sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-02-09 08:00:36 +03:00
Code Issues Packages Projects Releases Wiki Activity

improvements to --live-test and added --stop-fail switch

Browse Source
This commit is contained in:
Bernardo Damele 2012-12-17 11:41:43 +00:00
parent 064d443d60
commit bbd2adb5fb
3 changed files with 42 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
lib/core/testing.py
View File

@ -26,6 +26,8 @@ from lib.core.option import setVerbosity
from lib.core.optiondict import optDict from lib.core.optiondict import optDict
from lib.parse.cmdline import cmdLineParser from lib.parse.cmdline import cmdLineParser
failedItem = None
def smokeTest(): def smokeTest():
""" """
This will run the basic smoke testing of a program This will run the basic smoke testing of a program
@ -95,6 +97,8 @@ def liveTest():
""" """
This will run the test of a program against the live testing environment This will run the test of a program against the live testing environment
""" """
global failedItem
retVal = True retVal = True
count = 0 count = 0
global_ = {} global_ = {}
@ -147,8 +151,10 @@ def liveTest():
if result: if result:
logger.info("test passed") logger.info("test passed")
else: else:
logger.error("test failed") logger.error("test failed at parsing item '%s'" % failedItem)
beep() beep()
if conf.stopFail is True:
return retVal
retVal &= result retVal &= result
@ -162,6 +168,9 @@ def liveTest():
return retVal return retVal
def initCase(switches=None): def initCase(switches=None):
global failedItem
failedItem = None
paths.SQLMAP_OUTPUT_PATH = tempfile.mkdtemp(prefix="sqlmaptest-") paths.SQLMAP_OUTPUT_PATH = tempfile.mkdtemp(prefix="sqlmaptest-")
paths.SQLMAP_DUMP_PATH = os.path.join(paths.SQLMAP_OUTPUT_PATH, "%s", "dump") paths.SQLMAP_DUMP_PATH = os.path.join(paths.SQLMAP_OUTPUT_PATH, "%s", "dump")
paths.SQLMAP_FILES_PATH = os.path.join(paths.SQLMAP_OUTPUT_PATH, "%s", "files") paths.SQLMAP_FILES_PATH = os.path.join(paths.SQLMAP_OUTPUT_PATH, "%s", "files")
@ -187,8 +196,9 @@ def cleanCase():
def runCase(switches=None, parse=None): def runCase(switches=None, parse=None):
retVal = True retVal = True
initCase(switches) global failedItem
initCase(switches)
result = start() result = start()
if result == False: # if None, ignore if result == False: # if None, ignore
@ -203,9 +213,11 @@ def runCase(switches=None, parse=None):
if item.startswith("r'") and item.endswith("'"): if item.startswith("r'") and item.endswith("'"):
if not re.search(item[2:-1], content, re.DOTALL): if not re.search(item[2:-1], content, re.DOTALL):
retVal = False retVal = False
failedItem = item
break break
elif content.find(item) < 0: elif content.find(item) < 0:
retVal = False retVal = False
failedItem = item
break break
cleanCase() cleanCase()

3
lib/parse/cmdline.py
View File

@ -679,6 +679,9 @@ def cmdLineParser():
parser.add_option("--live-test", dest="liveTest", action="store_true", parser.add_option("--live-test", dest="liveTest", action="store_true",
help=SUPPRESS_HELP) help=SUPPRESS_HELP)
parser.add_option("--stop-fail", dest="stopFail", action="store_true",
help=SUPPRESS_HELP)
parser.add_option("--run-case", dest="runCase", help=SUPPRESS_HELP) parser.add_option("--run-case", dest="runCase", help=SUPPRESS_HELP)
parser.add_option("--restapi", dest="restApi", action="store_true", parser.add_option("--restapi", dest="restApi", action="store_true",

50
xml/livetests.xml
View File

@ -49,14 +49,14 @@
<dumpTable value="True"/> <dumpTable value="True"/>
</switches> </switches>
<parse> <parse>
<item value="current user is DBA: 'True'"/> <item value="current user is DBA: True"/>
<item value="banner: '5.1.41-3~bpo50+1'"/> <item value="banner: '5.1.63-0+squeeze2'"/>
<item value="current user: 'root@localhost'"/> <item value="current user: 'root@localhost'"/>
<item value="current database: 'testdb'"/> <item value="current database: 'testdb'"/>
<item value="r'information_schema.+mysql.+owasp10.+testdb'"/> <item value="r'information_schema.+mysql.+owasp10.+testdb'"/>
<item value="r'1 table.+users'"/> <item value="r'1 table.+users'"/>
<item value="r'3 columns.+surname.+varchar\(1000\)'"/> <item value="r'3 columns.+surname.+varchar\(1000\)'"/>
<item value="r'4 entries.+nameisnull.+'"/> <item value="r'5 entries.+nameisnull.+'"/>
</parse> </parse>
</case> </case>
<case name="MySQL (--technique=U --is-dba --banner --current-user --current-db --dbs --tables -D testdb -T users --columns --dump)"> <case name="MySQL (--technique=U --is-dba --banner --current-user --current-db --dbs --tables -D testdb -T users --columns --dump)">
@ -75,14 +75,14 @@
<dumpTable value="True"/> <dumpTable value="True"/>
</switches> </switches>
<parse> <parse>
<item value="current user is DBA: 'True'"/> <item value="current user is DBA: True"/>
<item value="banner: '5.1.41-3~bpo50+1'"/> <item value="banner: '5.1.63-0+squeeze1'"/>
<item value="current user: 'root@localhost'"/> <item value="current user: 'root@localhost'"/>
<item value="current database: 'testdb'"/> <item value="current database: 'testdb'"/>
<item value="r'information_schema.+mysql.+owasp10.+testdb'"/> <item value="r'information_schema.+mysql.+owasp10.+testdb'"/>
<item value="r'1 table.+users'"/> <item value="r'1 table.+users'"/>
<item value="r'3 columns.+surname.+varchar\(1000\)'"/> <item value="r'3 columns.+surname.+varchar\(1000\)'"/>
<item value="r'4 entries.+nameisnull.+'"/> <item value="r'5 entries.+nameisnull.+'"/>
</parse> </parse>
</case> </case>
<case name="MySQL partial union (--technique=U --is-dba --banner --current-user --current-db --dbs --tables -D testdb -T users --columns --dump)"> <case name="MySQL partial union (--technique=U --is-dba --banner --current-user --current-db --dbs --tables -D testdb -T users --columns --dump)">
@ -101,14 +101,14 @@
<dumpTable value="True"/> <dumpTable value="True"/>
</switches> </switches>
<parse> <parse>
<item value="current user is DBA: 'True'"/> <item value="current user is DBA: True"/>
<item value="banner: '5.1.41-3~bpo50+1'"/> <item value="banner: '5.1.63-0+squeeze1'"/>
<item value="current user: 'root@localhost'"/> <item value="current user: 'root@localhost'"/>
<item value="current database: 'testdb'"/> <item value="current database: 'testdb'"/>
<item value="r'information_schema.+mysql.+owasp10.+testdb'"/> <item value="r'information_schema.+mysql.+owasp10.+testdb'"/>
<item value="r'1 table.+users'"/> <item value="r'1 table.+users'"/>
<item value="r'3 columns.+surname.+varchar\(1000\)'"/> <item value="r'3 columns.+surname.+varchar\(1000\)'"/>
<item value="r'4 entries.+nameisnull.+'"/> <item value="r'5 entries.+nameisnull.+'"/>
</parse> </parse>
</case> </case>
<case name="Postgres (--technique=B --is-dba --banner --current-user --current-db --dbs --tables -D testdb -T users --columns --dump --threads=4)"> <case name="Postgres (--technique=B --is-dba --banner --current-user --current-db --dbs --tables -D testdb -T users --columns --dump --threads=4)">
@ -128,7 +128,7 @@
<threads value="4"/> <threads value="4"/>
</switches> </switches>
<parse> <parse>
<item value="current user is DBA: 'True'"/> <item value="current user is DBA: True"/>
<item value="PostgreSQL 8.3.9 on i486-pc-linux-gnu, compiled by GCC gcc-4.3.real (Debian 4.3.2-1.1) 4.3.2"/> <item value="PostgreSQL 8.3.9 on i486-pc-linux-gnu, compiled by GCC gcc-4.3.real (Debian 4.3.2-1.1) 4.3.2"/>
<item value="current user: 'testuser'"/> <item value="current user: 'testuser'"/>
<item value="current database: 'testdb'"/> <item value="current database: 'testdb'"/>
@ -154,7 +154,7 @@
<dumpTable value="True"/> <dumpTable value="True"/>
</switches> </switches>
<parse> <parse>
<item value="current user is DBA: 'True'"/> <item value="current user is DBA: True"/>
<item value="PostgreSQL 8.3.9 on i486-pc-linux-gnu, compiled by GCC gcc-4.3.real (Debian 4.3.2-1.1) 4.3.2"/> <item value="PostgreSQL 8.3.9 on i486-pc-linux-gnu, compiled by GCC gcc-4.3.real (Debian 4.3.2-1.1) 4.3.2"/>
<item value="current user: 'testuser'"/> <item value="current user: 'testuser'"/>
<item value="current database: 'testdb'"/> <item value="current database: 'testdb'"/>
@ -180,7 +180,7 @@
<dumpTable value="True"/> <dumpTable value="True"/>
</switches> </switches>
<parse> <parse>
<item value="current user is DBA: 'True'"/> <item value="current user is DBA: True"/>
<item value="PostgreSQL 8.3.9 on i486-pc-linux-gnu, compiled by GCC gcc-4.3.real (Debian 4.3.2-1.1) 4.3.2"/> <item value="PostgreSQL 8.3.9 on i486-pc-linux-gnu, compiled by GCC gcc-4.3.real (Debian 4.3.2-1.1) 4.3.2"/>
<item value="current user: 'testuser'"/> <item value="current user: 'testuser'"/>
<item value="current database: 'testdb'"/> <item value="current database: 'testdb'"/>
@ -206,7 +206,7 @@
<dumpTable value="True"/> <dumpTable value="True"/>
</switches> </switches>
<parse> <parse>
<item value="current user is DBA: 'True'"/> <item value="current user is DBA: True"/>
<item value="PostgreSQL 8.3.9 on i486-pc-linux-gnu, compiled by GCC gcc-4.3.real (Debian 4.3.2-1.1) 4.3.2"/> <item value="PostgreSQL 8.3.9 on i486-pc-linux-gnu, compiled by GCC gcc-4.3.real (Debian 4.3.2-1.1) 4.3.2"/>
<item value="current user: 'testuser'"/> <item value="current user: 'testuser'"/>
<item value="current database: 'testdb'"/> <item value="current database: 'testdb'"/>
@ -233,7 +233,7 @@
<threads value="4"/> <threads value="4"/>
</switches> </switches>
<parse> <parse>
<item value="current user is DBA: 'True'"/> <item value="current user is DBA: True"/>
<item value="banner: 'Oracle Database 10g Enterprise Edition Release 10.2.0.1.0 - Prod'"/> <item value="banner: 'Oracle Database 10g Enterprise Edition Release 10.2.0.1.0 - Prod'"/>
<item value="current user: 'SYS'"/> <item value="current user: 'SYS'"/>
<item value="'TESTDB.REGRESS.RDBMS.DEV.US.ORACLE.COM'"/> <item value="'TESTDB.REGRESS.RDBMS.DEV.US.ORACLE.COM'"/>
@ -259,7 +259,7 @@
<dumpTable value="True"/> <dumpTable value="True"/>
</switches> </switches>
<parse> <parse>
<item value="current user is DBA: 'True'"/> <item value="current user is DBA: True"/>
<item value="banner: 'Oracle Database 10g Enterprise Edition Release 10.2.0.1.0 - Prod'"/> <item value="banner: 'Oracle Database 10g Enterprise Edition Release 10.2.0.1.0 - Prod'"/>
<item value="current user: 'SYS'"/> <item value="current user: 'SYS'"/>
<item value="'TESTDB.REGRESS.RDBMS.DEV.US.ORACLE.COM'"/> <item value="'TESTDB.REGRESS.RDBMS.DEV.US.ORACLE.COM'"/>
@ -285,7 +285,7 @@
<dumpTable value="True"/> <dumpTable value="True"/>
</switches> </switches>
<parse> <parse>
<item value="current user is DBA: 'True'"/> <item value="current user is DBA: True"/>
<item value="banner: 'Oracle Database 10g Enterprise Edition Release 10.2.0.1.0 - Prod'"/> <item value="banner: 'Oracle Database 10g Enterprise Edition Release 10.2.0.1.0 - Prod'"/>
<item value="current user: 'SYS'"/> <item value="current user: 'SYS'"/>
<item value="'TESTDB.REGRESS.RDBMS.DEV.US.ORACLE.COM'"/> <item value="'TESTDB.REGRESS.RDBMS.DEV.US.ORACLE.COM'"/>
@ -311,7 +311,7 @@
<dumpTable value="True"/> <dumpTable value="True"/>
</switches> </switches>
<parse> <parse>
<item value="current user is DBA: 'True'"/> <item value="current user is DBA: True"/>
<item value="banner: 'Oracle Database 10g Enterprise Edition Release 10.2.0.1.0 - Prod'"/> <item value="banner: 'Oracle Database 10g Enterprise Edition Release 10.2.0.1.0 - Prod'"/>
<item value="current user: 'SYS'"/> <item value="current user: 'SYS'"/>
<item value="'TESTDB.REGRESS.RDBMS.DEV.US.ORACLE.COM'"/> <item value="'TESTDB.REGRESS.RDBMS.DEV.US.ORACLE.COM'"/>
@ -338,14 +338,14 @@
<threads value="4"/> <threads value="4"/>
</switches> </switches>
<parse> <parse>
<item value="current user is DBA: 'True'"/> <item value="current user is DBA: True"/>
<item value="r'Microsoft SQL Server 2005.+Oct 14 2005 00:33:37'"/> <item value="r'Microsoft SQL Server 2005.+Oct 14 2005 00:33:37'"/>
<item value="current user: 'sa'"/> <item value="current user: 'sa'"/>
<item value="current database: 'testdb'"/> <item value="current database: 'testdb'"/>
<item value="r'available databases.+5.+master.+model.+msdb.+tempdb.+testdb'"/> <item value="r'available databases.+5.+master.+model.+msdb.+tempdb.+testdb'"/>
<item value="r'dbo\.sysdiagrams.+dbo\.users'"/> <item value="r'dbo\.sysdiagrams.+dbo\.users'"/>
<item value="r'3 columns.+surname.+varchar'"/> <item value="r'3 columns.+surname.+varchar'"/>
<item value="r'4 entries.+nameisnull.+'"/> <item value="r'5 entries.+nameisnull.+'"/>
</parse> </parse>
</case> </case>
<case name="MSSQL (--technique=E --is-dba --banner --current-user --current-db --dbs --tables -D testdb -T users --columns --dump)"> <case name="MSSQL (--technique=E --is-dba --banner --current-user --current-db --dbs --tables -D testdb -T users --columns --dump)">
@ -364,14 +364,14 @@
<dumpTable value="True"/> <dumpTable value="True"/>
</switches> </switches>
<parse> <parse>
<item value="current user is DBA: 'True'"/> <item value="current user is DBA: True"/>
<item value="r'Microsoft SQL Server 2005.+Oct 14 2005 00:33:37'"/> <item value="r'Microsoft SQL Server 2005.+Oct 14 2005 00:33:37'"/>
<item value="current user: 'sa'"/> <item value="current user: 'sa'"/>
<item value="current database: 'testdb'"/> <item value="current database: 'testdb'"/>
<item value="r'available databases.+5.+master.+model.+msdb.+tempdb.+testdb'"/> <item value="r'available databases.+5.+master.+model.+msdb.+tempdb.+testdb'"/>
<item value="r'dbo\.sysdiagrams.+dbo\.users'"/> <item value="r'dbo\.sysdiagrams.+dbo\.users'"/>
<item value="r'3 columns.+surname.+varchar'"/> <item value="r'3 columns.+surname.+varchar'"/>
<item value="r'4 entries.+nameisnull.+'"/> <item value="r'5 entries.+nameisnull.+'"/>
</parse> </parse>
</case> </case>
<case name="MSSQL (--technique=U --is-dba --banner --current-user --current-db --dbs --tables -D testdb -T users --columns --dump)"> <case name="MSSQL (--technique=U --is-dba --banner --current-user --current-db --dbs --tables -D testdb -T users --columns --dump)">
@ -390,14 +390,14 @@
<dumpTable value="True"/> <dumpTable value="True"/>
</switches> </switches>
<parse> <parse>
<item value="current user is DBA: 'True'"/> <item value="current user is DBA: True"/>
<item value="r'Microsoft SQL Server 2005.+Oct 14 2005 00:33:37'"/> <item value="r'Microsoft SQL Server 2005.+Oct 14 2005 00:33:37'"/>
<item value="current user: 'sa'"/> <item value="current user: 'sa'"/>
<item value="current database: 'testdb'"/> <item value="current database: 'testdb'"/>
<item value="r'available databases.+5.+master.+model.+msdb.+tempdb.+testdb'"/> <item value="r'available databases.+5.+master.+model.+msdb.+tempdb.+testdb'"/>
<item value="r'dbo\.sysdiagrams.+dbo\.users'"/> <item value="r'dbo\.sysdiagrams.+dbo\.users'"/>
<item value="r'3 columns.+surname.+varchar'"/> <item value="r'3 columns.+surname.+varchar'"/>
<item value="r'4 entries.+nameisnull.+'"/> <item value="r'5 entries.+nameisnull.+'"/>
</parse> </parse>
</case> </case>
<case name="MSSQL partial union (--technique=U --is-dba --banner --current-user --current-db --dbs --tables -D testdb -T users --columns --dump)"> <case name="MSSQL partial union (--technique=U --is-dba --banner --current-user --current-db --dbs --tables -D testdb -T users --columns --dump)">
@ -416,14 +416,14 @@
<dumpTable value="True"/> <dumpTable value="True"/>
</switches> </switches>
<parse> <parse>
<item value="current user is DBA: 'True'"/> <item value="current user is DBA: True"/>
<item value="r'Microsoft SQL Server 2005.+Oct 14 2005 00:33:37'"/> <item value="r'Microsoft SQL Server 2005.+Oct 14 2005 00:33:37'"/>
<item value="current user: 'sa'"/> <item value="current user: 'sa'"/>
<item value="current database: 'testdb'"/> <item value="current database: 'testdb'"/>
<item value="r'available databases.+5.+master.+model.+msdb.+tempdb.+testdb'"/> <item value="r'available databases.+5.+master.+model.+msdb.+tempdb.+testdb'"/>
<item value="r'dbo\.sysdiagrams.+dbo\.users'"/> <item value="r'dbo\.sysdiagrams.+dbo\.users'"/>
<item value="r'3 columns.+surname.+varchar'"/> <item value="r'3 columns.+surname.+varchar'"/>
<item value="r'4 entries.+nameisnull.+'"/> <item value="r'5 entries.+nameisnull.+'"/>
</parse> </parse>
</case> </case>
</root> </root>