sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-11-25 11:03:47 +03:00
Code Issues Packages Projects Releases Wiki Activity

Preparation for an Issue #254

Browse Source
This commit is contained in:
Miroslav Stampar 2012-11-28 10:58:18 +01:00
parent 621ae587c7
commit d95dd2d16e
8 changed files with 36 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
extra/shutils/_sqlmap.py
View File

@ -141,7 +141,6 @@ _arguments -C -s \
'(--hex)'--hex'[Uses DBMS hex function(s) for data retrieval]' \ '(--hex)'--hex'[Uses DBMS hex function(s) for data retrieval]' \
'(--output-dir)'--output-dir=-'[Custom output directory path]:ODIR' \ '(--output-dir)'--output-dir=-'[Custom output directory path]:ODIR' \
'(--parse-errors)'--parse-errors'[Parse and display DBMS error messages from responses]' \ '(--parse-errors)'--parse-errors'[Parse and display DBMS error messages from responses]' \
'(--replicate)'--replicate'[Replicate dumped data into a sqlite3 database]' \
'(--save)'--save'[Save options to a configuration INI file]' \ '(--save)'--save'[Save options to a configuration INI file]' \
'(--tor)'--tor'[Use Tor anonymity network]' \ '(--tor)'--tor'[Use Tor anonymity network]' \
'(--tor-port)'--tor-port=-'[Set Tor proxy port other than default]:TORPORT' \ '(--tor-port)'--tor-port=-'[Set Tor proxy port other than default]:TORPORT' \

1
lib/core/defaults.py
View File

@ -20,6 +20,7 @@ _defaults = {
"threads": 1, "threads": 1,
"level": 1, "level": 1,
"risk": 1, "risk": 1,
"dumpFormat": "CSV",
"tech": "BEUST", "tech": "BEUST",
"torType": "HTTP" "torType": "HTTP"
} }

19
lib/core/dump.py
View File

@ -26,6 +26,7 @@ from lib.core.data import kb
from lib.core.data import logger from lib.core.data import logger
from lib.core.dicts import DUMP_REPLACEMENTS from lib.core.dicts import DUMP_REPLACEMENTS
from lib.core.enums import DBMS from lib.core.enums import DBMS
from lib.core.enums import DUMP_FORMAT
from lib.core.exception import sqlmapGenericException from lib.core.exception import sqlmapGenericException
from lib.core.exception import sqlmapValueException from lib.core.exception import sqlmapValueException
from lib.core.replication import Replication from lib.core.replication import Replication
@ -330,7 +331,7 @@ class Dump:
db = "All" db = "All"
table = tableValues["__infos__"]["table"] table = tableValues["__infos__"]["table"]
if conf.replicate: if conf.dumpFormat == DUMP_FORMAT.SQLITE:
replication = Replication("%s%s%s.sqlite3" % (conf.dumpPath, os.sep, unsafeSQLIdentificatorNaming(db))) replication = Replication("%s%s%s.sqlite3" % (conf.dumpPath, os.sep, unsafeSQLIdentificatorNaming(db)))
else: else:
dumpDbPath = "%s%s%s" % (conf.dumpPath, os.sep, unsafeSQLIdentificatorNaming(db)) dumpDbPath = "%s%s%s" % (conf.dumpPath, os.sep, unsafeSQLIdentificatorNaming(db))
@ -357,7 +358,7 @@ class Dump:
separator += "+" separator += "+"
self._write("Database: %s\nTable: %s" % (db if db else "Current database", table)) self._write("Database: %s\nTable: %s" % (db if db else "Current database", table))
if conf.replicate: if conf.dumpFormat == DUMP_FORMAT.SQLITE:
cols = [] cols = []
for column in columns: for column in columns:
@ -406,7 +407,7 @@ class Dump:
self._write("| %s%s" % (column, blank), newline=False) self._write("| %s%s" % (column, blank), newline=False)
if not conf.replicate: if conf.dumpFormat != DUMP_FORMAT.SQLITE:
if field == fields: if field == fields:
dataToDumpFile(dumpFP, "%s" % safeCSValue(column)) dataToDumpFile(dumpFP, "%s" % safeCSValue(column))
else: else:
@ -416,10 +417,10 @@ class Dump:
self._write("|\n%s" % separator) self._write("|\n%s" % separator)
if not conf.replicate: if conf.dumpFormat != DUMP_FORMAT.SQLITE:
dataToDumpFile(dumpFP, "\n") dataToDumpFile(dumpFP, "\n")
if conf.replicate: if conf.dumpFormat == DUMP_FORMAT.SQLITE:
rtable.beginTransaction() rtable.beginTransaction()
if count > TRIM_STDOUT_DUMP_SIZE: if count > TRIM_STDOUT_DUMP_SIZE:
@ -451,7 +452,7 @@ class Dump:
blank = " " * (maxlength - len(value)) blank = " " * (maxlength - len(value))
self._write("| %s%s" % (value, blank), newline=False, console=console) self._write("| %s%s" % (value, blank), newline=False, console=console)
if not conf.replicate: if conf.dumpFormat != DUMP_FORMAT.SQLITE:
if field == fields: if field == fields:
dataToDumpFile(dumpFP, "%s" % safeCSValue(value)) dataToDumpFile(dumpFP, "%s" % safeCSValue(value))
else: else:
@ -459,7 +460,7 @@ class Dump:
field += 1 field += 1
if conf.replicate: if conf.dumpFormat == DUMP_FORMAT.SQLITE:
try: try:
rtable.insert(values) rtable.insert(values)
except sqlmapValueException: except sqlmapValueException:
@ -467,12 +468,12 @@ class Dump:
self._write("|", console=console) self._write("|", console=console)
if not conf.replicate: if conf.dumpFormat != DUMP_FORMAT.SQLITE:
dataToDumpFile(dumpFP, "\n") dataToDumpFile(dumpFP, "\n")
self._write("%s\n" % separator) self._write("%s\n" % separator)
if conf.replicate: if conf.dumpFormat == DUMP_FORMAT.SQLITE:
rtable.endTransaction() rtable.endTransaction()
logger.info("table '%s.%s' dumped to sqlite3 database '%s'" % (db, table, replication.dbpath)) logger.info("table '%s.%s' dumped to sqlite3 database '%s'" % (db, table, replication.dbpath))

5
lib/core/enums.py
View File

@ -124,6 +124,11 @@ class PROXYTYPE:
SOCKS4 = "SOCKS4" SOCKS4 = "SOCKS4"
SOCKS5 = "SOCKS5" SOCKS5 = "SOCKS5"
class DUMP_FORMAT:
CSV = "CSV"
HTML = "HTML"
SQLITE = "SQLITE"
class HTTPHEADER: class HTTPHEADER:
ACCEPT = "Accept" ACCEPT = "Accept"
ACCEPT_CHARSET = "Accept-Charset" ACCEPT_CHARSET = "Accept-Charset"

11
lib/core/option.py
View File

@ -63,6 +63,7 @@ from lib.core.dicts import DBMS_DICT
from lib.core.dicts import DUMP_REPLACEMENTS from lib.core.dicts import DUMP_REPLACEMENTS
from lib.core.enums import ADJUST_TIME_DELAY from lib.core.enums import ADJUST_TIME_DELAY
from lib.core.enums import CUSTOM_LOGGING from lib.core.enums import CUSTOM_LOGGING
from lib.core.enums import DUMP_FORMAT
from lib.core.enums import HTTPHEADER from lib.core.enums import HTTPHEADER
from lib.core.enums import HTTPMETHOD from lib.core.enums import HTTPMETHOD
from lib.core.enums import MOBILES from lib.core.enums import MOBILES
@ -1409,6 +1410,12 @@ def __cleanupOptions():
for _ in DUMP_REPLACEMENTS.keys(): for _ in DUMP_REPLACEMENTS.keys():
del DUMP_REPLACEMENTS[_] del DUMP_REPLACEMENTS[_]
if conf.dumpFormat:
conf.dumpFormat = conf.dumpFormat.upper()
if conf.torType:
conf.torType = conf.torType.upper()
threadData = getCurrentThreadData() threadData = getCurrentThreadData()
threadData.reset() threadData.reset()
@ -1970,6 +1977,10 @@ def __basicOptionValidation():
errMsg = "option '--tor-type' accepts one of following values: %s" % ", ".join(getPublicTypeMembers(PROXYTYPE, True)) errMsg = "option '--tor-type' accepts one of following values: %s" % ", ".join(getPublicTypeMembers(PROXYTYPE, True))
raise sqlmapSyntaxException, errMsg raise sqlmapSyntaxException, errMsg
if conf.dumpFormat not in getPublicTypeMembers(DUMP_FORMAT, True):
errMsg = "option '--dump-format' accepts one of following values: %s" % ", ".join(getPublicTypeMembers(DUMP_FORMAT, True))
raise sqlmapSyntaxException, errMsg
if conf.skip and conf.testParameter: if conf.skip and conf.testParameter:
errMsg = "option '--skip' is incompatible with option '-p'" errMsg = "option '--skip' is incompatible with option '-p'"
raise sqlmapSyntaxException, errMsg raise sqlmapSyntaxException, errMsg

2
lib/core/optiondict.py
View File

@ -175,6 +175,7 @@ optDict = {
"crawlDepth": "integer", "crawlDepth": "integer",
"csvDel": "string", "csvDel": "string",
"dbmsCred": "string", "dbmsCred": "string",
"dumpFormat": "string",
"eta": "boolean", "eta": "boolean",
"flushSession": "boolean", "flushSession": "boolean",
"forms": "boolean", "forms": "boolean",
@ -182,7 +183,6 @@ optDict = {
"hexConvert": "boolean", "hexConvert": "boolean",
"oDir": "string", "oDir": "string",
"parseErrors": "boolean", "parseErrors": "boolean",
"replicate": "boolean",
"updateAll": "boolean", "updateAll": "boolean",
"tor": "boolean", "tor": "boolean",
"torPort": "integer", "torPort": "integer",

9
lib/parse/cmdline.py
View File

@ -547,6 +547,9 @@ def cmdLineParser():
general.add_option("--dbms-cred", dest="dbmsCred", general.add_option("--dbms-cred", dest="dbmsCred",
help="DBMS authentication credentials (user:password)") help="DBMS authentication credentials (user:password)")
general.add_option("--dump-format", dest="dumpFormat",
help="Format of dumped data (CSV (default), HTML or SQLITE)")
general.add_option("--eta", dest="eta", general.add_option("--eta", dest="eta",
action="store_true", action="store_true",
help="Display for each output the " help="Display for each output the "
@ -576,10 +579,6 @@ def cmdLineParser():
action="store_true", action="store_true",
help="Parse and display DBMS error messages from responses") help="Parse and display DBMS error messages from responses")
general.add_option("--replicate", dest="replicate",
action="store_true",
help="Replicate dumped data into a sqlite3 database")
general.add_option("--save", dest="saveCmdline", general.add_option("--save", dest="saveCmdline",
action="store_true", action="store_true",
help="Save options to a configuration INI file") help="Save options to a configuration INI file")
@ -592,7 +591,7 @@ def cmdLineParser():
help="Set Tor proxy port other than default") help="Set Tor proxy port other than default")
general.add_option("--tor-type", dest="torType", general.add_option("--tor-type", dest="torType",
help="Set Tor proxy type (HTTP - default, SOCKS4 or SOCKS5)") help="Set Tor proxy type (HTTP (default), SOCKS4 or SOCKS5)")
general.add_option("--update", dest="updateAll", general.add_option("--update", dest="updateAll",
action="store_true", action="store_true",

8
sqlmap.conf
View File

@ -599,6 +599,10 @@ csvDel = ,
# Syntax: username:password # Syntax: username:password
dbmsCred = dbmsCred =
# Format of dumped data
# Valid: CSV, HTML or SQLITE
dumpFormat = CSV
# Retrieve each query output length and calculate the estimated time of # Retrieve each query output length and calculate the estimated time of
# arrival in real time. # arrival in real time.
# Valid: True or False # Valid: True or False
@ -627,10 +631,6 @@ oDir =
# Valid: True or False # Valid: True or False
parseErrors = False parseErrors = False
# Replicate dumped data into a sqlite3 database.
# Valid: True or False
replicate = False
# Use Use Tor anonymity network. # Use Use Tor anonymity network.
# Valid: True or False # Valid: True or False
tor = False tor = False