More code cleanup

2024-11-25 19:13:48 +03:00 · 2011-01-15 23:11:36 +00:00 · 2011-01-15 23:11:36 +00:00 · d3a28124b1
commit d3a28124b1
parent 4a35f598b8
4 changed files with 13 additions and 55 deletions
--- a/lib/controller/checks.py
+++ b/lib/controller/checks.py
@ -433,9 +433,9 @@ def checkSqlInjection(place, parameter, value):
                        injection.data[stype].matchRatio = kb.matchRatio

                        injection.conf.textOnly = conf.textOnly
-                        injection.conf.string   = conf.string
-                        injection.conf.regexp   = conf.regexp
-                        injection.conf.timeSec  = conf.timeSec
+                        injection.conf.string = conf.string
+                        injection.conf.regexp = conf.regexp
+                        injection.conf.timeSec = conf.timeSec

                        if hasattr(test, "details"):
                            for detailKey, detailValue in test.details.items():
--- a/lib/controller/controller.py
+++ b/lib/controller/controller.py
@ -380,11 +380,13 @@ def start():
                if not conf.realTest:
                    errMsg = "all parameters are not injectable, try "
                    errMsg += "a higher --level/--risk to use more tests"
+
                    if not conf.textOnly and kb.originalPage:
                        percent = (1.0 * len(kb.originalPage) / len(getFilteredPageContent(kb.originalPage)))
                        errMsg += " and/or --text-only switch if the target page "
                        errMsg += "has a low percentage of textual content "
                        errMsg += "(%.2f%% of page content is text)" % percent
+
                    raise sqlmapNotVulnerableException, errMsg
                else:
                    errMsg = "it seems that all parameters are not injectable"
--- a/lib/core/datatype.py
+++ b/lib/core/datatype.py
@ -84,4 +84,3 @@ class injectionDict(advancedDict):
        self.dbms = None
        self.dbms_version = None
        self.os = None
-
--- a/lib/core/session.py
+++ b/lib/core/session.py
@ -160,50 +160,7 @@ def setRemoteTempPath():
        dataToSessionFile("[%s][%s][%s][Remote temp path][%s]\n" % (conf.url, kb.injection.place, safeFormatString(conf.parameters[kb.injection.place]), safeFormatString(conf.tmpPath)))

 def resumeConfKb(expression, url, value):
-    if expression == "String" and url == conf.url:
-        string = unSafeFormatString(value[:-1])
-
-        logMsg = "resuming string match '%s' from session file" % string
-        logger.info(logMsg)
-
-        if string and ( not conf.string or string != conf.string ):
-            if not conf.string:
-                message = "you did not provide any string to match. "
-            else:
-                message  = "The string you provided does not match "
-                message += "the resumed string. "
-
-            message += "Do you want to use the resumed string "
-            message += "to be matched in page when the query "
-            message += "is valid? [Y/n] "
-            test = readInput(message, default="Y")
-
-            if not test or test[0] in ("y", "Y"):
-                conf.string = string
-
-    elif expression == "Regular expression" and url == conf.url:
-        regexp = unSafeFormatString(value[:-1])
-
-        logMsg = "resuming regular expression match '%s' from session file" % regexp
-        logger.info(logMsg)
-
-        if regexp and ( not conf.regexp or regexp != conf.regexp ):
-            if not conf.regexp:
-                message  = "you did not provide any regular expression "
-                message += "to match. "
-            else:
-                message  = "The regular expression you provided does not "
-                message += "match the resumed regular expression. "
-
-            message += "Do you want to use the resumed regular expression "
-            message += "to be matched in page when the query "
-            message += "is valid? [Y/n] "
-            test = readInput(message, default="Y")
-
-            if not test or test[0] in ("y", "Y"):
-                conf.regexp = regexp
-
-    elif expression == "Injection data" and url == conf.url:
+    if expression == "Injection data" and url == conf.url:
        injection = base64unpickle(value[:-1])
        logMsg = "resuming injection data from session file"
        logger.info(logMsg)
@ -277,6 +234,13 @@ def resumeConfKb(expression, url, value):
            else:
                conf.os = os

+    elif expression == "Remote temp path" and url == conf.url:
+        conf.tmpPath = unSafeFormatString(value[:-1])
+
+        logMsg = "resuming remote absolute path of temporary "
+        logMsg += "files directory '%s' from session file" % conf.tmpPath
+        logger.info(logMsg)
+
    elif expression == "TABLE_EXISTS" and url == conf.url:
        table = unSafeFormatString(value[:-1])

@ -305,10 +269,3 @@ def resumeConfKb(expression, url, value):
        logger.info(logMsg)

        kb.brute.columns.append((db, table, colName, colType))
-
-    elif expression == "Remote temp path" and url == conf.url:
-        conf.tmpPath = unSafeFormatString(value[:-1])
-
-        logMsg = "resuming remote absolute path of temporary "
-        logMsg += "files directory '%s' from session file" % conf.tmpPath
-        logger.info(logMsg)