mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2024-11-29 04:53:48 +03:00
Implementation for an Issue #200
This commit is contained in:
parent
cd9a47835b
commit
e61c4c22c9
|
@ -58,6 +58,7 @@ from lib.core.convert import utf8encode
|
|||
from lib.core.decorators import cachedmethod
|
||||
from lib.core.dicts import DBMS_DICT
|
||||
from lib.core.dicts import SQL_STATEMENTS
|
||||
from lib.core.enums import ADJUST_TIME_DELAY
|
||||
from lib.core.enums import CHARSET_TYPE
|
||||
from lib.core.enums import DBMS
|
||||
from lib.core.enums import EXPECTED
|
||||
|
@ -1906,8 +1907,14 @@ def wasLastRequestDelayed():
|
|||
lowerStdLimit = average(kb.responseTimes) + TIME_STDEV_COEFF * deviation
|
||||
retVal = (threadData.lastQueryDuration >= lowerStdLimit)
|
||||
|
||||
if not kb.testMode and retVal and kb.adjustTimeDelay:
|
||||
adjustTimeDelay(threadData.lastQueryDuration, lowerStdLimit)
|
||||
if not kb.testMode and retVal:
|
||||
if kb.adjustTimeDelay is None:
|
||||
msg = "do you want sqlmap to try to optimize value(s) "
|
||||
msg += "for DBMS delay responses (option '--time-sec')? [Y/n] "
|
||||
choice = readInput(msg, default='Y')
|
||||
kb.adjustTimeDelay = ADJUST_TIME_DELAY.DISABLE if choice.upper() == 'N' else ADJUST_TIME_DELAY.YES
|
||||
if kb.adjustTimeDelay is ADJUST_TIME_DELAY.YES:
|
||||
adjustTimeDelay(threadData.lastQueryDuration, lowerStdLimit)
|
||||
|
||||
return retVal
|
||||
else:
|
||||
|
|
|
@ -223,3 +223,8 @@ class WIZARD:
|
|||
BASIC = ("getBanner", "getCurrentUser", "getCurrentDb", "isDba")
|
||||
SMART = ("getBanner", "getCurrentUser", "getCurrentDb", "isDba", "getUsers", "getDbs", "getTables", "getSchema", "excludeSysDbs")
|
||||
ALL = ("getBanner", "getCurrentUser", "getCurrentDb", "isDba", "getHostname", "getUsers", "getPasswordHashes", "getPrivileges", "getRoles", "dumpAll")
|
||||
|
||||
class ADJUST_TIME_DELAY:
|
||||
DISABLE = -1
|
||||
NO = 0
|
||||
YES = 1
|
||||
|
|
|
@ -59,6 +59,7 @@ from lib.core.datatype import AttribDict
|
|||
from lib.core.datatype import InjectionDict
|
||||
from lib.core.defaults import defaults
|
||||
from lib.core.dicts import DBMS_DICT
|
||||
from lib.core.enums import ADJUST_TIME_DELAY
|
||||
from lib.core.enums import CUSTOM_LOGGING
|
||||
from lib.core.enums import HTTPHEADER
|
||||
from lib.core.enums import HTTPMETHOD
|
||||
|
@ -1356,16 +1357,14 @@ def __cleanupOptions():
|
|||
if conf.timeSec not in kb.explicitSettings:
|
||||
if conf.tor:
|
||||
conf.timeSec = 2 * conf.timeSec
|
||||
kb.adjustTimeDelay = False
|
||||
kb.adjustTimeDelay = ADJUST_TIME_DELAY.DISABLE
|
||||
|
||||
warnMsg = "increasing default value for "
|
||||
warnMsg += "option '--time-sec' to %d because " % conf.timeSec
|
||||
warnMsg += "switch '--tor' was provided"
|
||||
logger.warn(warnMsg)
|
||||
else:
|
||||
kb.adjustTimeDelay = True
|
||||
else:
|
||||
kb.adjustTimeDelay = False
|
||||
kb.adjustTimeDelay = ADJUST_TIME_DELAY.DISABLE
|
||||
|
||||
if conf.code:
|
||||
conf.code = int(conf.code)
|
||||
|
@ -1446,7 +1445,7 @@ def __setKnowledgeBaseAttributes(flushAll=True):
|
|||
logger.debug(debugMsg)
|
||||
|
||||
kb.absFilePaths = set()
|
||||
kb.adjustTimeDelay = False
|
||||
kb.adjustTimeDelay = None
|
||||
kb.alwaysRefresh = None
|
||||
kb.arch = None
|
||||
kb.authHeader = None
|
||||
|
|
|
@ -40,6 +40,7 @@ from lib.core.data import conf
|
|||
from lib.core.data import kb
|
||||
from lib.core.data import logger
|
||||
from lib.core.dicts import POST_HINT_CONTENT_TYPES
|
||||
from lib.core.enums import ADJUST_TIME_DELAY
|
||||
from lib.core.enums import CUSTOM_LOGGING
|
||||
from lib.core.enums import HTTPHEADER
|
||||
from lib.core.enums import HTTPMETHOD
|
||||
|
@ -704,7 +705,7 @@ class Connect:
|
|||
deviation = stdev(kb.responseTimes)
|
||||
|
||||
if deviation > WARN_TIME_STDEV:
|
||||
kb.adjustTimeDelay = False
|
||||
kb.adjustTimeDelay = ADJUST_TIME_DELAY.DISABLE
|
||||
|
||||
warnMsg = "there is considerable lagging "
|
||||
warnMsg += "in connection response(s). Please use as high "
|
||||
|
|
|
@ -31,6 +31,7 @@ from lib.core.data import conf
|
|||
from lib.core.data import kb
|
||||
from lib.core.data import logger
|
||||
from lib.core.data import queries
|
||||
from lib.core.enums import ADJUST_TIME_DELAY
|
||||
from lib.core.enums import CHARSET_TYPE
|
||||
from lib.core.enums import DBMS
|
||||
from lib.core.enums import PAYLOAD
|
||||
|
@ -289,10 +290,10 @@ def bisection(payload, expression, length=None, charsetType=None, firstChar=None
|
|||
warnMsg = "increasing time delay to %d second%s " % (conf.timeSec, 's' if conf.timeSec > 1 else '')
|
||||
logger.warn(warnMsg)
|
||||
|
||||
if kb.adjustTimeDelay:
|
||||
if kb.adjustTimeDelay is ADJUST_TIME_DELAY.YES:
|
||||
dbgMsg = "turning off time auto-adjustment mechanism"
|
||||
logger.debug(dbgMsg)
|
||||
kb.adjustTimeDelay = False
|
||||
kb.adjustTimeDelay = ADJUST_TIME_DELAY.NO
|
||||
|
||||
return getChar(idx, originalTbl, continuousOrder, expand, shiftTable)
|
||||
else:
|
||||
|
@ -303,10 +304,10 @@ def bisection(payload, expression, length=None, charsetType=None, firstChar=None
|
|||
else:
|
||||
if timeBasedCompare:
|
||||
kb.timeValidCharsRun += 1
|
||||
if not kb.adjustTimeDelay and kb.timeValidCharsRun > VALID_TIME_CHARS_RUN_THRESHOLD:
|
||||
if kb.adjustTimeDelay is ADJUST_TIME_DELAY.NO and kb.timeValidCharsRun > VALID_TIME_CHARS_RUN_THRESHOLD:
|
||||
dbgMsg = "turning back on time auto-adjustment mechanism"
|
||||
logger.debug(dbgMsg)
|
||||
kb.adjustTimeDelay = True
|
||||
kb.adjustTimeDelay = ADJUST_TIME_DELAY.YES
|
||||
|
||||
return decodeIntToUnicode(retVal)
|
||||
else:
|
||||
|
|
Loading…
Reference in New Issue
Block a user