sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-11-22 17:46:37 +03:00
Code Issues Packages Projects Releases Wiki Activity

fix for -g

Browse Source
This commit is contained in:
Miroslav Stampar 2012-02-20 10:02:19 +00:00
parent 121148f27f
commit bc4dd7c0dd
2 changed files with 20 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
lib/core/settings.py
View File

@ -65,6 +65,9 @@ PAYLOAD_DELIMITER = "\x00"
CHAR_INFERENCE_MARK = "%c" CHAR_INFERENCE_MARK = "%c"
PRINTABLE_CHAR_REGEX = r'[^\x00-\x1f\x7e-\xff]' PRINTABLE_CHAR_REGEX = r'[^\x00-\x1f\x7e-\xff]'
# regular expression used for extracting results from google search
GOOGLE_REGEX = r'url\?q=(http[^>]+)&sa=U&amp'
# dumping characters used in GROUP_CONCAT MySQL technique # dumping characters used in GROUP_CONCAT MySQL technique
CONCAT_ROW_DELIMITER = ',' CONCAT_ROW_DELIMITER = ','
CONCAT_VALUE_DELIMITER = '|' CONCAT_VALUE_DELIMITER = '|'

34
lib/utils/google.py
View File

@ -16,12 +16,14 @@ import urllib2
from lib.core.common import getUnicode from lib.core.common import getUnicode
from lib.core.common import readInput from lib.core.common import readInput
from lib.core.convert import htmlunescape from lib.core.convert import htmlunescape
from lib.core.convert import urldecode
from lib.core.convert import urlencode from lib.core.convert import urlencode
from lib.core.data import conf from lib.core.data import conf
from lib.core.data import kb from lib.core.data import kb
from lib.core.data import logger from lib.core.data import logger
from lib.core.exception import sqlmapConnectionException from lib.core.exception import sqlmapConnectionException
from lib.core.exception import sqlmapGenericException from lib.core.exception import sqlmapGenericException
from lib.core.settings import GOOGLE_REGEX
from lib.core.settings import UNICODE_ENCODING from lib.core.settings import UNICODE_ENCODING
from lib.core.settings import URI_INJECTABLE_REGEX from lib.core.settings import URI_INJECTABLE_REGEX
from lib.request.basic import decodePage from lib.request.basic import decodePage
@ -33,26 +35,23 @@ class Google:
""" """
def __init__(self, handlers): def __init__(self, handlers):
self.__matches = [] self._matches = []
self.__cj = cookielib.LWPCookieJar() self._cj = cookielib.LWPCookieJar()
handlers.append(urllib2.HTTPCookieProcessor(self.__cj)) handlers.append(urllib2.HTTPCookieProcessor(self._cj))
self.opener = urllib2.build_opener(*handlers) self.opener = urllib2.build_opener(*handlers)
self.opener.addheaders = conf.httpHeaders self.opener.addheaders = conf.httpHeaders
def __parsePage(self, page): def _parsePage(self, page):
""" """
Parse Google dork search results page to get the list of Parse Google dork search results page to get the list of
HTTP addresses HTTP addresses
""" """
matches = [] retVal = re.findall(GOOGLE_REGEX, page, re.I | re.S)
regExpr = r'h3 class="?r"?><a href="(http[s]?://[^"]+?)"\s(class="?l"?|onmousedown=)' return retVal
matches = re.findall(regExpr, page, re.I | re.S)
return [match[0] for match in matches]
def getTargetUrls(self): def getTargetUrls(self):
""" """
@ -60,16 +59,17 @@ class Google:
your Google dork search results your Google dork search results
""" """
for match in self.__matches: for _ in self._matches:
if re.search(r"(.*?)\?(.+)", match): _ = urldecode(_)
kb.targetUrls.add(( htmlunescape(htmlunescape(match)), None, None, None )) if re.search(r"(.*?)\?(.+)", _):
elif re.search(URI_INJECTABLE_REGEX, match, re.I): kb.targetUrls.add((_, None, None, None))
elif re.search(URI_INJECTABLE_REGEX, _, re.I):
if kb.scanOnlyGoogleGETs is None: if kb.scanOnlyGoogleGETs is None:
message = "do you want to scan only results containing GET parameters? [Y/n] " message = "do you want to scan only results containing GET parameters? [Y/n] "
test = readInput(message, default="Y") test = readInput(message, default="Y")
kb.scanOnlyGoogleGETs = test.lower() != 'n' kb.scanOnlyGoogleGETs = test.lower() != 'n'
if not kb.scanOnlyGoogleGETs: if not kb.scanOnlyGoogleGETs:
kb.targetUrls.add(( htmlunescape(htmlunescape("%s" % match)), None, None, None )) kb.targetUrls.add((_, None, None, None))
def getCookie(self): def getCookie(self):
""" """
@ -138,11 +138,11 @@ class Google:
errMsg = "unable to connect to Google" errMsg = "unable to connect to Google"
raise sqlmapConnectionException, errMsg raise sqlmapConnectionException, errMsg
self.__matches = self.__parsePage(page) self._matches = self._parsePage(page)
if not self.__matches and "detected unusual traffic" in page: if not self._matches and "detected unusual traffic" in page:
warnMsg = "Google has detected 'unusual' traffic from " warnMsg = "Google has detected 'unusual' traffic from "
warnMsg += "this computer disabling further searches" warnMsg += "this computer disabling further searches"
raise sqlmapGenericException, warnMsg raise sqlmapGenericException, warnMsg
return self.__matches return self._matches