Minor regrouping

2024-11-25 02:53:46 +03:00 · 2019-08-13 14:55:26 +02:00 · 2019-08-13 14:55:26 +02:00 · bfe8785ed5
commit bfe8785ed5
parent 412301bb18
4 changed files with 62 additions and 62 deletions
--- a/lib/core/optiondict.py
+++ b/lib/core/optiondict.py
@ -31,6 +31,7 @@ optDict = {
        "loadCookies": "string",
        "dropSetCookie": "boolean",
        "agent": "string",
+        "mobile": "boolean",
        "randomAgent": "boolean",
        "host": "string",
        "referer": "string",
@ -100,6 +101,7 @@ optDict = {
        "notString": "string",
        "regexp": "string",
        "code": "integer",
+        "smart": "boolean",
        "textOnly": "boolean",
        "titles": "boolean",
    },
@ -197,10 +199,12 @@ optDict = {

    "General": {
        "trafficFile": "string",
+        "answers": "string",
        "batch": "boolean",
        "binaryFields": "string",
        "charset": "string",
        "checkInternet": "boolean",
+        "cleanup": "boolean",
        "crawlDepth": "integer",
        "crawlExclude": "string",
        "csvDel": "string",
@ -210,6 +214,7 @@ optDict = {
        "flushSession": "boolean",
        "forms": "boolean",
        "freshQueries": "boolean",
+        "googlePage": "integer",
        "harFile": "string",
        "hexConvert": "boolean",
        "outputDir": "string",
@ -218,28 +223,23 @@ optDict = {
        "repair": "boolean",
        "saveConfig": "string",
        "scope": "string",
+        "skipWaf": "boolean",
        "testFilter": "string",
        "testSkip": "string",
-        "updateAll": "boolean",
+        "webRoot": "string",
    },

    "Miscellaneous": {
        "alert": "string",
-        "answers": "string",
        "beep": "boolean",
-        "cleanup": "boolean",
        "dependencies": "boolean",
        "disableColoring": "boolean",
-        "googlePage": "integer",
        "listTampers": "boolean",
-        "mobile": "boolean",
        "offline": "boolean",
        "purge": "boolean",
-        "skipWaf": "boolean",
-        "smart": "boolean",
        "tmpDir": "string",
-        "webRoot": "string",
        "wizard": "boolean",
+        "updateAll": "boolean",
        "verbose": "integer",
    },

--- a/lib/core/settings.py
+++ b/lib/core/settings.py
@ -18,7 +18,7 @@ from lib.core.enums import OS
 from thirdparty.six import unichr as _unichr

 # sqlmap version (<major>.<minor>.<month>.<monthly commit>)
-VERSION = "1.3.8.9"
+VERSION = "1.3.8.10"
 TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
 TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
 VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
--- a/lib/parse/cmdline.py
+++ b/lib/parse/cmdline.py
@ -152,6 +152,9 @@ def cmdLineParser(argv=None):
        request.add_argument("--user-agent", dest="agent",
            help="HTTP User-Agent header value")

+        request.add_argument("--mobile", dest="mobile", action="store_true",
+            help="Imitate smartphone through HTTP User-Agent header")
+
        request.add_argument("--random-agent", dest="randomAgent", action="store_true",
            help="Use randomly selected HTTP User-Agent header value")

@ -344,6 +347,9 @@ def cmdLineParser(argv=None):
        detection.add_argument("--code", dest="code", type=int,
            help="HTTP code to match when query is evaluated to True")

+        detection.add_argument("--smart", dest="smart", action="store_true",
+            help="Perform thorough tests only if positive heuristic(s)")
+
        detection.add_argument("--text-only", dest="textOnly", action="store_true",
            help="Compare pages based only on the textual content")

@ -585,6 +591,9 @@ def cmdLineParser(argv=None):
        general.add_argument("-t", dest="trafficFile",
            help="Log all HTTP traffic into a textual file")

+        general.add_argument("--answers", dest="answers",
+            help="Set predefined answers (e.g. \"quit=N,follow=N\")")
+
        general.add_argument("--batch", dest="batch", action="store_true",
            help="Never ask for user input, use the default behavior")

@ -594,6 +603,9 @@ def cmdLineParser(argv=None):
        general.add_argument("--check-internet", dest="checkInternet", action="store_true",
            help="Check Internet connection before assessing the target")

+        general.add_argument("--cleanup", dest="cleanup", action="store_true",
+            help="Clean up the DBMS from sqlmap specific UDF and tables")
+
        general.add_argument("--crawl", dest="crawlDepth", type=int,
            help="Crawl the website starting from the target URL")

@ -624,6 +636,9 @@ def cmdLineParser(argv=None):
        general.add_argument("--fresh-queries", dest="freshQueries", action="store_true",
            help="Ignore query results stored in session file")

+        general.add_argument("--gpage", dest="googlePage", type=int,
+            help="Use Google dork results from specified page number")
+
        general.add_argument("--har", dest="harFile",
            help="Log all HTTP traffic into a HAR file")

@ -648,17 +663,20 @@ def cmdLineParser(argv=None):
        general.add_argument("--scope", dest="scope",
            help="Regexp to filter targets from provided proxy log")

+        general.add_argument("--skip-waf", dest="skipWaf", action="store_true",
+            help="Skip heuristic detection of WAF/IPS protection")
+
        general.add_argument("--test-filter", dest="testFilter",
            help="Select tests by payloads and/or titles (e.g. ROW)")

        general.add_argument("--test-skip", dest="testSkip",
            help="Skip tests by payloads and/or titles (e.g. BENCHMARK)")

-        general.add_argument("--update", dest="updateAll", action="store_true",
-            help="Update sqlmap")
+        general.add_argument("--web-root", dest="webRoot",
+            help="Web server document root directory (e.g. \"/var/www\")")

        # Miscellaneous options
-        miscellaneous = parser.add_argument_group("Miscellaneous")
+        miscellaneous = parser.add_argument_group("Miscellaneous", "These options do not fit into any other category")

        miscellaneous.add_argument("-z", dest="mnemonics",
            help="Use short mnemonics (e.g. \"flu,bat,ban,tec=EU\")")
@ -666,50 +684,32 @@ def cmdLineParser(argv=None):
        miscellaneous.add_argument("--alert", dest="alert",
            help="Run host OS command(s) when SQL injection is found")

-        miscellaneous.add_argument("--answers", dest="answers",
-            help="Set predefined answers (e.g. \"quit=N,follow=N\")")
-
        miscellaneous.add_argument("--beep", dest="beep", action="store_true",
            help="Beep on question and/or when SQL injection is found")

-        miscellaneous.add_argument("--cleanup", dest="cleanup", action="store_true",
-            help="Clean up the DBMS from sqlmap specific UDF and tables")
-
        miscellaneous.add_argument("--dependencies", dest="dependencies", action="store_true",
            help="Check for missing (optional) sqlmap dependencies")

        miscellaneous.add_argument("--disable-coloring", dest="disableColoring", action="store_true",
            help="Disable console output coloring")

-        miscellaneous.add_argument("--gpage", dest="googlePage", type=int,
-            help="Use Google dork results from specified page number")
-
        miscellaneous.add_argument("--list-tampers", dest="listTampers", action="store_true",
            help="Display list of available tamper scripts")

-        miscellaneous.add_argument("--mobile", dest="mobile", action="store_true",
-            help="Imitate smartphone through HTTP User-Agent header")
-
        miscellaneous.add_argument("--offline", dest="offline", action="store_true",
            help="Work in offline mode (only use session data)")

        miscellaneous.add_argument("--purge", dest="purge", action="store_true",
            help="Safely remove all content from sqlmap data directory")

-        miscellaneous.add_argument("--skip-waf", dest="skipWaf", action="store_true",
-            help="Skip heuristic detection of WAF/IPS protection")
-
-        miscellaneous.add_argument("--smart", dest="smart", action="store_true",
-            help="Conduct thorough tests only if positive heuristic(s)")
-
        miscellaneous.add_argument("--sqlmap-shell", dest="sqlmapShell", action="store_true",
            help="Prompt for an interactive sqlmap shell")

        miscellaneous.add_argument("--tmp-dir", dest="tmpDir",
            help="Local directory for storing temporary files")

-        miscellaneous.add_argument("--web-root", dest="webRoot",
-            help="Web server document root directory (e.g. \"/var/www\")")
+        miscellaneous.add_argument("--update", dest="updateAll", action="store_true",
+            help="Update sqlmap")

        miscellaneous.add_argument("--wizard", dest="wizard", action="store_true",
            help="Simple wizard interface for beginner users")
--- a/sqlmap.conf
+++ b/sqlmap.conf
@ -67,6 +67,10 @@ dropSetCookie = False
 # sqlmap will also test for SQL injection on the HTTP User-Agent value.
 agent =

+# Imitate smartphone through HTTP User-Agent header.
+# Valid: True or False
+mobile = False
+
 # Use randomly selected HTTP User-Agent header value.
 # Valid: True or False
 randomAgent = False
@ -343,6 +347,10 @@ regexp =
 # code)
 # code = 

+# Conduct thorough tests only if positive heuristic(s).
+# Valid: True or False
+smart = False
+
 # Compare pages based only on the textual content.
 # Valid: True or False
 textOnly = False
@ -683,6 +691,9 @@ sessionFile =
 # Log all HTTP traffic into a textual file.
 trafficFile = 

+# Set predefined answers (e.g. "quit=N,follow=N").
+answers =
+
 # Never ask for user input, use the default behaviour.
 # Valid: True or False
 batch = False
@ -693,6 +704,10 @@ binaryFields =
 # Check Internet connection before assessing the target.
 checkInternet = False

+# Clean up the DBMS from sqlmap specific UDF and tables.
+# Valid: True or False
+cleanup = False
+
 # Crawl the website starting from the target URL.
 # Valid: integer
 # Default: 0
@ -729,6 +744,11 @@ forms = False
 # Valid: True or False
 freshQueries = False

+# Use Google dork results from specified page number.
+# Valid: integer
+# Default: 1
+googlePage = 1
+
 # Use hex conversion during data retrieval.
 # Valid: True or False
 hexConvert = False
@ -752,15 +772,18 @@ repair = False
 # Example: (google|yahoo)
 scope = 

+# Skip heuristic detection of WAF/IPS protection.
+# Valid: True or False
+skipWaf = False
+
 # Select tests by payloads and/or titles (e.g. ROW)
 testFilter =

 # Skip tests by payloads and/or titles (e.g. BENCHMARK)
 testSkip =

-# Update sqlmap.
-# Valid: True or False
-updateAll = False
+# Web server document root directory (e.g. "/var/www").
+webRoot =


 [Miscellaneous]
@ -768,9 +791,6 @@ updateAll = False
 # Run host OS command(s) when SQL injection is found.
 alert =

-# Set predefined answers (e.g. "quit=N,follow=N").
-answers =
-
 # Beep on question and/or when SQL injection is found.
 # Valid: True or False
 beep = False
@ -779,10 +799,6 @@ beep = False
 # Valid: True or False
 checkPayload = False

-# Clean up the DBMS from sqlmap specific UDF and tables.
-# Valid: True or False
-cleanup = False
-
 # Check for missing (optional) sqlmap dependencies.
 # Valid: True or False
 dependencies = False
@ -791,41 +807,25 @@ dependencies = False
 # Valid: True or False
 disableColoring = False

-# Use Google dork results from specified page number.
-# Valid: integer
-# Default: 1
-googlePage = 1
-
 # Display list of available tamper scripts
 # Valid: True or False
 listTampers = False

-# Imitate smartphone through HTTP User-Agent header.
-# Valid: True or False
-mobile = False
-
 # Work in offline mode (only use session data)
 # Valid: True or False
 offline = False

-# Skip heuristic detection of WAF/IPS protection.
-# Valid: True or False
-skipWaf = False
-
-# Conduct thorough tests only if positive heuristic(s).
-# Valid: True or False
-smart = False
-
 # Local directory for storing temporary files.
 tmpDir =

-# Web server document root directory (e.g. "/var/www").
-webRoot =
-
 # Simple wizard interface for beginner users.
 # Valid: True or False
 wizard = False

+# Update sqlmap.
+# Valid: True or False
+updateAll = False
+
 # Verbosity level.
 # Valid: integer between 0 and 6
 # 0: Show only error and critical messages