sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-11-22 09:36:35 +03:00
Code Issues Packages Projects Releases Wiki Activity

Some more refactoring

Browse Source
This commit is contained in:
Miroslav Stampar 2012-07-06 17:18:22 +02:00
parent 1a8ebbfd43
commit e948e4d45b
9 changed files with 16 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
extra/keepalive/keepalive.py
View File

@ -324,7 +324,7 @@ class HTTPConnection(httplib.HTTPConnection):
else: else:
raise CannotSendHeader() raise CannotSendHeader()
for header in ['Host', 'Accept-Encoding']: for header in ('Host', 'Accept-Encoding'):
if header in self._headers: if header in self._headers:
str = '%s: %s' % (header, self._headers[header]) str = '%s: %s' % (header, self._headers[header])
self._output(str) self._output(str)

4
lib/controller/checks.py
View File

@ -138,8 +138,8 @@ def checkSqlInjection(place, parameter, value):
# Skip tests if title is not included by the given filter # Skip tests if title is not included by the given filter
if conf.tstF: if conf.tstF:
if not any(re.search(conf.tstF, str(item), re.I) for item in [test.title, test.vector,\ if not any(re.search(conf.tstF, str(item), re.I) for item in (test.title, test.vector,\
test.details.dbms if "details" in test and "dbms" in test.details else ""]): test.details.dbms if "details" in test and "dbms" in test.details else "")):
debugMsg = "skipping test '%s' because " % title debugMsg = "skipping test '%s' because " % title
debugMsg += "its name/vector/dbms is not included by the given filter" debugMsg += "its name/vector/dbms is not included by the given filter"
logger.debug(debugMsg) logger.debug(debugMsg)

17
lib/core/common.py
View File

@ -2273,12 +2273,7 @@ def getTechniqueData(technique=None):
Returns injection data for technique specified Returns injection data for technique specified
""" """
retVal = None return kb.injection.data.get(technique)
if technique and technique in kb.injection.data:
retVal = kb.injection.data[technique]
return retVal
def isTechniqueAvailable(technique): def isTechniqueAvailable(technique):
""" """
@ -2645,10 +2640,7 @@ def normalizeUnicode(value):
Reference: http://www.peterbe.com/plog/unicode-to-ascii Reference: http://www.peterbe.com/plog/unicode-to-ascii
""" """
retVal = value return unicodedata.normalize('NFKD', value).encode('ascii', 'ignore') if isinstance(value, unicode) else value
if isinstance(value, unicode):
retVal = unicodedata.normalize('NFKD', value).encode('ascii', 'ignore')
return retVal
def safeSQLIdentificatorNaming(name, isTable=False): def safeSQLIdentificatorNaming(name, isTable=False):
""" """
@ -2911,6 +2903,7 @@ def asciifyUrl(url, forceQuote=False):
if password: if password:
netloc = ':' + password + netloc netloc = ':' + password + netloc
netloc = username + netloc netloc = username + netloc
if parts.port: if parts.port:
netloc += ':' + str(parts.port) netloc += ':' + str(parts.port)
@ -2942,7 +2935,7 @@ def findPageForms(content, url, raise_=False, addToTargets=False):
try: try:
forms = ParseResponse(response, backwards_compat=False) forms = ParseResponse(response, backwards_compat=False)
except ParseError: except ParseError:
warnMsg = "badly formed HTML at the given url ('%s'). Will try to filter it" % url warnMsg = "badly formed HTML at the given url ('%s'). Going to filter it" % url
logger.warning(warnMsg) logger.warning(warnMsg)
response.seek(0) response.seek(0)
filtered = _("".join(re.findall(r"<form(?!.+<form).+?</form>", response.read(), re.I | re.S)), response.geturl()) filtered = _("".join(re.findall(r"<form(?!.+<form).+?</form>", response.read(), re.I | re.S)), response.geturl())
@ -3001,7 +2994,7 @@ def getHostHeader(url):
if re.search("http(s)?://\[.+\]", url, re.I): if re.search("http(s)?://\[.+\]", url, re.I):
retVal = extractRegexResult("http(s)?://\[(?P<result>.+)\]", url) retVal = extractRegexResult("http(s)?://\[(?P<result>.+)\]", url)
elif any(retVal.endswith(':%d' % _) for _ in [80, 443]): elif any(retVal.endswith(':%d' % _) for _ in (80, 443)):
retVal = retVal.split(':')[0] retVal = retVal.split(':')[0]
return retVal return retVal

2
lib/core/option.py
View File

@ -611,7 +611,7 @@ def __setMetasploit():
if conf.msfPath: if conf.msfPath:
condition = False condition = False
for path in [conf.msfPath, os.path.join(conf.msfPath, 'bin')]: for path in (conf.msfPath, os.path.join(conf.msfPath, 'bin')):
condition = os.path.exists(normalizePath(path)) condition = os.path.exists(normalizePath(path))
condition &= os.path.exists(normalizePath(os.path.join(path, "msfcli"))) condition &= os.path.exists(normalizePath(os.path.join(path, "msfcli")))
condition &= os.path.exists(normalizePath(os.path.join(path, "msfconsole"))) condition &= os.path.exists(normalizePath(os.path.join(path, "msfconsole")))

2
lib/request/connect.py
View File

@ -617,7 +617,7 @@ class Connect:
return retVal return retVal
for randomParameter in conf.rParam: for randomParameter in conf.rParam:
for item in [PLACE.GET, PLACE.POST, PLACE.COOKIE]: for item in (PLACE.GET, PLACE.POST, PLACE.COOKIE):
if item in conf.parameters: if item in conf.parameters:
if item == PLACE.GET and get: if item == PLACE.GET and get:
get = _randomizeParameter(get, randomParameter) get = _randomizeParameter(get, randomParameter)

3
lib/takeover/web.py
View File

@ -117,6 +117,7 @@ class Web:
query = agent.suffixQuery(query) query = agent.suffixQuery(query)
payload = agent.payload(newValue=query) payload = agent.payload(newValue=query)
page = Request.queryPage(payload) page = Request.queryPage(payload)
return page return page
def webInit(self): def webInit(self):
@ -196,7 +197,7 @@ class Web:
directory = directories[j] directory = directories[j]
uriPath = "" uriPath = ""
if not all(isinstance(item, basestring) for item in [docRoot, directory]): if not all(isinstance(item, basestring) for item in (docRoot, directory)):
continue continue
directory = ntToPosixSlashes(normalizePath(directory)).replace("//", "/").rstrip('/') directory = ntToPosixSlashes(normalizePath(directory)).replace("//", "/").rstrip('/')

2
lib/techniques/blind/inference.py
View File

@ -57,9 +57,9 @@ def bisection(payload, expression, length=None, charsetType=None, firstChar=None
on an affected host on an affected host
""" """
abortedFlag = False
partialValue = u"" partialValue = u""
finalValue = None finalValue = None
abortedFlag = False
asciiTbl = getCharset(charsetType) asciiTbl = getCharset(charsetType)
timeBasedCompare = (kb.technique in (PAYLOAD.TECHNIQUE.TIME, PAYLOAD.TECHNIQUE.STACKED)) timeBasedCompare = (kb.technique in (PAYLOAD.TECHNIQUE.TIME, PAYLOAD.TECHNIQUE.STACKED))
retVal = hashDBRetrieve(expression, checkConf=True) retVal = hashDBRetrieve(expression, checkConf=True)

2
plugins/dbms/maxdb/fingerprint.py
View File

@ -39,7 +39,7 @@ class Fingerprint(GenericFingerprint):
minor, major = None, None minor, major = None, None
for version in [6, 7]: for version in (6, 7):
result = inject.checkBooleanExpression("%d=(SELECT MAJORVERSION FROM SYSINFO.VERSION)" % version) result = inject.checkBooleanExpression("%d=(SELECT MAJORVERSION FROM SYSINFO.VERSION)" % version)
if result: if result:

4
plugins/dbms/mssqlserver/fingerprint.py
View File

@ -92,9 +92,9 @@ class Fingerprint(GenericFingerprint):
infoMsg = "confirming %s" % DBMS.MSSQL infoMsg = "confirming %s" % DBMS.MSSQL
logger.info(infoMsg) logger.info(infoMsg)
for version, check in [ ("2000", "HOST_NAME()=HOST_NAME()"), \ for version, check in ( ("2000", "HOST_NAME()=HOST_NAME()"), \
("2005", "XACT_STATE()=XACT_STATE()"), \ ("2005", "XACT_STATE()=XACT_STATE()"), \
("2008", "SYSDATETIME()=SYSDATETIME()") ]: ("2008", "SYSDATETIME()=SYSDATETIME()") ):
result = inject.checkBooleanExpression(check) result = inject.checkBooleanExpression(check)
if result: if result: