sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-02-02 20:54:13 +03:00
Code Issues Packages Projects Releases Wiki Activity

Some more trivial refactoring

Browse Source
This commit is contained in:
Miroslav Stampar 2017-10-31 10:27:58 +01:00
parent 496075ef20
commit b1a898662d
1 changed files with 16 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
lib/core/common.py
View File

@ -2333,7 +2333,7 @@ def longestCommonPrefix(*sequences):
return sequences[0] return sequences[0]
def commonFinderOnly(initial, sequence): def commonFinderOnly(initial, sequence):
return longestCommonPrefix(*filter(lambda x: x.startswith(initial), sequence)) return longestCommonPrefix(*filter(lambda _: _.startswith(initial), sequence))
def pushValue(value): def pushValue(value):
""" """
@ -2431,7 +2431,7 @@ def adjustTimeDelay(lastQueryDuration, lowerStdLimit):
if candidate: if candidate:
kb.delayCandidates = [candidate] + kb.delayCandidates[:-1] kb.delayCandidates = [candidate] + kb.delayCandidates[:-1]
if all((x == candidate for x in kb.delayCandidates)) and candidate < conf.timeSec: if all((_ == candidate for _ in kb.delayCandidates)) and candidate < conf.timeSec:
conf.timeSec = candidate conf.timeSec = candidate
infoMsg = "adjusting time delay to " infoMsg = "adjusting time delay to "
@ -2543,8 +2543,8 @@ def urldecode(value, encoding=None, unsafe="%%&=;+%s" % CUSTOM_INJECTION_MARK_CH
return char if char in charset else match.group(0) return char if char in charset else match.group(0)
result = value result = value
if plusspace: if plusspace:
result = result.replace("+", " ") # plus sign has a special meaning in URL encoded data (hence the usage of urllib.unquote_plus in convall case) result = result.replace('+', ' ') # plus sign has a special meaning in URL encoded data (hence the usage of urllib.unquote_plus in convall case)
result = re.sub("%([0-9a-fA-F]{2})", _, result) result = re.sub(r"%([0-9a-fA-F]{2})", _, result)
if isinstance(result, str): if isinstance(result, str):
result = unicode(result, encoding or UNICODE_ENCODING, "replace") result = unicode(result, encoding or UNICODE_ENCODING, "replace")
@ -2944,8 +2944,8 @@ def isStackingAvailable():
retVal = True retVal = True
else: else:
for technique in getPublicTypeMembers(PAYLOAD.TECHNIQUE, True): for technique in getPublicTypeMembers(PAYLOAD.TECHNIQUE, True):
_ = getTechniqueData(technique) data = getTechniqueData(technique)
if _ and "stacked" in _["title"].lower(): if data and "stacked" in data["title"].lower():
retVal = True retVal = True
break break
@ -3007,7 +3007,7 @@ def saveConfig(conf, filename):
if option in defaults: if option in defaults:
value = str(defaults[option]) value = str(defaults[option])
else: else:
value = "0" value = '0'
elif datatype == OPTION_TYPE.STRING: elif datatype == OPTION_TYPE.STRING:
value = "" value = ""
@ -3131,7 +3131,7 @@ def getSortedInjectionTests():
if test.stype == PAYLOAD.TECHNIQUE.UNION: if test.stype == PAYLOAD.TECHNIQUE.UNION:
retVal = SORT_ORDER.LAST retVal = SORT_ORDER.LAST
elif 'details' in test and 'dbms' in test.details: elif "details" in test and "dbms" in test.details:
if intersect(test.details.dbms, Backend.getIdentifiedDbms()): if intersect(test.details.dbms, Backend.getIdentifiedDbms()):
retVal = SORT_ORDER.SECOND retVal = SORT_ORDER.SECOND
else: else:
@ -3210,7 +3210,7 @@ def decodeIntToUnicode(value):
raw = hexdecode(_) raw = hexdecode(_)
if Backend.isDbms(DBMS.MYSQL): if Backend.isDbms(DBMS.MYSQL):
# https://github.com/sqlmapproject/sqlmap/issues/1531 # Note: https://github.com/sqlmapproject/sqlmap/issues/1531
retVal = getUnicode(raw, conf.encoding or UNICODE_ENCODING) retVal = getUnicode(raw, conf.encoding or UNICODE_ENCODING)
elif Backend.isDbms(DBMS.MSSQL): elif Backend.isDbms(DBMS.MSSQL):
retVal = getUnicode(raw, "UTF-16-BE") retVal = getUnicode(raw, "UTF-16-BE")
@ -3387,7 +3387,7 @@ def maskSensitiveData(msg):
retVal = retVal.replace(match.group(3), '*' * len(match.group(3))) retVal = retVal.replace(match.group(3), '*' * len(match.group(3)))
if getpass.getuser(): if getpass.getuser():
retVal = re.sub(r"(?i)\b%s\b" % re.escape(getpass.getuser()), "*" * len(getpass.getuser()), retVal) retVal = re.sub(r"(?i)\b%s\b" % re.escape(getpass.getuser()), '*' * len(getpass.getuser()), retVal)
return retVal return retVal
@ -3462,7 +3462,7 @@ def removeReflectiveValues(content, payload, suppressWarning=False):
value = value.replace(2 * REFLECTED_REPLACEMENT_REGEX, REFLECTED_REPLACEMENT_REGEX) value = value.replace(2 * REFLECTED_REPLACEMENT_REGEX, REFLECTED_REPLACEMENT_REGEX)
return value return value
payload = getUnicode(urldecode(payload.replace(PAYLOAD_DELIMITER, ''), convall=True)) payload = getUnicode(urldecode(payload.replace(PAYLOAD_DELIMITER, ""), convall=True))
regex = _(filterStringValue(payload, r"[A-Za-z0-9]", REFLECTED_REPLACEMENT_REGEX.encode("string-escape"))) regex = _(filterStringValue(payload, r"[A-Za-z0-9]", REFLECTED_REPLACEMENT_REGEX.encode("string-escape")))
if regex != payload: if regex != payload:
@ -3518,7 +3518,7 @@ def removeReflectiveValues(content, payload, suppressWarning=False):
warnMsg = "reflective value(s) found and filtering out" warnMsg = "reflective value(s) found and filtering out"
singleTimeWarnMessage(warnMsg) singleTimeWarnMessage(warnMsg)
if re.search(r"FRAME[^>]+src=[^>]*%s" % REFLECTED_VALUE_MARKER, retVal, re.I): if re.search(r"(?i)FRAME[^>]+src=[^>]*%s" % REFLECTED_VALUE_MARKER, retVal):
warnMsg = "frames detected containing attacked parameter values. Please be sure to " warnMsg = "frames detected containing attacked parameter values. Please be sure to "
warnMsg += "test those separately in case that attack on this page fails" warnMsg += "test those separately in case that attack on this page fails"
singleTimeWarnMessage(warnMsg) singleTimeWarnMessage(warnMsg)
@ -3547,7 +3547,7 @@ def normalizeUnicode(value):
'sucuraj' 'sucuraj'
""" """
return unicodedata.normalize('NFKD', value).encode('ascii', 'ignore') if isinstance(value, unicode) else value return unicodedata.normalize("NFKD", value).encode("ascii", "ignore") if isinstance(value, unicode) else value
def safeSQLIdentificatorNaming(name, isTable=False): def safeSQLIdentificatorNaming(name, isTable=False):
""" """
@ -3669,7 +3669,7 @@ def expandMnemonics(mnemonics, parser, args):
for mnemonic in (mnemonics or "").split(','): for mnemonic in (mnemonics or "").split(','):
found = None found = None
name = mnemonic.split('=')[0].replace("-", "").strip() name = mnemonic.split('=')[0].replace('-', "").strip()
value = mnemonic.split('=')[1] if len(mnemonic.split('=')) > 1 else None value = mnemonic.split('=')[1] if len(mnemonic.split('=')) > 1 else None
pointer = head pointer = head
@ -4242,8 +4242,10 @@ def hashDBRetrieve(key, unserialize=False, checkConf=False):
_ = "%s%s%s" % (conf.url or "%s%s" % (conf.hostname, conf.port), key, HASHDB_MILESTONE_VALUE) _ = "%s%s%s" % (conf.url or "%s%s" % (conf.hostname, conf.port), key, HASHDB_MILESTONE_VALUE)
retVal = conf.hashDB.retrieve(_, unserialize) if kb.resumeValues and not (checkConf and any((conf.flushSession, conf.freshQueries))) else None retVal = conf.hashDB.retrieve(_, unserialize) if kb.resumeValues and not (checkConf and any((conf.flushSession, conf.freshQueries))) else None
if not kb.inferenceMode and not kb.fileReadMode and isinstance(retVal, basestring) and any(_ in retVal for _ in (PARTIAL_VALUE_MARKER, PARTIAL_HEX_VALUE_MARKER)): if not kb.inferenceMode and not kb.fileReadMode and isinstance(retVal, basestring) and any(_ in retVal for _ in (PARTIAL_VALUE_MARKER, PARTIAL_HEX_VALUE_MARKER)):
retVal = None retVal = None
return retVal return retVal
def resetCookieJar(cookieJar): def resetCookieJar(cookieJar):