update

2025-01-24 00:04:23 +03:00 · 2010-09-26 14:56:55 +00:00 · 2010-09-26 14:56:55 +00:00 · dc11ae0d65
commit dc11ae0d65
parent 35f35605df
5 changed files with 71 additions and 10 deletions
--- a/lib/controller/controller.py
+++ b/lib/controller/controller.py
@ -92,7 +92,7 @@ def start():
    """

    if not conf.start:
-        return
+        return False

    if conf.optimize:
        conf.useCommonPrediction = conf.useNullConnection = conf.keepAlive = True
@ -101,8 +101,7 @@ def start():
        initTargetEnv()
        setupTargetEnv()
        action()
-
-        return
+        return True

    if conf.url:
        kb.targetUrls.add(( conf.url, conf.method, conf.data, conf.cookie ))
@ -111,6 +110,7 @@ def start():
        errMsg  = "you did not edit the configuration file properly, set "
        errMsg += "the target url, list of targets or google dork"
        logger.error(errMsg)
+        return False

    if kb.targetUrls and len(kb.targetUrls) > 1:
        infoMsg = "sqlmap got a total of %d targets" % len(kb.targetUrls)
@ -287,7 +287,9 @@ def start():
                logger.error(e)
            else:
                logger.error(e)
-                return
+                return False

    if conf.loggedToOut:
        logger.info("Fetched data logged to text files under '%s'" % conf.outputPath)
+    
+    return True
--- a/lib/core/dump.py
+++ b/lib/core/dump.py
@ -66,6 +66,9 @@ class Dump:
        self.__outputFile = "%s%slog" % (conf.outputPath, os.sep)
        self.__outputFP = codecs.open(self.__outputFile, "ab", conf.dataEncoding)

+    def getOutputFile(self):
+        return self.__outputFile
+
    def string(self, header, data, sort=True):
        if isinstance(data, (list, tuple, set)):
            self.lister(header, data, sort)
--- a/lib/core/testing.py
+++ b/lib/core/testing.py
@ -39,6 +39,7 @@ from lib.core.data import conf
 from lib.core.data import logger
 from lib.core.data import paths
 from lib.core.option import init
+from lib.core.option import __setVerbosity
 from lib.parse.cmdline import cmdLineParser

 def smokeTest():
@ -80,9 +81,9 @@ def smokeTest():

    dataToStdout("\r%s\r" % (" "*(getConsoleWidth()-1)))
    if retVal:
-        logger.info("smoke test result: passed")
+        logger.info("smoke test final result: passed")
    else:
-        logger.info("smoke test result: failed")
+        logger.info("smoke test final result: failed")
    
    return retVal

@ -90,6 +91,8 @@ def liveTest():
    """
    This will run the test of a program against the live testing environment
    """
+    retVal = True
+    count = 0
    vars = {}
    xfile = codecs.open(paths.LIVE_TESTS_XML, 'r', conf.dataEncoding)
    livetests = minidom.parse(xfile).documentElement
@ -106,6 +109,7 @@ def liveTest():
        log = []
        session = []
        switches = {}
+        count += 1

        if case.getElementsByTagName("switches"):
            for child in case.getElementsByTagName("switches")[0].childNodes:
@ -122,7 +126,18 @@ def liveTest():
                if item.hasAttribute("value"):
                    session.append(replaceVars(item.getAttribute("value"), vars))

-        runCase(switches, log, session)
+        result = runCase(switches, log, session)
+        if not result:
+            errMsg = "live test failed at case #%d" % count
+            logger.error(errMsg)
+        retVal &= result 
+
+    if retVal:
+        logger.info("live test final result: passed")
+    else:
+        logger.info("live test final result: failed")        
+    
+    return retVal

 def initCase():
    paths.SQLMAP_OUTPUT_PATH = tempfile.mkdtemp()
@ -130,15 +145,50 @@ def initCase():
    paths.SQLMAP_FILES_PATH  = os.path.join(paths.SQLMAP_OUTPUT_PATH, "%s", "files")
    cmdLineOptions = cmdLineParser()
    cmdLineOptions.liveTest = cmdLineOptions.smokeTest = False
+    cmdLineOptions.verbose = 0
    init(cmdLineOptions)
-    conf.suppressOutput = True
-    logger.setLevel(logging.CRITICAL)
+    __setVerbosity()
+
+def cleanCase():
+    #remove dir: paths.SQLMAP_OUTPUT_PATH
+    paths.SQLMAP_OUTPUT_PATH = os.path.join(paths.SQLMAP_ROOT_PATH, "output")
+    paths.SQLMAP_DUMP_PATH   = os.path.join(paths.SQLMAP_OUTPUT_PATH, "%s", "dump")
+    paths.SQLMAP_FILES_PATH  = os.path.join(paths.SQLMAP_OUTPUT_PATH, "%s", "files")
+    conf.verbose = 1
+    __setVerbosity()

 def runCase(switches, log=None, session=None):
+    retVal = True
    initCase()
    for key, value in switches.items():
        conf[key] = value
-    start()
+
+    result = start()
+    if result == False: #if None ignore
+        retVal = False
+
+    if session and retVal:
+        file = open(conf.sessionFile, 'r')
+        content = file.read()
+        file.close()
+        for item in session:
+            #if not re.search(item, content):
+            if content.find(item) < 0:
+                retVal = False
+                break
+
+    if log and retVal:
+        file = open(conf.dumper.getOutputFile(), 'r')
+        content = file.read()
+        file.close()
+        for item in log:
+            #if not re.search(item, content):
+            if content.find(item) < 0:            
+                retVal = False
+                break
+
+    cleanCase()
+    return retVal

 def replaceVars(item, vars):
    retVal = item
--- a/lib/core/xmldump.py
+++ b/lib/core/xmldump.py
@ -502,6 +502,9 @@ class XMLDump:
            except IOError, e:
                raise sqlmapFilePathException("Wrong filename provided for saving the xml file: %s" % conf.xmlFile)

+    def getOutputFile(self):
+        return self.__outputFile                
+
    def finish(self, resultStatus, resultMsg=""):
        '''
        Finishes the dumper operation:
--- a/xml/livetests.xml
+++ b/xml/livetests.xml
@ -10,6 +10,9 @@
            <url value="http://${host}/sqlmap/mysql/get_int.php?id=1"/>
            <getBanner value="True"/>
        </switches>
+        <log>
+            <item value="5.1.41-3~bpo50+1"/>
+        </log>
    </case>
    <!-- Oracle
    <case>