sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-01-24 08:14:24 +03:00
Code Issues Packages Projects Releases Wiki Activity

first steps to allow multiple scans on the same taskid - issue #297

Browse Source
This commit is contained in:
Bernardo Damele 2013-02-07 00:05:26 +00:00
parent dd6c73ea24
commit b477c56b52
3 changed files with 41 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
lib/core/common.py
View File

@ -245,8 +245,12 @@ class Format(object):
"""
infoStr = ""
infoApi = {}
if info and "type" in info:
if hasattr(conf, "api"):
infoApi["%s operating system" % target] = info
else:
infoStr += "%s operating system: %s" % (target, Format.humanize(info["type"]))
if "distrib" in info:
@ -262,8 +266,14 @@ class Format(object):
infoStr += " (%s)" % Format.humanize(info["codename"])
if "technology" in info:
if hasattr(conf, "api"):
infoApi["web application technology"] = Format.humanize(info["technology"], ", ")
else:
infoStr += "\nweb application technology: %s" % Format.humanize(info["technology"], ", ")
if hasattr(conf, "api"):
return infoApi
else:
return infoStr.lstrip()
class Backend:

21
lib/utils/api.py
View File

@ -129,6 +129,7 @@ class Task(object):
return self.options
def set_output_directory(self):
if not self.output_directory or not os.path.isdir(self.output_directory):
self.output_directory = tempfile.mkdtemp(prefix="sqlmapoutput-")
self.set_option("oDir", self.output_directory)
@ -180,6 +181,8 @@ class StdDbOut(object):
def write(self, value, status=CONTENT_STATUS.IN_PROGRESS, content_type=None):
if self.messagetype == "stdout":
insert = True
if content_type is None:
if kb.partRun is not None:
content_type = PART_RUN_CONTENT_TYPES.get(kb.partRun)
@ -189,28 +192,32 @@ class StdDbOut(object):
#print >>sys.__stdout__, "value: %s\nstatus: %d\ncontent_type: %d\nkb.partRun: %s\n--------------" % (value, status, content_type, kb.partRun)
output = conf.database_cursor.execute("SELECT id, value FROM data WHERE taskid = ? AND content_type = ?",
output = conf.database_cursor.execute("SELECT id, status, value FROM data WHERE taskid = ? AND content_type = ?",
(self.taskid, content_type))
# Delete partial output from IPC database if we have got a complete output
if status == CONTENT_STATUS.COMPLETE and len(output) > 0:
if status == CONTENT_STATUS.COMPLETE:
if len(output) > 0:
for index in xrange(0, len(output)-1):
if output[index][1] == CONTENT_STATUS.COMPLETE:
insert = False
else:
conf.database_cursor.execute("DELETE FROM data WHERE id = ?", (output[index][0],))
if insert:
conf.database_cursor.execute("INSERT INTO data VALUES(NULL, ?, ?, ?, ?)",
(self.taskid, status, content_type, jsonize(value)))
if kb.partRun:
kb.partRun = None
if status == CONTENT_STATUS.IN_PROGRESS:
elif status == CONTENT_STATUS.IN_PROGRESS:
if len(output) == 0:
conf.database_cursor.execute("INSERT INTO data VALUES(NULL, ?, ?, ?, ?)",
(self.taskid, status, content_type, jsonize(value)))
else:
new_value = "%s%s" % (dejsonize(output[0][1]), value)
new_value = "%s%s" % (dejsonize(output[0][2]), value)
conf.database_cursor.execute("UPDATE data SET value = ? WHERE id = ?",
(jsonize(new_value), output[0][0]))
else:
conf.database_cursor.execute("INSERT INTO data VALUES(NULL, ?, ?, ?, ?)",
(self.taskid, status, content_type, jsonize(value)))
else:
conf.database_cursor.execute("INSERT INTO errors VALUES(NULL, ?, ?)",
(self.taskid, str(value) if value else ""))

4
plugins/dbms/mysql/fingerprint.py
View File

@ -91,13 +91,13 @@ class Fingerprint(GenericFingerprint):
value = ""
wsOsFp = Format.getOs("web server", kb.headersFp)
if wsOsFp:
if wsOsFp and not hasattr(conf, "api"):
value += "%s\n" % wsOsFp
if kb.data.banner:
dbmsOsFp = Format.getOs("back-end DBMS", kb.bannerFp)
if dbmsOsFp:
if dbmsOsFp and not hasattr(conf, "api"):
value += "%s\n" % dbmsOsFp
value += "back-end DBMS: "