From e948e4d45bd4bfdd195c90c37f2164e3f475a1dd Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Fri, 6 Jul 2012 17:18:22 +0200 Subject: [PATCH] Some more refactoring --- extra/keepalive/keepalive.py | 2 +- lib/controller/checks.py | 4 ++-- lib/core/common.py | 17 +++++------------ lib/core/option.py | 2 +- lib/request/connect.py | 2 +- lib/takeover/web.py | 3 ++- lib/techniques/blind/inference.py | 2 +- plugins/dbms/maxdb/fingerprint.py | 2 +- plugins/dbms/mssqlserver/fingerprint.py | 4 ++-- 9 files changed, 16 insertions(+), 22 deletions(-) diff --git a/extra/keepalive/keepalive.py b/extra/keepalive/keepalive.py index 867f7f0c1..6d35597e0 100644 --- a/extra/keepalive/keepalive.py +++ b/extra/keepalive/keepalive.py @@ -324,7 +324,7 @@ class HTTPConnection(httplib.HTTPConnection): else: raise CannotSendHeader() - for header in ['Host', 'Accept-Encoding']: + for header in ('Host', 'Accept-Encoding'): if header in self._headers: str = '%s: %s' % (header, self._headers[header]) self._output(str) diff --git a/lib/controller/checks.py b/lib/controller/checks.py index 59d03ce0e..90d215fd5 100644 --- a/lib/controller/checks.py +++ b/lib/controller/checks.py @@ -138,8 +138,8 @@ def checkSqlInjection(place, parameter, value): # Skip tests if title is not included by the given filter if conf.tstF: - if not any(re.search(conf.tstF, str(item), re.I) for item in [test.title, test.vector,\ - test.details.dbms if "details" in test and "dbms" in test.details else ""]): + if not any(re.search(conf.tstF, str(item), re.I) for item in (test.title, test.vector,\ + test.details.dbms if "details" in test and "dbms" in test.details else "")): debugMsg = "skipping test '%s' because " % title debugMsg += "its name/vector/dbms is not included by the given filter" logger.debug(debugMsg) diff --git a/lib/core/common.py b/lib/core/common.py index cd71a676b..7d10017df 100644 --- a/lib/core/common.py +++ b/lib/core/common.py @@ -2273,12 +2273,7 @@ def getTechniqueData(technique=None): Returns injection data for technique specified """ - retVal = None - - if technique and technique in kb.injection.data: - retVal = kb.injection.data[technique] - - return retVal + return kb.injection.data.get(technique) def isTechniqueAvailable(technique): """ @@ -2645,10 +2640,7 @@ def normalizeUnicode(value): Reference: http://www.peterbe.com/plog/unicode-to-ascii """ - retVal = value - if isinstance(value, unicode): - retVal = unicodedata.normalize('NFKD', value).encode('ascii', 'ignore') - return retVal + return unicodedata.normalize('NFKD', value).encode('ascii', 'ignore') if isinstance(value, unicode) else value def safeSQLIdentificatorNaming(name, isTable=False): """ @@ -2911,6 +2903,7 @@ def asciifyUrl(url, forceQuote=False): if password: netloc = ':' + password + netloc netloc = username + netloc + if parts.port: netloc += ':' + str(parts.port) @@ -2942,7 +2935,7 @@ def findPageForms(content, url, raise_=False, addToTargets=False): try: forms = ParseResponse(response, backwards_compat=False) except ParseError: - warnMsg = "badly formed HTML at the given url ('%s'). Will try to filter it" % url + warnMsg = "badly formed HTML at the given url ('%s'). Going to filter it" % url logger.warning(warnMsg) response.seek(0) filtered = _("".join(re.findall(r"", response.read(), re.I | re.S)), response.geturl()) @@ -3001,7 +2994,7 @@ def getHostHeader(url): if re.search("http(s)?://\[.+\]", url, re.I): retVal = extractRegexResult("http(s)?://\[(?P.+)\]", url) - elif any(retVal.endswith(':%d' % _) for _ in [80, 443]): + elif any(retVal.endswith(':%d' % _) for _ in (80, 443)): retVal = retVal.split(':')[0] return retVal diff --git a/lib/core/option.py b/lib/core/option.py index c3b2be518..db03a49d1 100644 --- a/lib/core/option.py +++ b/lib/core/option.py @@ -611,7 +611,7 @@ def __setMetasploit(): if conf.msfPath: condition = False - for path in [conf.msfPath, os.path.join(conf.msfPath, 'bin')]: + for path in (conf.msfPath, os.path.join(conf.msfPath, 'bin')): condition = os.path.exists(normalizePath(path)) condition &= os.path.exists(normalizePath(os.path.join(path, "msfcli"))) condition &= os.path.exists(normalizePath(os.path.join(path, "msfconsole"))) diff --git a/lib/request/connect.py b/lib/request/connect.py index c91427168..1922e4384 100644 --- a/lib/request/connect.py +++ b/lib/request/connect.py @@ -617,7 +617,7 @@ class Connect: return retVal for randomParameter in conf.rParam: - for item in [PLACE.GET, PLACE.POST, PLACE.COOKIE]: + for item in (PLACE.GET, PLACE.POST, PLACE.COOKIE): if item in conf.parameters: if item == PLACE.GET and get: get = _randomizeParameter(get, randomParameter) diff --git a/lib/takeover/web.py b/lib/takeover/web.py index ee22db5ad..a23ece33e 100644 --- a/lib/takeover/web.py +++ b/lib/takeover/web.py @@ -117,6 +117,7 @@ class Web: query = agent.suffixQuery(query) payload = agent.payload(newValue=query) page = Request.queryPage(payload) + return page def webInit(self): @@ -196,7 +197,7 @@ class Web: directory = directories[j] uriPath = "" - if not all(isinstance(item, basestring) for item in [docRoot, directory]): + if not all(isinstance(item, basestring) for item in (docRoot, directory)): continue directory = ntToPosixSlashes(normalizePath(directory)).replace("//", "/").rstrip('/') diff --git a/lib/techniques/blind/inference.py b/lib/techniques/blind/inference.py index 1984c890f..ec23f9b5d 100644 --- a/lib/techniques/blind/inference.py +++ b/lib/techniques/blind/inference.py @@ -57,9 +57,9 @@ def bisection(payload, expression, length=None, charsetType=None, firstChar=None on an affected host """ + abortedFlag = False partialValue = u"" finalValue = None - abortedFlag = False asciiTbl = getCharset(charsetType) timeBasedCompare = (kb.technique in (PAYLOAD.TECHNIQUE.TIME, PAYLOAD.TECHNIQUE.STACKED)) retVal = hashDBRetrieve(expression, checkConf=True) diff --git a/plugins/dbms/maxdb/fingerprint.py b/plugins/dbms/maxdb/fingerprint.py index c6c65b523..fa60b1e20 100644 --- a/plugins/dbms/maxdb/fingerprint.py +++ b/plugins/dbms/maxdb/fingerprint.py @@ -39,7 +39,7 @@ class Fingerprint(GenericFingerprint): minor, major = None, None - for version in [6, 7]: + for version in (6, 7): result = inject.checkBooleanExpression("%d=(SELECT MAJORVERSION FROM SYSINFO.VERSION)" % version) if result: diff --git a/plugins/dbms/mssqlserver/fingerprint.py b/plugins/dbms/mssqlserver/fingerprint.py index 79011512d..203e5a86a 100644 --- a/plugins/dbms/mssqlserver/fingerprint.py +++ b/plugins/dbms/mssqlserver/fingerprint.py @@ -92,9 +92,9 @@ class Fingerprint(GenericFingerprint): infoMsg = "confirming %s" % DBMS.MSSQL logger.info(infoMsg) - for version, check in [ ("2000", "HOST_NAME()=HOST_NAME()"), \ + for version, check in ( ("2000", "HOST_NAME()=HOST_NAME()"), \ ("2005", "XACT_STATE()=XACT_STATE()"), \ - ("2008", "SYSDATETIME()=SYSDATETIME()") ]: + ("2008", "SYSDATETIME()=SYSDATETIME()") ): result = inject.checkBooleanExpression(check) if result: