mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2024-11-25 19:13:48 +03:00
Update related to the last commit
This commit is contained in:
parent
7672b9a0a2
commit
db3bed3f44
|
@ -7,6 +7,8 @@ Copyright (c) 2006-2019 sqlmap developers (http://sqlmap.org/)
|
||||||
See the file 'LICENSE' for copying permission
|
See the file 'LICENSE' for copying permission
|
||||||
"""
|
"""
|
||||||
|
|
||||||
|
from __future__ import print_function
|
||||||
|
|
||||||
import os
|
import os
|
||||||
import sys
|
import sys
|
||||||
import zlib
|
import zlib
|
||||||
|
@ -38,7 +40,7 @@ def decloak(inputFile=None, data=None):
|
||||||
try:
|
try:
|
||||||
data = zlib.decompress(hideAscii(data))
|
data = zlib.decompress(hideAscii(data))
|
||||||
except:
|
except:
|
||||||
print 'ERROR: the provided input file \'%s\' does not contain valid cloaked content' % inputFile
|
print('ERROR: the provided input file \'%s\' does not contain valid cloaked content' % inputFile)
|
||||||
sys.exit(1)
|
sys.exit(1)
|
||||||
finally:
|
finally:
|
||||||
f.close()
|
f.close()
|
||||||
|
@ -63,7 +65,7 @@ def main():
|
||||||
parser.error(e)
|
parser.error(e)
|
||||||
|
|
||||||
if not os.path.isfile(args.inputFile):
|
if not os.path.isfile(args.inputFile):
|
||||||
print 'ERROR: the provided input file \'%s\' is non existent' % args.inputFile
|
print('ERROR: the provided input file \'%s\' is non existent' % args.inputFile)
|
||||||
sys.exit(1)
|
sys.exit(1)
|
||||||
|
|
||||||
if not args.decrypt:
|
if not args.decrypt:
|
||||||
|
|
|
@ -7,6 +7,8 @@ Copyright (c) 2006-2019 sqlmap developers (http://sqlmap.org/)
|
||||||
See the file 'LICENSE' for copying permission
|
See the file 'LICENSE' for copying permission
|
||||||
"""
|
"""
|
||||||
|
|
||||||
|
from __future__ import print_function
|
||||||
|
|
||||||
import os
|
import os
|
||||||
import sys
|
import sys
|
||||||
import struct
|
import struct
|
||||||
|
@ -19,7 +21,7 @@ def convert(inputFile):
|
||||||
fileSize = fileStat.st_size
|
fileSize = fileStat.st_size
|
||||||
|
|
||||||
if fileSize > 65280:
|
if fileSize > 65280:
|
||||||
print "ERROR: the provided input file '%s' is too big for debug.exe" % inputFile
|
print("ERROR: the provided input file '%s' is too big for debug.exe" % inputFile)
|
||||||
sys.exit(1)
|
sys.exit(1)
|
||||||
|
|
||||||
script = "n %s\nr cx\n" % os.path.basename(inputFile.replace(".", "_"))
|
script = "n %s\nr cx\n" % os.path.basename(inputFile.replace(".", "_"))
|
||||||
|
@ -59,7 +61,7 @@ def convert(inputFile):
|
||||||
|
|
||||||
def main(inputFile, outputFile):
|
def main(inputFile, outputFile):
|
||||||
if not os.path.isfile(inputFile):
|
if not os.path.isfile(inputFile):
|
||||||
print "ERROR: the provided input file '%s' is not a regular file" % inputFile
|
print("ERROR: the provided input file '%s' is not a regular file" % inputFile)
|
||||||
sys.exit(1)
|
sys.exit(1)
|
||||||
|
|
||||||
script = convert(inputFile)
|
script = convert(inputFile)
|
||||||
|
@ -70,7 +72,7 @@ def main(inputFile, outputFile):
|
||||||
sys.stdout.write(script)
|
sys.stdout.write(script)
|
||||||
sys.stdout.close()
|
sys.stdout.close()
|
||||||
else:
|
else:
|
||||||
print script
|
print(script)
|
||||||
|
|
||||||
if __name__ == "__main__":
|
if __name__ == "__main__":
|
||||||
usage = "%s -i <input file> [-o <output file>]" % sys.argv[0]
|
usage = "%s -i <input file> [-o <output file>]" % sys.argv[0]
|
||||||
|
|
|
@ -7,6 +7,8 @@ Copyright (c) 2006-2019 sqlmap developers (http://sqlmap.org/)
|
||||||
See the file 'LICENSE' for copying permission
|
See the file 'LICENSE' for copying permission
|
||||||
"""
|
"""
|
||||||
|
|
||||||
|
from __future__ import print_function
|
||||||
|
|
||||||
import binascii
|
import binascii
|
||||||
import re
|
import re
|
||||||
import string
|
import string
|
||||||
|
@ -112,7 +114,7 @@ def main():
|
||||||
parser.error(e)
|
parser.error(e)
|
||||||
|
|
||||||
if not os.path.isfile(args.inputFile):
|
if not os.path.isfile(args.inputFile):
|
||||||
print 'ERROR: the provided input file \'%s\' is not a regular file' % args.inputFile
|
print('ERROR: the provided input file \'%s\' is not a regular file' % args.inputFile)
|
||||||
sys.exit(1)
|
sys.exit(1)
|
||||||
|
|
||||||
f = open(args.inputFile, 'r')
|
f = open(args.inputFile, 'r')
|
||||||
|
|
|
@ -5,6 +5,8 @@
|
||||||
|
|
||||||
# Removes duplicate entries in wordlist like files
|
# Removes duplicate entries in wordlist like files
|
||||||
|
|
||||||
|
from __future__ import print_function
|
||||||
|
|
||||||
import sys
|
import sys
|
||||||
|
|
||||||
if len(sys.argv) > 0:
|
if len(sys.argv) > 0:
|
||||||
|
@ -17,7 +19,7 @@ if len(sys.argv) > 0:
|
||||||
str.encode(item)
|
str.encode(item)
|
||||||
if item in items:
|
if item in items:
|
||||||
if item:
|
if item:
|
||||||
print item
|
print(item)
|
||||||
else:
|
else:
|
||||||
items.append(item)
|
items.append(item)
|
||||||
except:
|
except:
|
||||||
|
|
|
@ -3,6 +3,8 @@
|
||||||
# Runs pylint on all python scripts found in a directory tree
|
# Runs pylint on all python scripts found in a directory tree
|
||||||
# Reference: http://rowinggolfer.blogspot.com/2009/08/pylint-recursively.html
|
# Reference: http://rowinggolfer.blogspot.com/2009/08/pylint-recursively.html
|
||||||
|
|
||||||
|
from __future__ import print_function
|
||||||
|
|
||||||
import os
|
import os
|
||||||
import sys
|
import sys
|
||||||
|
|
||||||
|
@ -12,16 +14,16 @@ def check(filepath):
|
||||||
|
|
||||||
if "\n\n\n" in content:
|
if "\n\n\n" in content:
|
||||||
index = content.find("\n\n\n")
|
index = content.find("\n\n\n")
|
||||||
print filepath, repr(content[index - 30:index + 30])
|
print(filepath, repr(content[index - 30:index + 30]))
|
||||||
|
|
||||||
if __name__ == "__main__":
|
if __name__ == "__main__":
|
||||||
try:
|
try:
|
||||||
BASE_DIRECTORY = sys.argv[1]
|
BASE_DIRECTORY = sys.argv[1]
|
||||||
except IndexError:
|
except IndexError:
|
||||||
print "no directory specified, defaulting to current working directory"
|
print("no directory specified, defaulting to current working directory")
|
||||||
BASE_DIRECTORY = os.getcwd()
|
BASE_DIRECTORY = os.getcwd()
|
||||||
|
|
||||||
print "looking for *.py scripts in subdirectories of ", BASE_DIRECTORY
|
print("looking for *.py scripts in subdirectories of '%s'" % BASE_DIRECTORY)
|
||||||
for root, dirs, files in os.walk(BASE_DIRECTORY):
|
for root, dirs, files in os.walk(BASE_DIRECTORY):
|
||||||
if any(_ in root for _ in ("extra", "thirdparty")):
|
if any(_ in root for _ in ("extra", "thirdparty")):
|
||||||
continue
|
continue
|
||||||
|
|
|
@ -3,6 +3,8 @@
|
||||||
# Runs pylint on all python scripts found in a directory tree
|
# Runs pylint on all python scripts found in a directory tree
|
||||||
# Reference: http://rowinggolfer.blogspot.com/2009/08/pylint-recursively.html
|
# Reference: http://rowinggolfer.blogspot.com/2009/08/pylint-recursively.html
|
||||||
|
|
||||||
|
from __future__ import print_function
|
||||||
|
|
||||||
import os
|
import os
|
||||||
import re
|
import re
|
||||||
import sys
|
import sys
|
||||||
|
@ -17,26 +19,26 @@ def check(module):
|
||||||
|
|
||||||
if module[-3:] == ".py":
|
if module[-3:] == ".py":
|
||||||
|
|
||||||
print "CHECKING ", module
|
print("CHECKING ", module)
|
||||||
pout = os.popen("pylint --rcfile=/dev/null %s" % module, 'r')
|
pout = os.popen("pylint --rcfile=/dev/null %s" % module, 'r')
|
||||||
for line in pout:
|
for line in pout:
|
||||||
if re.match(r"\AE:", line):
|
if re.match(r"\AE:", line):
|
||||||
print line.strip()
|
print(line.strip())
|
||||||
if __RATING__ and "Your code has been rated at" in line:
|
if __RATING__ and "Your code has been rated at" in line:
|
||||||
print line
|
print(line)
|
||||||
score = re.findall(r"\d.\d\d", line)[0]
|
score = re.findall(r"\d.\d\d", line)[0]
|
||||||
total += float(score)
|
total += float(score)
|
||||||
count += 1
|
count += 1
|
||||||
|
|
||||||
if __name__ == "__main__":
|
if __name__ == "__main__":
|
||||||
try:
|
try:
|
||||||
print sys.argv
|
print(sys.argv)
|
||||||
BASE_DIRECTORY = sys.argv[1]
|
BASE_DIRECTORY = sys.argv[1]
|
||||||
except IndexError:
|
except IndexError:
|
||||||
print "no directory specified, defaulting to current working directory"
|
print("no directory specified, defaulting to current working directory")
|
||||||
BASE_DIRECTORY = os.getcwd()
|
BASE_DIRECTORY = os.getcwd()
|
||||||
|
|
||||||
print "looking for *.py scripts in subdirectories of ", BASE_DIRECTORY
|
print("looking for *.py scripts in subdirectories of ", BASE_DIRECTORY)
|
||||||
for root, dirs, files in os.walk(BASE_DIRECTORY):
|
for root, dirs, files in os.walk(BASE_DIRECTORY):
|
||||||
if any(_ in root for _ in ("extra", "thirdparty")):
|
if any(_ in root for _ in ("extra", "thirdparty")):
|
||||||
continue
|
continue
|
||||||
|
@ -45,6 +47,6 @@ if __name__ == "__main__":
|
||||||
check(filepath)
|
check(filepath)
|
||||||
|
|
||||||
if __RATING__:
|
if __RATING__:
|
||||||
print "==" * 50
|
print("==" * 50)
|
||||||
print "%d modules found" % count
|
print("%d modules found" % count)
|
||||||
print "AVERAGE SCORE = %.02f" % (total / count)
|
print("AVERAGE SCORE = %.02f" % (total / count))
|
||||||
|
|
|
@ -3,6 +3,8 @@
|
||||||
# Copyright (c) 2006-2019 sqlmap developers (http://sqlmap.org/)
|
# Copyright (c) 2006-2019 sqlmap developers (http://sqlmap.org/)
|
||||||
# See the file 'LICENSE' for copying permission
|
# See the file 'LICENSE' for copying permission
|
||||||
|
|
||||||
|
from __future__ import print_function
|
||||||
|
|
||||||
import codecs
|
import codecs
|
||||||
import inspect
|
import inspect
|
||||||
import os
|
import os
|
||||||
|
@ -56,8 +58,8 @@ def send_email(msg):
|
||||||
s.sendmail(FROM, TO, msg.as_string())
|
s.sendmail(FROM, TO, msg.as_string())
|
||||||
s.quit()
|
s.quit()
|
||||||
# Catch all for SMTP exceptions
|
# Catch all for SMTP exceptions
|
||||||
except smtplib.SMTPException, e:
|
except smtplib.SMTPException as ex:
|
||||||
print "Failure to send email: %s" % str(e)
|
print("Failure to send email: '%s" % ex)
|
||||||
|
|
||||||
def failure_email(msg):
|
def failure_email(msg):
|
||||||
msg = prepare_email(msg)
|
msg = prepare_email(msg)
|
||||||
|
@ -157,7 +159,7 @@ if __name__ == "__main__":
|
||||||
|
|
||||||
try:
|
try:
|
||||||
main()
|
main()
|
||||||
except Exception, e:
|
except Exception:
|
||||||
log_fd.write("An exception has occurred:\n%s" % str(traceback.format_exc()))
|
log_fd.write("An exception has occurred:\n%s" % str(traceback.format_exc()))
|
||||||
|
|
||||||
log_fd.write("Regression test finished at %s\n\n" % time.strftime("%H:%M:%S %d-%m-%Y", time.gmtime()))
|
log_fd.write("Regression test finished at %s\n\n" % time.strftime("%H:%M:%S %d-%m-%Y", time.gmtime()))
|
||||||
|
|
|
@ -5,6 +5,8 @@ Copyright (c) 2006-2019 sqlmap developers (http://sqlmap.org/)
|
||||||
See the file 'LICENSE' for copying permission
|
See the file 'LICENSE' for copying permission
|
||||||
"""
|
"""
|
||||||
|
|
||||||
|
from __future__ import print_function
|
||||||
|
|
||||||
import cookielib
|
import cookielib
|
||||||
import re
|
import re
|
||||||
import socket
|
import socket
|
||||||
|
@ -75,8 +77,8 @@ def main():
|
||||||
except KeyboardInterrupt:
|
except KeyboardInterrupt:
|
||||||
raise
|
raise
|
||||||
|
|
||||||
except Exception, msg:
|
except Exception as ex:
|
||||||
print msg
|
print(ex)
|
||||||
|
|
||||||
if abort:
|
if abort:
|
||||||
break
|
break
|
||||||
|
@ -86,7 +88,7 @@ def main():
|
||||||
sys.stdout.write("---------------\n")
|
sys.stdout.write("---------------\n")
|
||||||
|
|
||||||
for sqlfile in files:
|
for sqlfile in files:
|
||||||
print sqlfile
|
print(sqlfile)
|
||||||
|
|
||||||
try:
|
try:
|
||||||
req = urllib2.Request(sqlfile)
|
req = urllib2.Request(sqlfile)
|
||||||
|
@ -118,8 +120,8 @@ def main():
|
||||||
except KeyboardInterrupt:
|
except KeyboardInterrupt:
|
||||||
raise
|
raise
|
||||||
|
|
||||||
except Exception, msg:
|
except Exception as ex:
|
||||||
print msg
|
print(ex)
|
||||||
|
|
||||||
else:
|
else:
|
||||||
i += 1
|
i += 1
|
||||||
|
|
|
@ -5,6 +5,8 @@ Copyright (c) 2006-2019 sqlmap developers (http://sqlmap.org/)
|
||||||
See the file 'LICENSE' for copying permission
|
See the file 'LICENSE' for copying permission
|
||||||
"""
|
"""
|
||||||
|
|
||||||
|
from __future__ import print_function
|
||||||
|
|
||||||
import cookielib
|
import cookielib
|
||||||
import glob
|
import glob
|
||||||
import httplib
|
import httplib
|
||||||
|
@ -68,7 +70,7 @@ def colorize(message):
|
||||||
def main():
|
def main():
|
||||||
global WAF_FUNCTIONS
|
global WAF_FUNCTIONS
|
||||||
|
|
||||||
print colorize("%s #v%s\n by: %s\n" % (NAME, VERSION, AUTHOR))
|
print(colorize("%s #v%s\n by: %s\n" % (NAME, VERSION, AUTHOR)))
|
||||||
|
|
||||||
if len(sys.argv) < 2:
|
if len(sys.argv) < 2:
|
||||||
exit(colorize("[x] usage: python %s <hostname>" % os.path.split(__file__)[-1]))
|
exit(colorize("[x] usage: python %s <hostname>" % os.path.split(__file__)[-1]))
|
||||||
|
@ -104,13 +106,13 @@ def main():
|
||||||
|
|
||||||
WAF_FUNCTIONS = sorted(WAF_FUNCTIONS, key=lambda _: "generic" in _[1].lower())
|
WAF_FUNCTIONS = sorted(WAF_FUNCTIONS, key=lambda _: "generic" in _[1].lower())
|
||||||
|
|
||||||
print colorize("[i] checking '%s'..." % sys.argv[1])
|
print(colorize("[i] checking '%s'..." % sys.argv[1]))
|
||||||
|
|
||||||
hostname = sys.argv[1].split("//")[-1].split('/')[0]
|
hostname = sys.argv[1].split("//")[-1].split('/')[0]
|
||||||
try:
|
try:
|
||||||
socket.getaddrinfo(hostname, None)
|
socket.getaddrinfo(hostname, None)
|
||||||
except socket.gaierror:
|
except socket.gaierror:
|
||||||
print colorize("[x] host '%s' does not exist" % hostname)
|
print(colorize("[x] host '%s' does not exist" % hostname))
|
||||||
exit(1)
|
exit(1)
|
||||||
|
|
||||||
found = False
|
found = False
|
||||||
|
@ -122,7 +124,7 @@ def main():
|
||||||
exit(colorize("[!] WAF/IPS identified as '%s'" % product))
|
exit(colorize("[!] WAF/IPS identified as '%s'" % product))
|
||||||
|
|
||||||
if not found:
|
if not found:
|
||||||
print colorize("[o] nothing found")
|
print(colorize("[o] nothing found"))
|
||||||
|
|
||||||
print
|
print
|
||||||
|
|
||||||
|
|
|
@ -627,10 +627,10 @@ def checkSqlInjection(place, parameter, value):
|
||||||
|
|
||||||
injectable = True
|
injectable = True
|
||||||
|
|
||||||
except SqlmapConnectionException, msg:
|
except SqlmapConnectionException as ex:
|
||||||
debugMsg = "problem occurred most likely because the "
|
debugMsg = "problem occurred most likely because the "
|
||||||
debugMsg += "server hasn't recovered as expected from the "
|
debugMsg += "server hasn't recovered as expected from the "
|
||||||
debugMsg += "error-based payload used ('%s')" % msg
|
debugMsg += "error-based payload used ('%s')" % getSafeExString(ex)
|
||||||
logger.debug(debugMsg)
|
logger.debug(debugMsg)
|
||||||
|
|
||||||
# In case of time-based blind or stacked queries
|
# In case of time-based blind or stacked queries
|
||||||
|
|
|
@ -4746,6 +4746,8 @@ def getSafeExString(ex, encoding=None):
|
||||||
retVal = ex.msg
|
retVal = ex.msg
|
||||||
elif isinstance(ex, (list, tuple)) and len(ex) > 1 and isinstance(ex[1], basestring):
|
elif isinstance(ex, (list, tuple)) and len(ex) > 1 and isinstance(ex[1], basestring):
|
||||||
retVal = ex[1]
|
retVal = ex[1]
|
||||||
|
elif isinstance(ex, (list, tuple)) and len(ex) > 0 and isinstance(ex[0], basestring):
|
||||||
|
retVal = ex[0]
|
||||||
|
|
||||||
return getUnicode(retVal or "", encoding=encoding).strip()
|
return getUnicode(retVal or "", encoding=encoding).strip()
|
||||||
|
|
||||||
|
|
|
@ -624,8 +624,8 @@ class Dump(object):
|
||||||
with open(filepath, "wb") as f:
|
with open(filepath, "wb") as f:
|
||||||
_ = safechardecode(value, True)
|
_ = safechardecode(value, True)
|
||||||
f.write(_)
|
f.write(_)
|
||||||
except magic.MagicException, err:
|
except magic.MagicException as ex:
|
||||||
logger.debug(str(err))
|
logger.debug(getSafeExString(ex))
|
||||||
|
|
||||||
if conf.dumpFormat == DUMP_FORMAT.CSV:
|
if conf.dumpFormat == DUMP_FORMAT.CSV:
|
||||||
if field == fields:
|
if field == fields:
|
||||||
|
|
|
@ -19,7 +19,7 @@ from lib.core.enums import DBMS_DIRECTORY_NAME
|
||||||
from lib.core.enums import OS
|
from lib.core.enums import OS
|
||||||
|
|
||||||
# sqlmap version (<major>.<minor>.<month>.<monthly commit>)
|
# sqlmap version (<major>.<minor>.<month>.<monthly commit>)
|
||||||
VERSION = "1.3.1.60"
|
VERSION = "1.3.1.61"
|
||||||
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
|
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
|
||||||
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
|
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
|
||||||
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
|
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
|
||||||
|
|
|
@ -646,7 +646,7 @@ def _createTargetDirs():
|
||||||
except (OSError, IOError) as ex:
|
except (OSError, IOError) as ex:
|
||||||
try:
|
try:
|
||||||
tempDir = tempfile.mkdtemp(prefix="sqlmap%s" % context)
|
tempDir = tempfile.mkdtemp(prefix="sqlmap%s" % context)
|
||||||
except Exception, _:
|
except Exception as _:
|
||||||
errMsg = "unable to write to the temporary directory ('%s'). " % _
|
errMsg = "unable to write to the temporary directory ('%s'). " % _
|
||||||
errMsg += "Please make sure that your disk is not full and "
|
errMsg += "Please make sure that your disk is not full and "
|
||||||
errMsg += "that you have sufficient write permissions to "
|
errMsg += "that you have sufficient write permissions to "
|
||||||
|
@ -668,7 +668,7 @@ def _createTargetDirs():
|
||||||
except (OSError, IOError, TypeError) as ex:
|
except (OSError, IOError, TypeError) as ex:
|
||||||
try:
|
try:
|
||||||
tempDir = tempfile.mkdtemp(prefix="sqlmapoutput")
|
tempDir = tempfile.mkdtemp(prefix="sqlmapoutput")
|
||||||
except Exception, _:
|
except Exception as _:
|
||||||
errMsg = "unable to write to the temporary directory ('%s'). " % _
|
errMsg = "unable to write to the temporary directory ('%s'). " % _
|
||||||
errMsg += "Please make sure that your disk is not full and "
|
errMsg += "Please make sure that your disk is not full and "
|
||||||
errMsg += "that you have sufficient write permissions to "
|
errMsg += "that you have sufficient write permissions to "
|
||||||
|
|
|
@ -75,10 +75,10 @@ def smokeTest():
|
||||||
try:
|
try:
|
||||||
__import__(path)
|
__import__(path)
|
||||||
module = sys.modules[path]
|
module = sys.modules[path]
|
||||||
except Exception, msg:
|
except Exception as ex:
|
||||||
retVal = False
|
retVal = False
|
||||||
dataToStdout("\r")
|
dataToStdout("\r")
|
||||||
errMsg = "smoke test failed at importing module '%s' (%s):\n%s" % (path, os.path.join(root, filename), msg)
|
errMsg = "smoke test failed at importing module '%s' (%s):\n%s" % (path, os.path.join(root, filename), ex)
|
||||||
logger.error(errMsg)
|
logger.error(errMsg)
|
||||||
else:
|
else:
|
||||||
# Run doc tests
|
# Run doc tests
|
||||||
|
@ -275,10 +275,10 @@ def runCase(parse):
|
||||||
result = start()
|
result = start()
|
||||||
except KeyboardInterrupt:
|
except KeyboardInterrupt:
|
||||||
pass
|
pass
|
||||||
except SqlmapBaseException, e:
|
except SqlmapBaseException as ex:
|
||||||
handled_exception = e
|
handled_exception = ex
|
||||||
except Exception, e:
|
except Exception as ex:
|
||||||
unhandled_exception = e
|
unhandled_exception = ex
|
||||||
finally:
|
finally:
|
||||||
sys.stdout.seek(0)
|
sys.stdout.seek(0)
|
||||||
console = sys.stdout.read()
|
console = sys.stdout.read()
|
||||||
|
|
|
@ -5,6 +5,8 @@ Copyright (c) 2006-2019 sqlmap developers (http://sqlmap.org/)
|
||||||
See the file 'LICENSE' for copying permission
|
See the file 'LICENSE' for copying permission
|
||||||
"""
|
"""
|
||||||
|
|
||||||
|
from __future__ import print_function
|
||||||
|
|
||||||
import os
|
import os
|
||||||
import re
|
import re
|
||||||
import shlex
|
import shlex
|
||||||
|
@ -842,7 +844,7 @@ def cmdLineParser(argv=None):
|
||||||
argv[i] = argv[i][:-1]
|
argv[i] = argv[i][:-1]
|
||||||
conf.skipThreadCheck = True
|
conf.skipThreadCheck = True
|
||||||
elif argv[i] == "--version":
|
elif argv[i] == "--version":
|
||||||
print VERSION_STRING.split('/')[-1]
|
print(VERSION_STRING.split('/')[-1])
|
||||||
raise SystemExit
|
raise SystemExit
|
||||||
elif argv[i] in ("-h", "--help"):
|
elif argv[i] in ("-h", "--help"):
|
||||||
advancedHelp = False
|
advancedHelp = False
|
||||||
|
|
|
@ -17,6 +17,7 @@ from lib.core.common import Backend
|
||||||
from lib.core.common import extractErrorMessage
|
from lib.core.common import extractErrorMessage
|
||||||
from lib.core.common import extractRegexResult
|
from lib.core.common import extractRegexResult
|
||||||
from lib.core.common import getPublicTypeMembers
|
from lib.core.common import getPublicTypeMembers
|
||||||
|
from lib.core.common import getSafeExString
|
||||||
from lib.core.common import getUnicode
|
from lib.core.common import getUnicode
|
||||||
from lib.core.common import isListLike
|
from lib.core.common import isListLike
|
||||||
from lib.core.common import randomStr
|
from lib.core.common import randomStr
|
||||||
|
@ -280,10 +281,10 @@ def decodePage(page, contentEncoding, contentType):
|
||||||
raise Exception("size too large")
|
raise Exception("size too large")
|
||||||
|
|
||||||
page = data.read()
|
page = data.read()
|
||||||
except Exception, msg:
|
except Exception as ex:
|
||||||
if "<html" not in page: # in some cases, invalid "Content-Encoding" appears for plain HTML (should be ignored)
|
if "<html" not in page: # in some cases, invalid "Content-Encoding" appears for plain HTML (should be ignored)
|
||||||
errMsg = "detected invalid data for declared content "
|
errMsg = "detected invalid data for declared content "
|
||||||
errMsg += "encoding '%s' ('%s')" % (contentEncoding, msg)
|
errMsg += "encoding '%s' ('%s')" % (contentEncoding, getSafeExString(ex))
|
||||||
singleTimeLogMessage(errMsg, logging.ERROR)
|
singleTimeLogMessage(errMsg, logging.ERROR)
|
||||||
|
|
||||||
warnMsg = "turning off page compression"
|
warnMsg = "turning off page compression"
|
||||||
|
|
|
@ -5,6 +5,8 @@ Copyright (c) 2006-2019 sqlmap developers (http://sqlmap.org/)
|
||||||
See the file 'LICENSE' for copying permission
|
See the file 'LICENSE' for copying permission
|
||||||
"""
|
"""
|
||||||
|
|
||||||
|
from __future__ import print_function
|
||||||
|
|
||||||
import os
|
import os
|
||||||
import re
|
import re
|
||||||
import socket
|
import socket
|
||||||
|
@ -145,13 +147,13 @@ if __name__ == "__main__":
|
||||||
if _ is None:
|
if _ is None:
|
||||||
break
|
break
|
||||||
else:
|
else:
|
||||||
print "[i] %s" % _
|
print("[i] %s" % _)
|
||||||
|
|
||||||
time.sleep(1)
|
time.sleep(1)
|
||||||
|
|
||||||
except socket.error as ex:
|
except socket.error as ex:
|
||||||
if 'Permission' in str(ex):
|
if 'Permission' in str(ex):
|
||||||
print "[x] Please run with sudo/Administrator privileges"
|
print("[x] Please run with sudo/Administrator privileges")
|
||||||
else:
|
else:
|
||||||
raise
|
raise
|
||||||
except KeyboardInterrupt:
|
except KeyboardInterrupt:
|
||||||
|
|
|
@ -16,6 +16,7 @@ from lib.core.data import conf
|
||||||
from lib.core.data import kb
|
from lib.core.data import kb
|
||||||
from lib.core.data import logger
|
from lib.core.data import logger
|
||||||
from lib.core.common import getHostHeader
|
from lib.core.common import getHostHeader
|
||||||
|
from lib.core.common import getSafeExString
|
||||||
from lib.core.common import getUnicode
|
from lib.core.common import getUnicode
|
||||||
from lib.core.common import logHTTPTraffic
|
from lib.core.common import logHTTPTraffic
|
||||||
from lib.core.common import readInput
|
from lib.core.common import readInput
|
||||||
|
@ -75,9 +76,9 @@ class SmartRedirectHandler(urllib2.HTTPRedirectHandler):
|
||||||
|
|
||||||
try:
|
try:
|
||||||
content = fp.read(MAX_CONNECTION_TOTAL_SIZE)
|
content = fp.read(MAX_CONNECTION_TOTAL_SIZE)
|
||||||
except Exception, msg:
|
except Exception as ex:
|
||||||
dbgMsg = "there was a problem while retrieving "
|
dbgMsg = "there was a problem while retrieving "
|
||||||
dbgMsg += "redirect response content (%s)" % msg
|
dbgMsg += "redirect response content ('%s')" % getSafeExString(ex)
|
||||||
logger.debug(dbgMsg)
|
logger.debug(dbgMsg)
|
||||||
finally:
|
finally:
|
||||||
if content:
|
if content:
|
||||||
|
|
|
@ -770,8 +770,8 @@ def _bruteProcessVariantA(attack_info, hash_regex, suffix, retVal, proc_id, proc
|
||||||
except (UnicodeEncodeError, UnicodeDecodeError):
|
except (UnicodeEncodeError, UnicodeDecodeError):
|
||||||
pass # ignore possible encoding problems caused by some words in custom dictionaries
|
pass # ignore possible encoding problems caused by some words in custom dictionaries
|
||||||
|
|
||||||
except Exception, e:
|
except Exception as ex:
|
||||||
warnMsg = "there was a problem while hashing entry: %s (%s). " % (repr(word), e)
|
warnMsg = "there was a problem while hashing entry: %s ('%s'). " % (repr(word), getSafeExString(ex))
|
||||||
warnMsg += "Please report by e-mail to '%s'" % DEV_EMAIL_ADDRESS
|
warnMsg += "Please report by e-mail to '%s'" % DEV_EMAIL_ADDRESS
|
||||||
logger.critical(warnMsg)
|
logger.critical(warnMsg)
|
||||||
|
|
||||||
|
@ -847,8 +847,8 @@ def _bruteProcessVariantB(user, hash_, kwargs, hash_regex, suffix, retVal, found
|
||||||
except (UnicodeEncodeError, UnicodeDecodeError):
|
except (UnicodeEncodeError, UnicodeDecodeError):
|
||||||
pass # ignore possible encoding problems caused by some words in custom dictionaries
|
pass # ignore possible encoding problems caused by some words in custom dictionaries
|
||||||
|
|
||||||
except Exception, e:
|
except Exception as ex:
|
||||||
warnMsg = "there was a problem while hashing entry: %s (%s). " % (repr(word), e)
|
warnMsg = "there was a problem while hashing entry: %s ('%s'). " % (repr(word), getSafeExString(ex))
|
||||||
warnMsg += "Please report by e-mail to '%s'" % DEV_EMAIL_ADDRESS
|
warnMsg += "Please report by e-mail to '%s'" % DEV_EMAIL_ADDRESS
|
||||||
logger.critical(warnMsg)
|
logger.critical(warnMsg)
|
||||||
|
|
||||||
|
|
|
@ -76,8 +76,8 @@ class SQLAlchemy(GenericConnector):
|
||||||
raise
|
raise
|
||||||
except SqlmapFilePathException:
|
except SqlmapFilePathException:
|
||||||
raise
|
raise
|
||||||
except Exception, msg:
|
except Exception as ex:
|
||||||
raise SqlmapConnectionException("SQLAlchemy connection issue ('%s')" % msg[0])
|
raise SqlmapConnectionException("SQLAlchemy connection issue ('%s')" % ex[0])
|
||||||
|
|
||||||
self.printConnected()
|
self.printConnected()
|
||||||
else:
|
else:
|
||||||
|
@ -89,17 +89,17 @@ class SQLAlchemy(GenericConnector):
|
||||||
for row in self.cursor.fetchall():
|
for row in self.cursor.fetchall():
|
||||||
retVal.append(tuple(row))
|
retVal.append(tuple(row))
|
||||||
return retVal
|
return retVal
|
||||||
except _sqlalchemy.exc.ProgrammingError, msg:
|
except _sqlalchemy.exc.ProgrammingError as ex:
|
||||||
logger.log(logging.WARN if conf.dbmsHandler else logging.DEBUG, "(remote) %s" % msg.message if hasattr(msg, "message") else msg)
|
logger.log(logging.WARN if conf.dbmsHandler else logging.DEBUG, "(remote) %s" % ex.message if hasattr(ex, "message") else ex)
|
||||||
return None
|
return None
|
||||||
|
|
||||||
def execute(self, query):
|
def execute(self, query):
|
||||||
try:
|
try:
|
||||||
self.cursor = self.connector.execute(query)
|
self.cursor = self.connector.execute(query)
|
||||||
except (_sqlalchemy.exc.OperationalError, _sqlalchemy.exc.ProgrammingError), msg:
|
except (_sqlalchemy.exc.OperationalError, _sqlalchemy.exc.ProgrammingError) as ex:
|
||||||
logger.log(logging.WARN if conf.dbmsHandler else logging.DEBUG, "(remote) %s" % msg.message if hasattr(msg, "message") else msg)
|
logger.log(logging.WARN if conf.dbmsHandler else logging.DEBUG, "(remote) %s" % ex.message if hasattr(ex, "message") else ex)
|
||||||
except _sqlalchemy.exc.InternalError, msg:
|
except _sqlalchemy.exc.InternalError as ex:
|
||||||
raise SqlmapConnectionException(msg[1])
|
raise SqlmapConnectionException(ex[1])
|
||||||
|
|
||||||
def select(self, query):
|
def select(self, query):
|
||||||
self.execute(query)
|
self.execute(query)
|
||||||
|
|
|
@ -22,8 +22,8 @@ def timeout(func, args=(), kwargs={}, duration=1, default=None):
|
||||||
try:
|
try:
|
||||||
self.result = func(*args, **kwargs)
|
self.result = func(*args, **kwargs)
|
||||||
self.timeout_state = TIMEOUT_STATE.NORMAL
|
self.timeout_state = TIMEOUT_STATE.NORMAL
|
||||||
except Exception, msg:
|
except Exception as ex:
|
||||||
logger.log(CUSTOM_LOGGING.TRAFFIC_IN, msg)
|
logger.log(CUSTOM_LOGGING.TRAFFIC_IN, ex)
|
||||||
self.result = default
|
self.result = default
|
||||||
self.timeout_state = TIMEOUT_STATE.EXCEPTION
|
self.timeout_state = TIMEOUT_STATE.EXCEPTION
|
||||||
|
|
||||||
|
|
|
@ -42,8 +42,8 @@ class Connector(GenericConnector):
|
||||||
try:
|
try:
|
||||||
# Reference: http://www.daniweb.com/forums/thread248499.html
|
# Reference: http://www.daniweb.com/forums/thread248499.html
|
||||||
self.connector = kinterbasdb.connect(host=self.hostname.encode(UNICODE_ENCODING), database=self.db.encode(UNICODE_ENCODING), user=self.user.encode(UNICODE_ENCODING), password=self.password.encode(UNICODE_ENCODING), charset="UTF8")
|
self.connector = kinterbasdb.connect(host=self.hostname.encode(UNICODE_ENCODING), database=self.db.encode(UNICODE_ENCODING), user=self.user.encode(UNICODE_ENCODING), password=self.password.encode(UNICODE_ENCODING), charset="UTF8")
|
||||||
except kinterbasdb.OperationalError, msg:
|
except kinterbasdb.OperationalError as ex:
|
||||||
raise SqlmapConnectionException(getSafeExString(msg))
|
raise SqlmapConnectionException(getSafeExString(ex))
|
||||||
|
|
||||||
self.initCursor()
|
self.initCursor()
|
||||||
self.printConnected()
|
self.printConnected()
|
||||||
|
@ -51,17 +51,17 @@ class Connector(GenericConnector):
|
||||||
def fetchall(self):
|
def fetchall(self):
|
||||||
try:
|
try:
|
||||||
return self.cursor.fetchall()
|
return self.cursor.fetchall()
|
||||||
except kinterbasdb.OperationalError, msg:
|
except kinterbasdb.OperationalError as ex:
|
||||||
logger.log(logging.WARN if conf.dbmsHandler else logging.DEBUG, "(remote) %s" % getSafeExString(msg))
|
logger.log(logging.WARN if conf.dbmsHandler else logging.DEBUG, "(remote) %s" % getSafeExString(ex))
|
||||||
return None
|
return None
|
||||||
|
|
||||||
def execute(self, query):
|
def execute(self, query):
|
||||||
try:
|
try:
|
||||||
self.cursor.execute(query)
|
self.cursor.execute(query)
|
||||||
except kinterbasdb.OperationalError, msg:
|
except kinterbasdb.OperationalError as ex:
|
||||||
logger.log(logging.WARN if conf.dbmsHandler else logging.DEBUG, "(remote) %s" % getSafeExString(msg))
|
logger.log(logging.WARN if conf.dbmsHandler else logging.DEBUG, "(remote) %s" % getSafeExString(ex))
|
||||||
except kinterbasdb.Error, msg:
|
except kinterbasdb.Error as ex:
|
||||||
raise SqlmapConnectionException(getSafeExString(msg))
|
raise SqlmapConnectionException(getSafeExString(ex))
|
||||||
|
|
||||||
self.connector.commit()
|
self.connector.commit()
|
||||||
|
|
||||||
|
|
|
@ -14,6 +14,7 @@ except:
|
||||||
import logging
|
import logging
|
||||||
|
|
||||||
from lib.core.common import checkFile
|
from lib.core.common import checkFile
|
||||||
|
from lib.core.common import getSafeExString
|
||||||
from lib.core.common import readInput
|
from lib.core.common import readInput
|
||||||
from lib.core.data import conf
|
from lib.core.data import conf
|
||||||
from lib.core.data import logger
|
from lib.core.data import logger
|
||||||
|
@ -41,15 +42,15 @@ class Connector(GenericConnector):
|
||||||
args = "-Djava.class.path=%s" % jar
|
args = "-Djava.class.path=%s" % jar
|
||||||
jvm_path = jpype.getDefaultJVMPath()
|
jvm_path = jpype.getDefaultJVMPath()
|
||||||
jpype.startJVM(jvm_path, args)
|
jpype.startJVM(jvm_path, args)
|
||||||
except Exception, msg:
|
except Exception as ex:
|
||||||
raise SqlmapConnectionException(msg[0])
|
raise SqlmapConnectionException(getSafeExString(ex))
|
||||||
|
|
||||||
try:
|
try:
|
||||||
driver = 'org.hsqldb.jdbc.JDBCDriver'
|
driver = 'org.hsqldb.jdbc.JDBCDriver'
|
||||||
connection_string = 'jdbc:hsqldb:mem:.' # 'jdbc:hsqldb:hsql://%s/%s' % (self.hostname, self.db)
|
connection_string = 'jdbc:hsqldb:mem:.' # 'jdbc:hsqldb:hsql://%s/%s' % (self.hostname, self.db)
|
||||||
self.connector = jaydebeapi.connect(driver, connection_string, str(self.user), str(self.password))
|
self.connector = jaydebeapi.connect(driver, connection_string, str(self.user), str(self.password))
|
||||||
except Exception, msg:
|
except Exception as ex:
|
||||||
raise SqlmapConnectionException(msg[0])
|
raise SqlmapConnectionException(getSafeExString(ex))
|
||||||
|
|
||||||
self.initCursor()
|
self.initCursor()
|
||||||
self.printConnected()
|
self.printConnected()
|
||||||
|
@ -57,8 +58,8 @@ class Connector(GenericConnector):
|
||||||
def fetchall(self):
|
def fetchall(self):
|
||||||
try:
|
try:
|
||||||
return self.cursor.fetchall()
|
return self.cursor.fetchall()
|
||||||
except Exception, msg:
|
except Exception as ex:
|
||||||
logger.log(logging.WARN if conf.dbmsHandler else logging.DEBUG, "(remote) %s" % msg[1])
|
logger.log(logging.WARN if conf.dbmsHandler else logging.DEBUG, "(remote) '%s'" % getSafeExString(ex))
|
||||||
return None
|
return None
|
||||||
|
|
||||||
def execute(self, query):
|
def execute(self, query):
|
||||||
|
@ -67,8 +68,8 @@ class Connector(GenericConnector):
|
||||||
try:
|
try:
|
||||||
self.cursor.execute(query)
|
self.cursor.execute(query)
|
||||||
retVal = True
|
retVal = True
|
||||||
except Exception, msg: # TODO: fix with specific error
|
except Exception as ex:
|
||||||
logger.log(logging.WARN if conf.dbmsHandler else logging.DEBUG, "(remote) %s" % msg[1])
|
logger.log(logging.WARN if conf.dbmsHandler else logging.DEBUG, "(remote) '%s'" % getSafeExString(ex))
|
||||||
|
|
||||||
self.connector.commit()
|
self.connector.commit()
|
||||||
|
|
||||||
|
|
|
@ -41,7 +41,7 @@ class Connector(GenericConnector):
|
||||||
|
|
||||||
try:
|
try:
|
||||||
self.connector = pymssql.connect(host="%s:%d" % (self.hostname, self.port), user=self.user, password=self.password, database=self.db, login_timeout=conf.timeout, timeout=conf.timeout)
|
self.connector = pymssql.connect(host="%s:%d" % (self.hostname, self.port), user=self.user, password=self.password, database=self.db, login_timeout=conf.timeout, timeout=conf.timeout)
|
||||||
except (pymssql2.Error, _mssql.MssqlDatabaseException), msg:
|
except (pymssql.Error, _mssql.MssqlDatabaseException), msg:
|
||||||
raise SqlmapConnectionException(msg)
|
raise SqlmapConnectionException(msg)
|
||||||
except ValueError:
|
except ValueError:
|
||||||
raise SqlmapConnectionException
|
raise SqlmapConnectionException
|
||||||
|
|
|
@ -52,8 +52,8 @@ class Connector:
|
||||||
self.cursor.close()
|
self.cursor.close()
|
||||||
if self.connector:
|
if self.connector:
|
||||||
self.connector.close()
|
self.connector.close()
|
||||||
except Exception, msg:
|
except Exception as ex:
|
||||||
logger.debug(msg)
|
logger.debug(ex)
|
||||||
finally:
|
finally:
|
||||||
self.closed()
|
self.closed()
|
||||||
|
|
||||||
|
|
|
@ -1,8 +1,8 @@
|
||||||
3d37032b2bd62ee37bd61c5b7ad31ab4 extra/beep/beep.py
|
3d37032b2bd62ee37bd61c5b7ad31ab4 extra/beep/beep.py
|
||||||
fb6be55d21a70765e35549af2484f762 extra/beep/__init__.py
|
fb6be55d21a70765e35549af2484f762 extra/beep/__init__.py
|
||||||
ed51a485d1badc99267f0d136bfb2a12 extra/cloak/cloak.py
|
03e8129f9ef4aea150266255a0cd06f4 extra/cloak/cloak.py
|
||||||
fb6be55d21a70765e35549af2484f762 extra/cloak/__init__.py
|
fb6be55d21a70765e35549af2484f762 extra/cloak/__init__.py
|
||||||
6baecbea87de0a56f99e59bfe982ebc5 extra/dbgtool/dbgtool.py
|
c7da22bb04f5c42a523d04baebe8088c extra/dbgtool/dbgtool.py
|
||||||
fb6be55d21a70765e35549af2484f762 extra/dbgtool/__init__.py
|
fb6be55d21a70765e35549af2484f762 extra/dbgtool/__init__.py
|
||||||
acba8b5dc93db0fe6b2b04ff0138c33c extra/icmpsh/icmpsh.exe_
|
acba8b5dc93db0fe6b2b04ff0138c33c extra/icmpsh/icmpsh.exe_
|
||||||
216a0e04bef7053e6aa35ca98907007e extra/icmpsh/icmpsh_m.py
|
216a0e04bef7053e6aa35ca98907007e extra/icmpsh/icmpsh_m.py
|
||||||
|
@ -10,33 +10,33 @@ acba8b5dc93db0fe6b2b04ff0138c33c extra/icmpsh/icmpsh.exe_
|
||||||
fb6be55d21a70765e35549af2484f762 extra/__init__.py
|
fb6be55d21a70765e35549af2484f762 extra/__init__.py
|
||||||
ff90cb0366f7cefbdd6e573e27e6238c extra/runcmd/runcmd.exe_
|
ff90cb0366f7cefbdd6e573e27e6238c extra/runcmd/runcmd.exe_
|
||||||
fb6be55d21a70765e35549af2484f762 extra/safe2bin/__init__.py
|
fb6be55d21a70765e35549af2484f762 extra/safe2bin/__init__.py
|
||||||
f372fef397ba41ea54334c16ebe646b2 extra/safe2bin/safe2bin.py
|
db2b5fce6e92d3a13cb62aea5ffcae2d extra/safe2bin/safe2bin.py
|
||||||
d229479d02d21b29f209143cb0547780 extra/shellcodeexec/linux/shellcodeexec.x32_
|
d229479d02d21b29f209143cb0547780 extra/shellcodeexec/linux/shellcodeexec.x32_
|
||||||
2fe2f94eebc62f7614f0391a8a90104f extra/shellcodeexec/linux/shellcodeexec.x64_
|
2fe2f94eebc62f7614f0391a8a90104f extra/shellcodeexec/linux/shellcodeexec.x64_
|
||||||
c55b400b72acc43e0e59c87dd8bb8d75 extra/shellcodeexec/windows/shellcodeexec.x32.exe_
|
c55b400b72acc43e0e59c87dd8bb8d75 extra/shellcodeexec/windows/shellcodeexec.x32.exe_
|
||||||
d1bf28af13f1017f4007f29ea86afd25 extra/shutils/duplicates.py
|
a32e12410e0f86c1d035db6daae84680 extra/shutils/duplicates.py
|
||||||
e4805169a081b834ca51a60a150c7247 extra/shutils/newlines.py
|
1cf0ecf81a0483c3de78ac683445ac7a extra/shutils/newlines.py
|
||||||
71b9d4357c31db013ecda27433830090 extra/shutils/pylint.py
|
9626f1f72dc96dbdecb1ea7404811902 extra/shutils/pylint.py
|
||||||
11492e9b5f183c289b98442437675c1f extra/shutils/regressiontest.py
|
80f989adc6d4fa999b414c0787a06c1b extra/shutils/regressiontest.py
|
||||||
fb6be55d21a70765e35549af2484f762 extra/sqlharvest/__init__.py
|
fb6be55d21a70765e35549af2484f762 extra/sqlharvest/__init__.py
|
||||||
53d5dcba047f1285e32b9e88d2803ebf extra/sqlharvest/sqlharvest.py
|
4f82e97b09cc530cb9a92472d0835cea extra/sqlharvest/sqlharvest.py
|
||||||
fb6be55d21a70765e35549af2484f762 extra/wafdetectify/__init__.py
|
fb6be55d21a70765e35549af2484f762 extra/wafdetectify/__init__.py
|
||||||
d7e3aa3221c5ddb106a029720bf9fb5e extra/wafdetectify/wafdetectify.py
|
e0581096d2890506878e9b424e4e1001 extra/wafdetectify/wafdetectify.py
|
||||||
ec782b9cdb8d857a80b6ecf0f32db7f4 lib/controller/action.py
|
ec782b9cdb8d857a80b6ecf0f32db7f4 lib/controller/action.py
|
||||||
d62df9d0d5643d67b75f836ea87827c7 lib/controller/checks.py
|
d099724a49c5fd6b0dca8c777e82604e lib/controller/checks.py
|
||||||
c4d559a98cfc62b401ef7e0bfab782f0 lib/controller/controller.py
|
c4d559a98cfc62b401ef7e0bfab782f0 lib/controller/controller.py
|
||||||
c1da277517c7ec4c23e953a51b51e203 lib/controller/handler.py
|
c1da277517c7ec4c23e953a51b51e203 lib/controller/handler.py
|
||||||
fb6be55d21a70765e35549af2484f762 lib/controller/__init__.py
|
fb6be55d21a70765e35549af2484f762 lib/controller/__init__.py
|
||||||
ed7874be0d2d3802f3d20184f2b280d5 lib/core/agent.py
|
ed7874be0d2d3802f3d20184f2b280d5 lib/core/agent.py
|
||||||
44ac129c1b3b6130b4f1bc7b93036278 lib/core/bigarray.py
|
44ac129c1b3b6130b4f1bc7b93036278 lib/core/bigarray.py
|
||||||
5da00a381cc1847201ffbeb663653ecd lib/core/common.py
|
34906c544d5c1060eecb2277b2c218d3 lib/core/common.py
|
||||||
de8d27ae6241163ff9e97aa9e7c51a18 lib/core/convert.py
|
de8d27ae6241163ff9e97aa9e7c51a18 lib/core/convert.py
|
||||||
abcb1121eb56d3401839d14e8ed06b6e lib/core/data.py
|
abcb1121eb56d3401839d14e8ed06b6e lib/core/data.py
|
||||||
db60c6ebb63b72ed119e304b359fc1a6 lib/core/datatype.py
|
db60c6ebb63b72ed119e304b359fc1a6 lib/core/datatype.py
|
||||||
b7c912e2af7a3354f6d7c04f556a80b2 lib/core/decorators.py
|
b7c912e2af7a3354f6d7c04f556a80b2 lib/core/decorators.py
|
||||||
5f4680b769ae07f22157bd832c97cf8f lib/core/defaults.py
|
5f4680b769ae07f22157bd832c97cf8f lib/core/defaults.py
|
||||||
9dfc69ba47209a4ceca494dde9ee8183 lib/core/dicts.py
|
9dfc69ba47209a4ceca494dde9ee8183 lib/core/dicts.py
|
||||||
070e9439a18d2d9067e3a135b239fa3f lib/core/dump.py
|
d9a9783b417a6c34f177272596904bdc lib/core/dump.py
|
||||||
5c91145204092b995ed1ac641e9e291d lib/core/enums.py
|
5c91145204092b995ed1ac641e9e291d lib/core/enums.py
|
||||||
84ef8f32e4582fcc294dc14e1997131d lib/core/exception.py
|
84ef8f32e4582fcc294dc14e1997131d lib/core/exception.py
|
||||||
fb6be55d21a70765e35549af2484f762 lib/core/__init__.py
|
fb6be55d21a70765e35549af2484f762 lib/core/__init__.py
|
||||||
|
@ -49,18 +49,18 @@ fe370021c6bc99daf44b2bfc0d1effb3 lib/core/patch.py
|
||||||
7d8a22c582ad201f65b73225e4456170 lib/core/replication.py
|
7d8a22c582ad201f65b73225e4456170 lib/core/replication.py
|
||||||
3179d34f371e0295dd4604568fb30bcd lib/core/revision.py
|
3179d34f371e0295dd4604568fb30bcd lib/core/revision.py
|
||||||
d6269c55789f78cf707e09a0f5b45443 lib/core/session.py
|
d6269c55789f78cf707e09a0f5b45443 lib/core/session.py
|
||||||
71bd4886e45f4d0f6d9f556c12a06c7f lib/core/settings.py
|
1d9c5cc98c251357da6eb91902d75c4d lib/core/settings.py
|
||||||
a8a7501d1e6b21669b858a62e921d191 lib/core/shell.py
|
a8a7501d1e6b21669b858a62e921d191 lib/core/shell.py
|
||||||
5dc606fdf0afefd4b305169c21ab2612 lib/core/subprocessng.py
|
5dc606fdf0afefd4b305169c21ab2612 lib/core/subprocessng.py
|
||||||
2d29cdb5e7bc612b2ade8e4ab0b1495e lib/core/target.py
|
072c08d834d01b33e5f39320dcf67a0d lib/core/target.py
|
||||||
a71b23612f2f2c7be8a843858408fdcc lib/core/testing.py
|
7857b24b7865ccb4a05283faa596974d lib/core/testing.py
|
||||||
bf4bdec9b247a999f877a5e5d7daeb70 lib/core/threads.py
|
bf4bdec9b247a999f877a5e5d7daeb70 lib/core/threads.py
|
||||||
2c263c8610667fdc593c50a35ab20f57 lib/core/unescaper.py
|
2c263c8610667fdc593c50a35ab20f57 lib/core/unescaper.py
|
||||||
ff45c74515fecc95277f7b9ad945f17c lib/core/update.py
|
ff45c74515fecc95277f7b9ad945f17c lib/core/update.py
|
||||||
b40f4c20a38729bb4933b8221665f106 lib/core/wordlist.py
|
b40f4c20a38729bb4933b8221665f106 lib/core/wordlist.py
|
||||||
fb6be55d21a70765e35549af2484f762 lib/__init__.py
|
fb6be55d21a70765e35549af2484f762 lib/__init__.py
|
||||||
4881480d0c1778053908904e04570dc3 lib/parse/banner.py
|
4881480d0c1778053908904e04570dc3 lib/parse/banner.py
|
||||||
80c67d8d0add0097fd0284f043eee939 lib/parse/cmdline.py
|
ff78461bf084b700b35c51c758685917 lib/parse/cmdline.py
|
||||||
06ccbccb63255c8f1c35950a4c8a6f6b lib/parse/configfile.py
|
06ccbccb63255c8f1c35950a4c8a6f6b lib/parse/configfile.py
|
||||||
9b33e52f697d6e915c7a10153562ce89 lib/parse/handler.py
|
9b33e52f697d6e915c7a10153562ce89 lib/parse/handler.py
|
||||||
43deb2400e269e602e916efaec7c0903 lib/parse/headers.py
|
43deb2400e269e602e916efaec7c0903 lib/parse/headers.py
|
||||||
|
@ -69,18 +69,18 @@ fb6be55d21a70765e35549af2484f762 lib/parse/__init__.py
|
||||||
adcecd2d6a8667b22872a563eb83eac0 lib/parse/payloads.py
|
adcecd2d6a8667b22872a563eb83eac0 lib/parse/payloads.py
|
||||||
993104046c7d97120613409ef7780c76 lib/parse/sitemap.py
|
993104046c7d97120613409ef7780c76 lib/parse/sitemap.py
|
||||||
e4ea70bcd461f5176867dcd89d372386 lib/request/basicauthhandler.py
|
e4ea70bcd461f5176867dcd89d372386 lib/request/basicauthhandler.py
|
||||||
6076c01e84b589adb97cac421a7d5251 lib/request/basic.py
|
88881f162a82325389c68a635723889b lib/request/basic.py
|
||||||
fc25d951217077fe655ed2a3a81552ae lib/request/comparison.py
|
fc25d951217077fe655ed2a3a81552ae lib/request/comparison.py
|
||||||
2192d65f4a8ba15c081e12590b6e517f lib/request/connect.py
|
2192d65f4a8ba15c081e12590b6e517f lib/request/connect.py
|
||||||
7cba86090b02558f04c6692cef66e772 lib/request/direct.py
|
7cba86090b02558f04c6692cef66e772 lib/request/direct.py
|
||||||
4c7afe3d4be0c2d767b11df36b46bbcc lib/request/dns.py
|
2b7509ba38a667c61cefff036ec4ca6f lib/request/dns.py
|
||||||
ceac6b3bf1f726f8ff43c6814e9d7281 lib/request/httpshandler.py
|
ceac6b3bf1f726f8ff43c6814e9d7281 lib/request/httpshandler.py
|
||||||
fb6be55d21a70765e35549af2484f762 lib/request/__init__.py
|
fb6be55d21a70765e35549af2484f762 lib/request/__init__.py
|
||||||
00720f9eddf42f4fefa083fba40f69ed lib/request/inject.py
|
00720f9eddf42f4fefa083fba40f69ed lib/request/inject.py
|
||||||
52a067bd2fe91ea9395269a684380cbb lib/request/methodrequest.py
|
52a067bd2fe91ea9395269a684380cbb lib/request/methodrequest.py
|
||||||
ac482ec52227daf48f523827dd67078f lib/request/pkihandler.py
|
ac482ec52227daf48f523827dd67078f lib/request/pkihandler.py
|
||||||
16ff6e078819fe517b1fc0ae3cbc1aa8 lib/request/rangehandler.py
|
16ff6e078819fe517b1fc0ae3cbc1aa8 lib/request/rangehandler.py
|
||||||
e79048c2a08c1a47efd5652f59c4417d lib/request/redirecthandler.py
|
db4dc98d03d1865cc6266a79cd5c81b7 lib/request/redirecthandler.py
|
||||||
1e60edebdb3997055616d12f4a932375 lib/request/templates.py
|
1e60edebdb3997055616d12f4a932375 lib/request/templates.py
|
||||||
d0059dbb1e928871747a8893b41ce268 lib/takeover/abstraction.py
|
d0059dbb1e928871747a8893b41ce268 lib/takeover/abstraction.py
|
||||||
ac9efea51eba120b667b4b73536d7f1c lib/takeover/icmpsh.py
|
ac9efea51eba120b667b4b73536d7f1c lib/takeover/icmpsh.py
|
||||||
|
@ -108,15 +108,15 @@ da4bc159e6920f1f7e45c92c39941690 lib/utils/deps.py
|
||||||
f7c64515a3e4fcfe8266ca2be77be565 lib/utils/getch.py
|
f7c64515a3e4fcfe8266ca2be77be565 lib/utils/getch.py
|
||||||
0d497906b06eb82d14da676e9f9c98f5 lib/utils/har.py
|
0d497906b06eb82d14da676e9f9c98f5 lib/utils/har.py
|
||||||
d11f7f208ccf3a7753ccc417b4b01901 lib/utils/hashdb.py
|
d11f7f208ccf3a7753ccc417b4b01901 lib/utils/hashdb.py
|
||||||
3302ee15997023b20babaa7c67e6b0b8 lib/utils/hash.py
|
9d9bd2896858ce0eabbb9a4ef1f5ca0e lib/utils/hash.py
|
||||||
17009289bb5c0dc0cceaa483113101e1 lib/utils/htmlentities.py
|
17009289bb5c0dc0cceaa483113101e1 lib/utils/htmlentities.py
|
||||||
fb6be55d21a70765e35549af2484f762 lib/utils/__init__.py
|
fb6be55d21a70765e35549af2484f762 lib/utils/__init__.py
|
||||||
833b05c72c9fa60b0a25b0a26f8f31fb lib/utils/pivotdumptable.py
|
833b05c72c9fa60b0a25b0a26f8f31fb lib/utils/pivotdumptable.py
|
||||||
5a8902fd6fa94ea73cf44952f9ed5a57 lib/utils/progress.py
|
5a8902fd6fa94ea73cf44952f9ed5a57 lib/utils/progress.py
|
||||||
b79654e49850937ab2dc8e0d73625cab lib/utils/purge.py
|
b79654e49850937ab2dc8e0d73625cab lib/utils/purge.py
|
||||||
081765fc1b3ad8a63f72e9c0e02ff00e lib/utils/search.py
|
081765fc1b3ad8a63f72e9c0e02ff00e lib/utils/search.py
|
||||||
8d6b244ca3d6f99a9d6cd8c1856ccfeb lib/utils/sqlalchemy.py
|
272a538a3d36186113191f4c543bb34b lib/utils/sqlalchemy.py
|
||||||
a90c568a9b88eaea832a77581bd39d85 lib/utils/timeout.py
|
68f90f633d812ca428d2f15f016b2d96 lib/utils/timeout.py
|
||||||
164f830baad3e13b226ee57d44d69dfa lib/utils/versioncheck.py
|
164f830baad3e13b226ee57d44d69dfa lib/utils/versioncheck.py
|
||||||
1e5d24f1c629476bdf43363d2c8d8397 lib/utils/xrange.py
|
1e5d24f1c629476bdf43363d2c8d8397 lib/utils/xrange.py
|
||||||
ab877805fe12bbcbb06b9eccfabdc4ed plugins/dbms/access/connector.py
|
ab877805fe12bbcbb06b9eccfabdc4ed plugins/dbms/access/connector.py
|
||||||
|
@ -133,7 +133,7 @@ e003fe19474305af522d8d6c6680db17 plugins/dbms/db2/fingerprint.py
|
||||||
f2fb5a3763f69cde1b1d520f8bd6a17a plugins/dbms/db2/__init__.py
|
f2fb5a3763f69cde1b1d520f8bd6a17a plugins/dbms/db2/__init__.py
|
||||||
61b06dce1b9a0a2f9962266a9c9495a5 plugins/dbms/db2/syntax.py
|
61b06dce1b9a0a2f9962266a9c9495a5 plugins/dbms/db2/syntax.py
|
||||||
fcbd61e7ac30eb4c8f09ffd341fa27bb plugins/dbms/db2/takeover.py
|
fcbd61e7ac30eb4c8f09ffd341fa27bb plugins/dbms/db2/takeover.py
|
||||||
e2d7c937e875e9d6f5e2c5612120b515 plugins/dbms/firebird/connector.py
|
105b3dc94af3fdc22e90637ca9851da5 plugins/dbms/firebird/connector.py
|
||||||
f43ca05279e8fce4f02e4948d4af8fda plugins/dbms/firebird/enumeration.py
|
f43ca05279e8fce4f02e4948d4af8fda plugins/dbms/firebird/enumeration.py
|
||||||
15a3a49824324c4cca444e6e63f84273 plugins/dbms/firebird/filesystem.py
|
15a3a49824324c4cca444e6e63f84273 plugins/dbms/firebird/filesystem.py
|
||||||
6b505575b98694fd8e6a19870305db18 plugins/dbms/firebird/fingerprint.py
|
6b505575b98694fd8e6a19870305db18 plugins/dbms/firebird/fingerprint.py
|
||||||
|
@ -147,7 +147,7 @@ eb7adf57e6e6cdb058435f4fa017e985 plugins/dbms/h2/fingerprint.py
|
||||||
4d838e712aaee541eb07278a3f4a2d70 plugins/dbms/h2/__init__.py
|
4d838e712aaee541eb07278a3f4a2d70 plugins/dbms/h2/__init__.py
|
||||||
5a1e5c46053ec1be5f536cec644949b5 plugins/dbms/h2/syntax.py
|
5a1e5c46053ec1be5f536cec644949b5 plugins/dbms/h2/syntax.py
|
||||||
5afbe4ae5ab3fe5176b75ac3c5a16fae plugins/dbms/h2/takeover.py
|
5afbe4ae5ab3fe5176b75ac3c5a16fae plugins/dbms/h2/takeover.py
|
||||||
4bdbb0059d22e6a22fe2542f120d4b0b plugins/dbms/hsqldb/connector.py
|
13ed609d378459b40f44f094beb55a5c plugins/dbms/hsqldb/connector.py
|
||||||
cfc9923fe399f1735fb2befd81ff12be plugins/dbms/hsqldb/enumeration.py
|
cfc9923fe399f1735fb2befd81ff12be plugins/dbms/hsqldb/enumeration.py
|
||||||
e4366df5a32c32f33be348e880714999 plugins/dbms/hsqldb/filesystem.py
|
e4366df5a32c32f33be348e880714999 plugins/dbms/hsqldb/filesystem.py
|
||||||
5d5c38e0961c5a4dade43da7149f2a28 plugins/dbms/hsqldb/fingerprint.py
|
5d5c38e0961c5a4dade43da7149f2a28 plugins/dbms/hsqldb/fingerprint.py
|
||||||
|
@ -169,7 +169,7 @@ ea186b97a394b61d82ecf7ed22b0cff6 plugins/dbms/maxdb/enumeration.py
|
||||||
8ad820fdfd2454363279eda7a9a08e6e plugins/dbms/maxdb/__init__.py
|
8ad820fdfd2454363279eda7a9a08e6e plugins/dbms/maxdb/__init__.py
|
||||||
8fe248263926639acf41db3179db13d0 plugins/dbms/maxdb/syntax.py
|
8fe248263926639acf41db3179db13d0 plugins/dbms/maxdb/syntax.py
|
||||||
479ce664674859d0e61c5221f9e835fd plugins/dbms/maxdb/takeover.py
|
479ce664674859d0e61c5221f9e835fd plugins/dbms/maxdb/takeover.py
|
||||||
ac7f2849d59829c3a1e67c76841071fd plugins/dbms/mssqlserver/connector.py
|
1610a08c26895154287959193d8bd56f plugins/dbms/mssqlserver/connector.py
|
||||||
69bfc53a409e79511802f668439bf4be plugins/dbms/mssqlserver/enumeration.py
|
69bfc53a409e79511802f668439bf4be plugins/dbms/mssqlserver/enumeration.py
|
||||||
bb02bdf47c71ed93d28d20b98ea0f8c6 plugins/dbms/mssqlserver/filesystem.py
|
bb02bdf47c71ed93d28d20b98ea0f8c6 plugins/dbms/mssqlserver/filesystem.py
|
||||||
bcabbf98e72bf3c6e971b56d8da60261 plugins/dbms/mssqlserver/fingerprint.py
|
bcabbf98e72bf3c6e971b56d8da60261 plugins/dbms/mssqlserver/fingerprint.py
|
||||||
|
@ -211,7 +211,7 @@ d2391dfe74f053eb5f31b0efad3fdda0 plugins/dbms/sqlite/connector.py
|
||||||
2fae8e5d100fc9fb70769e483c29e8fb plugins/dbms/sybase/__init__.py
|
2fae8e5d100fc9fb70769e483c29e8fb plugins/dbms/sybase/__init__.py
|
||||||
ec3f406591fc9472f5750bd40993e72e plugins/dbms/sybase/syntax.py
|
ec3f406591fc9472f5750bd40993e72e plugins/dbms/sybase/syntax.py
|
||||||
369476221b3059106410de05766227e0 plugins/dbms/sybase/takeover.py
|
369476221b3059106410de05766227e0 plugins/dbms/sybase/takeover.py
|
||||||
147f6af265f6b5412bbd7aaebef95881 plugins/generic/connector.py
|
312020bc31ffb0bc6077f62e6fff6e73 plugins/generic/connector.py
|
||||||
54ac71c46c67c81196e2e6707e0989cf plugins/generic/custom.py
|
54ac71c46c67c81196e2e6707e0989cf plugins/generic/custom.py
|
||||||
a3fd48c7094fca6692be8b1ae5e29cea plugins/generic/databases.py
|
a3fd48c7094fca6692be8b1ae5e29cea plugins/generic/databases.py
|
||||||
9c2c830b3cf66953ecffa6cf88fc7c14 plugins/generic/entries.py
|
9c2c830b3cf66953ecffa6cf88fc7c14 plugins/generic/entries.py
|
||||||
|
@ -402,7 +402,7 @@ b6bc83ae9ea69cf96e9389bde8250c7c waf/airlock.py
|
||||||
34b8ec9f438d7daa56aa016e6c09fadb waf/anquanbao.py
|
34b8ec9f438d7daa56aa016e6c09fadb waf/anquanbao.py
|
||||||
7ab1a7cd51a02899592f4f755d36a02e waf/approach.py
|
7ab1a7cd51a02899592f4f755d36a02e waf/approach.py
|
||||||
425f2599f57ab81b4fff67e6b442cccc waf/armor.py
|
425f2599f57ab81b4fff67e6b442cccc waf/armor.py
|
||||||
2d03af372a8e660e67437438264a144d waf/asm.py
|
46a1d30bb52048c2092593acfa71bd52 waf/asm.py
|
||||||
9dbec5d674ed4c762ffc9bc3ab402739 waf/aws.py
|
9dbec5d674ed4c762ffc9bc3ab402739 waf/aws.py
|
||||||
e57a22864477ad23ae6a3d308f9b5410 waf/barracuda.py
|
e57a22864477ad23ae6a3d308f9b5410 waf/barracuda.py
|
||||||
1712d76bd4adb705f3317ff5908acdcd waf/bitninja.py
|
1712d76bd4adb705f3317ff5908acdcd waf/bitninja.py
|
||||||
|
@ -450,7 +450,7 @@ d2d9718de217dd07d9e66b2e6ad61380 waf/safe3.py
|
||||||
213062db202a6eb0939a6674f96be551 waf/safedog.py
|
213062db202a6eb0939a6674f96be551 waf/safedog.py
|
||||||
34440ee94fcff88b4158e86635176547 waf/secureentry.py
|
34440ee94fcff88b4158e86635176547 waf/secureentry.py
|
||||||
ac0728ddb7a15b46b0eabd78cd661f8c waf/secureiis.py
|
ac0728ddb7a15b46b0eabd78cd661f8c waf/secureiis.py
|
||||||
c6cbe2de808d7a6b614a9ba3c85b4141 waf/securesphere.py
|
d425f890541a81cc11b0905842194274 waf/securesphere.py
|
||||||
ba37e1c37fa0e3688873f74183a9cb9c waf/senginx.py
|
ba37e1c37fa0e3688873f74183a9cb9c waf/senginx.py
|
||||||
2602a8baed4da643e606a379e4dc75db waf/shieldsecurity.py
|
2602a8baed4da643e606a379e4dc75db waf/shieldsecurity.py
|
||||||
fc21ce1e6e597e44818c03d9cb859e83 waf/siteground.py
|
fc21ce1e6e597e44818c03d9cb859e83 waf/siteground.py
|
||||||
|
|
|
@ -5,8 +5,6 @@ Copyright (c) 2006-2019 sqlmap developers (http://sqlmap.org/)
|
||||||
See the file 'LICENSE' for copying permission
|
See the file 'LICENSE' for copying permission
|
||||||
"""
|
"""
|
||||||
|
|
||||||
import re
|
|
||||||
|
|
||||||
from lib.core.settings import WAF_ATTACK_VECTORS
|
from lib.core.settings import WAF_ATTACK_VECTORS
|
||||||
|
|
||||||
__product__ = "Application Security Manager (F5 Networks)"
|
__product__ = "Application Security Manager (F5 Networks)"
|
||||||
|
|
|
@ -7,7 +7,6 @@ See the file 'LICENSE' for copying permission
|
||||||
|
|
||||||
import re
|
import re
|
||||||
|
|
||||||
from lib.core.enums import HTTP_HEADER
|
|
||||||
from lib.core.settings import WAF_ATTACK_VECTORS
|
from lib.core.settings import WAF_ATTACK_VECTORS
|
||||||
|
|
||||||
__product__ = "SecureSphere Web Application Firewall (Imperva)"
|
__product__ = "SecureSphere Web Application Firewall (Imperva)"
|
||||||
|
|
Loading…
Reference in New Issue
Block a user