sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-03-03 19:55:47 +03:00
Code Issues Packages Projects Releases Wiki Activity

minor enhancements for debug purposes (issue #312)

Browse Source
This commit is contained in:
Bernardo Damele 2013-01-13 23:15:56 +00:00
parent fdd6075859
commit b74cfbf336
2 changed files with 23 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
lib/core/testing.py
View File

@ -33,6 +33,7 @@ from lib.core.settings import UNICODE_ENCODING
from lib.parse.cmdline import cmdLineParser from lib.parse.cmdline import cmdLineParser
failedItem = None failedItem = None
failedParseOn = None
def smokeTest(): def smokeTest():
""" """
@ -104,6 +105,7 @@ def liveTest():
This will run the test of a program against the live testing environment This will run the test of a program against the live testing environment
""" """
global failedItem global failedItem
global failedParseOn
retVal = True retVal = True
count = 0 count = 0
@ -165,12 +167,18 @@ def liveTest():
if result: if result:
logger.info("test passed") logger.info("test passed")
cleanCase()
else: else:
errMsg = "test failed " errMsg = "test failed "
if failedItem: if failedItem:
errMsg += "at parsing item: %s" % failedItem errMsg += "at parsing item: %s - scan folder is %s" % (failedItem, paths.SQLMAP_OUTPUT_PATH)
console_output_fd = open("%s%sconsole_output" % (paths.SQLMAP_OUTPUT_PATH, os.sep), "wb")
console_output_fd.write(failedParseOn)
console_output_fd.close()
logger.error(errMsg) logger.error(errMsg)
beep() beep()
if conf.stopFail is True: if conf.stopFail is True:
return retVal return retVal
@ -187,7 +195,9 @@ def liveTest():
def initCase(switches=None): def initCase(switches=None):
global failedItem global failedItem
global failedParseOn
failedItem = None failedItem = None
failedParseOn = None
paths.SQLMAP_OUTPUT_PATH = tempfile.mkdtemp(prefix="sqlmaptest-") paths.SQLMAP_OUTPUT_PATH = tempfile.mkdtemp(prefix="sqlmaptest-")
paths.SQLMAP_DUMP_PATH = os.path.join(paths.SQLMAP_OUTPUT_PATH, "%s", "dump") paths.SQLMAP_DUMP_PATH = os.path.join(paths.SQLMAP_OUTPUT_PATH, "%s", "dump")
@ -210,6 +220,7 @@ def cleanCase():
def runCase(switches=None, parse=None): def runCase(switches=None, parse=None):
global failedItem global failedItem
global failedParseOn
initCase(switches) initCase(switches)
@ -257,7 +268,9 @@ def runCase(switches=None, parse=None):
failedItem = item failedItem = item
break break
cleanCase() if failedItem is not None:
failedParseOn = console
return retVal return retVal
def replaceVars(item, vars_): def replaceVars(item, vars_):

12
xml/livetests.xml
View File

@ -76,6 +76,7 @@
<db value="testdb"/> <db value="testdb"/>
<tbl value="users"/> <tbl value="users"/>
<excludeSysDbs value="True"/> <excludeSysDbs value="True"/>
<answers value="do you want to perform a dictionary-based attack against retrieved password hashes=N"/>
</switches> </switches>
<parse> <parse>
<item value="Title: MySQL &gt;= 5.0 AND error-based - WHERE or HAVING clause"/> <item value="Title: MySQL &gt;= 5.0 AND error-based - WHERE or HAVING clause"/>
@ -86,7 +87,7 @@
<item value="hostname: 'debian"/> <item value="hostname: 'debian"/>
<item value="current user is DBA: True"/> <item value="current user is DBA: True"/>
<item value="r'database management system users \[.+'debian-sys-maint'@'localhost'.+'root'@''"/> <item value="r'database management system users \[.+'debian-sys-maint'@'localhost'.+'root'@''"/>
<item value="r'database management system users password hashes:.+root \[.+password hash: \*00E247AC5F9AF26AE0194B41E1E769DEE1429A29.+clear-text password: testpass'"/> <item value="r'database management system users password hashes:.+root \[.+password hash: \*00E247AC5F9AF26AE0194B41E1E769DEE1429A29'"/>
<item value="r'database management system users privileges:.+debian-sys-maint.+\(administrator\).+root.+\(administrator\).+privilege: SUPER'"/> <item value="r'database management system users privileges:.+debian-sys-maint.+\(administrator\).+root.+\(administrator\).+privilege: SUPER'"/>
<item value="r'database management system users roles:.+debian-sys-maint.+\[.+root.+\[.+role: SUPER'"/> <item value="r'database management system users roles:.+debian-sys-maint.+\[.+root.+\[.+role: SUPER'"/>
<item value="r'available databases \[.+information_schema.+mysql.+owasp10.+testdb'"/> <item value="r'available databases \[.+information_schema.+mysql.+owasp10.+testdb'"/>
@ -119,6 +120,7 @@
<db value="testdb"/> <db value="testdb"/>
<tbl value="users"/> <tbl value="users"/>
<excludeSysDbs value="True"/> <excludeSysDbs value="True"/>
<answers value="do you want to perform a dictionary-based attack against retrieved password hashes=N"/>
</switches> </switches>
<parse> <parse>
<item value="Title: MySQL UNION query (NULL) - 3 columns"/> <item value="Title: MySQL UNION query (NULL) - 3 columns"/>
@ -129,7 +131,7 @@
<item value="hostname: 'debian"/> <item value="hostname: 'debian"/>
<item value="current user is DBA: True"/> <item value="current user is DBA: True"/>
<item value="r'database management system users \[.+'debian-sys-maint'@'localhost'.+'root'@''"/> <item value="r'database management system users \[.+'debian-sys-maint'@'localhost'.+'root'@''"/>
<item value="r'database management system users password hashes:.+root \[.+password hash: \*00E247AC5F9AF26AE0194B41E1E769DEE1429A29.+clear-text password: testpass'"/> <item value="r'database management system users password hashes:.+root \[.+password hash: \*00E247AC5F9AF26AE0194B41E1E769DEE1429A29'"/>
<item value="r'database management system users privileges:.+debian-sys-maint.+\(administrator\).+root.+\(administrator\).+privilege: SUPER'"/> <item value="r'database management system users privileges:.+debian-sys-maint.+\(administrator\).+root.+\(administrator\).+privilege: SUPER'"/>
<item value="r'database management system users roles:.+debian-sys-maint.+\[.+root.+\[.+role: SUPER'"/> <item value="r'database management system users roles:.+debian-sys-maint.+\[.+root.+\[.+role: SUPER'"/>
<item value="r'available databases \[.+information_schema.+mysql.+owasp10.+testdb'"/> <item value="r'available databases \[.+information_schema.+mysql.+owasp10.+testdb'"/>
@ -162,6 +164,7 @@
<db value="testdb"/> <db value="testdb"/>
<tbl value="users"/> <tbl value="users"/>
<excludeSysDbs value="True"/> <excludeSysDbs value="True"/>
<answers value="do you want to perform a dictionary-based attack against retrieved password hashes=N"/>
</switches> </switches>
<parse> <parse>
<item value="Title: MySQL UNION query (NULL) - 3 columns"/> <item value="Title: MySQL UNION query (NULL) - 3 columns"/>
@ -172,7 +175,7 @@
<item value="hostname: 'debian"/> <item value="hostname: 'debian"/>
<item value="current user is DBA: True"/> <item value="current user is DBA: True"/>
<item value="r'database management system users \[.+'debian-sys-maint'@'localhost'.+'root'@''"/> <item value="r'database management system users \[.+'debian-sys-maint'@'localhost'.+'root'@''"/>
<item value="r'database management system users password hashes:.+root \[.+password hash: \*00E247AC5F9AF26AE0194B41E1E769DEE1429A29.+clear-text password: testpass'"/> <item value="r'database management system users password hashes:.+root \[.+password hash: \*00E247AC5F9AF26AE0194B41E1E769DEE1429A29'"/>
<item value="r'database management system users privileges:.+debian-sys-maint.+\(administrator\).+root.+\(administrator\).+privilege: SUPER'"/> <item value="r'database management system users privileges:.+debian-sys-maint.+\(administrator\).+root.+\(administrator\).+privilege: SUPER'"/>
<item value="r'database management system users roles:.+debian-sys-maint.+\[.+root.+\[.+role: SUPER'"/> <item value="r'database management system users roles:.+debian-sys-maint.+\[.+root.+\[.+role: SUPER'"/>
<item value="r'available databases \[.+information_schema.+mysql.+owasp10.+testdb'"/> <item value="r'available databases \[.+information_schema.+mysql.+owasp10.+testdb'"/>
@ -219,6 +222,7 @@
<db value="testdb"/> <db value="testdb"/>
<tbl value="users"/> <tbl value="users"/>
<excludeSysDbs value="True"/> <excludeSysDbs value="True"/>
<answers value="do you want to perform a dictionary-based attack against retrieved password hashes=N"/>
</switches> </switches>
<parse> <parse>
<item value="Title: MySQL inline queries"/> <item value="Title: MySQL inline queries"/>
@ -229,7 +233,7 @@
<item value="hostname: 'debian"/> <item value="hostname: 'debian"/>
<item value="current user is DBA: True"/> <item value="current user is DBA: True"/>
<item value="r'database management system users \[.+'debian-sys-maint'@'localhost'.+'root'@''"/> <item value="r'database management system users \[.+'debian-sys-maint'@'localhost'.+'root'@''"/>
<item value="r'database management system users password hashes:.+root \[.+password hash: \*00E247AC5F9AF26AE0194B41E1E769DEE1429A29.+clear-text password: testpass'"/> <item value="r'database management system users password hashes:.+root \[.+password hash: \*00E247AC5F9AF26AE0194B41E1E769DEE1429A29'"/>
<item value="r'database management system users privileges:.+debian-sys-maint.+\(administrator\).+root.+\(administrator\).+privilege: SUPER'"/> <item value="r'database management system users privileges:.+debian-sys-maint.+\(administrator\).+root.+\(administrator\).+privilege: SUPER'"/>
<item value="r'database management system users roles:.+debian-sys-maint.+\[.+root.+\[.+role: SUPER'"/> <item value="r'database management system users roles:.+debian-sys-maint.+\[.+root.+\[.+role: SUPER'"/>
<item value="r'available databases \[.+information_schema.+mysql.+owasp10.+testdb'"/> <item value="r'available databases \[.+information_schema.+mysql.+owasp10.+testdb'"/>