More code cleanup

This commit is contained in:
Bernardo Damele 2011-01-15 23:11:36 +00:00
parent 4a35f598b8
commit d3a28124b1
4 changed files with 13 additions and 55 deletions

View File

@ -380,11 +380,13 @@ def start():
if not conf.realTest:
errMsg = "all parameters are not injectable, try "
errMsg += "a higher --level/--risk to use more tests"
if not conf.textOnly and kb.originalPage:
percent = (1.0 * len(kb.originalPage) / len(getFilteredPageContent(kb.originalPage)))
errMsg += " and/or --text-only switch if the target page "
errMsg += "has a low percentage of textual content "
errMsg += "(%.2f%% of page content is text)" % percent
raise sqlmapNotVulnerableException, errMsg
else:
errMsg = "it seems that all parameters are not injectable"

View File

@ -84,4 +84,3 @@ class injectionDict(advancedDict):
self.dbms = None
self.dbms_version = None
self.os = None

View File

@ -160,50 +160,7 @@ def setRemoteTempPath():
dataToSessionFile("[%s][%s][%s][Remote temp path][%s]\n" % (conf.url, kb.injection.place, safeFormatString(conf.parameters[kb.injection.place]), safeFormatString(conf.tmpPath)))
def resumeConfKb(expression, url, value):
if expression == "String" and url == conf.url:
string = unSafeFormatString(value[:-1])
logMsg = "resuming string match '%s' from session file" % string
logger.info(logMsg)
if string and ( not conf.string or string != conf.string ):
if not conf.string:
message = "you did not provide any string to match. "
else:
message = "The string you provided does not match "
message += "the resumed string. "
message += "Do you want to use the resumed string "
message += "to be matched in page when the query "
message += "is valid? [Y/n] "
test = readInput(message, default="Y")
if not test or test[0] in ("y", "Y"):
conf.string = string
elif expression == "Regular expression" and url == conf.url:
regexp = unSafeFormatString(value[:-1])
logMsg = "resuming regular expression match '%s' from session file" % regexp
logger.info(logMsg)
if regexp and ( not conf.regexp or regexp != conf.regexp ):
if not conf.regexp:
message = "you did not provide any regular expression "
message += "to match. "
else:
message = "The regular expression you provided does not "
message += "match the resumed regular expression. "
message += "Do you want to use the resumed regular expression "
message += "to be matched in page when the query "
message += "is valid? [Y/n] "
test = readInput(message, default="Y")
if not test or test[0] in ("y", "Y"):
conf.regexp = regexp
elif expression == "Injection data" and url == conf.url:
if expression == "Injection data" and url == conf.url:
injection = base64unpickle(value[:-1])
logMsg = "resuming injection data from session file"
logger.info(logMsg)
@ -277,6 +234,13 @@ def resumeConfKb(expression, url, value):
else:
conf.os = os
elif expression == "Remote temp path" and url == conf.url:
conf.tmpPath = unSafeFormatString(value[:-1])
logMsg = "resuming remote absolute path of temporary "
logMsg += "files directory '%s' from session file" % conf.tmpPath
logger.info(logMsg)
elif expression == "TABLE_EXISTS" and url == conf.url:
table = unSafeFormatString(value[:-1])
@ -305,10 +269,3 @@ def resumeConfKb(expression, url, value):
logger.info(logMsg)
kb.brute.columns.append((db, table, colName, colType))
elif expression == "Remote temp path" and url == conf.url:
conf.tmpPath = unSafeFormatString(value[:-1])
logMsg = "resuming remote absolute path of temporary "
logMsg += "files directory '%s' from session file" % conf.tmpPath
logger.info(logMsg)