a") + + if not test or test.lower() == "a": + dumpFromTbls = tablesList + elif test.lower() == "s": + continue + elif test.lower() == "q": + return + else: + dumpFromTbls = test.replace(" ", "").split(",") + + for table in dumpFromTbls: + conf.tbl = table + kb.data.cachedColumns = {} + kb.data.dumpedTable = {} + + data = self.dumpTable() + + if data: + conf.dumper.dbTableValues(data) diff --git a/plugins/generic/search.py b/plugins/generic/search.py index 89af024aa..fbc83dafa 100644 --- a/plugins/generic/search.py +++ b/plugins/generic/search.py @@ -282,7 +282,13 @@ class Search: foundTbl = safeSQLIdentificatorNaming(foundTbl, True) foundTbls[db].append(foundTbl) - return foundTbls + if not foundTbls: + warnMsg = "no databases contain any of the provided tables" + logger.warn(warnMsg) + return + + conf.dumper.dbTables(foundTbls) + self.dumpFoundTables(foundTbls) def searchColumn(self): bruteForce = False @@ -519,6 +525,13 @@ class Search: else: foundCols[column][db] = [tbl] + if not foundCols: + warnMsg = "no databases have tables containing any of the " + warnMsg += "provided columns" + logger.warn(warnMsg) + return + + conf.dumper.dbColumns(foundCols, colConsider, dbs) self.dumpFoundColumn(dbs, foundCols, colConsider) def search(self): @@ -531,12 +544,12 @@ class Search: self.searchColumn() elif conf.tbl: - conf.dumper.dbTables(self.searchTable()) + self.searchTable() elif conf.db: conf.dumper.lister("found databases", self.searchDb()) else: - errMsg = "missing parameter, provide -D, -T or -C together " + errMsg = "missing parameter, provide -D, -T or -C along " errMsg += "with --search" raise sqlmapMissingMandatoryOptionException, errMsg