mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2024-11-25 11:03:47 +03:00
Some more refactoring
This commit is contained in:
parent
1a8ebbfd43
commit
e948e4d45b
|
@ -324,7 +324,7 @@ class HTTPConnection(httplib.HTTPConnection):
|
|||
else:
|
||||
raise CannotSendHeader()
|
||||
|
||||
for header in ['Host', 'Accept-Encoding']:
|
||||
for header in ('Host', 'Accept-Encoding'):
|
||||
if header in self._headers:
|
||||
str = '%s: %s' % (header, self._headers[header])
|
||||
self._output(str)
|
||||
|
|
|
@ -138,8 +138,8 @@ def checkSqlInjection(place, parameter, value):
|
|||
|
||||
# Skip tests if title is not included by the given filter
|
||||
if conf.tstF:
|
||||
if not any(re.search(conf.tstF, str(item), re.I) for item in [test.title, test.vector,\
|
||||
test.details.dbms if "details" in test and "dbms" in test.details else ""]):
|
||||
if not any(re.search(conf.tstF, str(item), re.I) for item in (test.title, test.vector,\
|
||||
test.details.dbms if "details" in test and "dbms" in test.details else "")):
|
||||
debugMsg = "skipping test '%s' because " % title
|
||||
debugMsg += "its name/vector/dbms is not included by the given filter"
|
||||
logger.debug(debugMsg)
|
||||
|
|
|
@ -2273,12 +2273,7 @@ def getTechniqueData(technique=None):
|
|||
Returns injection data for technique specified
|
||||
"""
|
||||
|
||||
retVal = None
|
||||
|
||||
if technique and technique in kb.injection.data:
|
||||
retVal = kb.injection.data[technique]
|
||||
|
||||
return retVal
|
||||
return kb.injection.data.get(technique)
|
||||
|
||||
def isTechniqueAvailable(technique):
|
||||
"""
|
||||
|
@ -2645,10 +2640,7 @@ def normalizeUnicode(value):
|
|||
Reference: http://www.peterbe.com/plog/unicode-to-ascii
|
||||
"""
|
||||
|
||||
retVal = value
|
||||
if isinstance(value, unicode):
|
||||
retVal = unicodedata.normalize('NFKD', value).encode('ascii', 'ignore')
|
||||
return retVal
|
||||
return unicodedata.normalize('NFKD', value).encode('ascii', 'ignore') if isinstance(value, unicode) else value
|
||||
|
||||
def safeSQLIdentificatorNaming(name, isTable=False):
|
||||
"""
|
||||
|
@ -2911,6 +2903,7 @@ def asciifyUrl(url, forceQuote=False):
|
|||
if password:
|
||||
netloc = ':' + password + netloc
|
||||
netloc = username + netloc
|
||||
|
||||
if parts.port:
|
||||
netloc += ':' + str(parts.port)
|
||||
|
||||
|
@ -2942,7 +2935,7 @@ def findPageForms(content, url, raise_=False, addToTargets=False):
|
|||
try:
|
||||
forms = ParseResponse(response, backwards_compat=False)
|
||||
except ParseError:
|
||||
warnMsg = "badly formed HTML at the given url ('%s'). Will try to filter it" % url
|
||||
warnMsg = "badly formed HTML at the given url ('%s'). Going to filter it" % url
|
||||
logger.warning(warnMsg)
|
||||
response.seek(0)
|
||||
filtered = _("".join(re.findall(r"<form(?!.+<form).+?</form>", response.read(), re.I | re.S)), response.geturl())
|
||||
|
@ -3001,7 +2994,7 @@ def getHostHeader(url):
|
|||
|
||||
if re.search("http(s)?://\[.+\]", url, re.I):
|
||||
retVal = extractRegexResult("http(s)?://\[(?P<result>.+)\]", url)
|
||||
elif any(retVal.endswith(':%d' % _) for _ in [80, 443]):
|
||||
elif any(retVal.endswith(':%d' % _) for _ in (80, 443)):
|
||||
retVal = retVal.split(':')[0]
|
||||
|
||||
return retVal
|
||||
|
|
|
@ -611,7 +611,7 @@ def __setMetasploit():
|
|||
if conf.msfPath:
|
||||
condition = False
|
||||
|
||||
for path in [conf.msfPath, os.path.join(conf.msfPath, 'bin')]:
|
||||
for path in (conf.msfPath, os.path.join(conf.msfPath, 'bin')):
|
||||
condition = os.path.exists(normalizePath(path))
|
||||
condition &= os.path.exists(normalizePath(os.path.join(path, "msfcli")))
|
||||
condition &= os.path.exists(normalizePath(os.path.join(path, "msfconsole")))
|
||||
|
|
|
@ -617,7 +617,7 @@ class Connect:
|
|||
return retVal
|
||||
|
||||
for randomParameter in conf.rParam:
|
||||
for item in [PLACE.GET, PLACE.POST, PLACE.COOKIE]:
|
||||
for item in (PLACE.GET, PLACE.POST, PLACE.COOKIE):
|
||||
if item in conf.parameters:
|
||||
if item == PLACE.GET and get:
|
||||
get = _randomizeParameter(get, randomParameter)
|
||||
|
|
|
@ -117,6 +117,7 @@ class Web:
|
|||
query = agent.suffixQuery(query)
|
||||
payload = agent.payload(newValue=query)
|
||||
page = Request.queryPage(payload)
|
||||
|
||||
return page
|
||||
|
||||
def webInit(self):
|
||||
|
@ -196,7 +197,7 @@ class Web:
|
|||
directory = directories[j]
|
||||
uriPath = ""
|
||||
|
||||
if not all(isinstance(item, basestring) for item in [docRoot, directory]):
|
||||
if not all(isinstance(item, basestring) for item in (docRoot, directory)):
|
||||
continue
|
||||
|
||||
directory = ntToPosixSlashes(normalizePath(directory)).replace("//", "/").rstrip('/')
|
||||
|
|
|
@ -57,9 +57,9 @@ def bisection(payload, expression, length=None, charsetType=None, firstChar=None
|
|||
on an affected host
|
||||
"""
|
||||
|
||||
abortedFlag = False
|
||||
partialValue = u""
|
||||
finalValue = None
|
||||
abortedFlag = False
|
||||
asciiTbl = getCharset(charsetType)
|
||||
timeBasedCompare = (kb.technique in (PAYLOAD.TECHNIQUE.TIME, PAYLOAD.TECHNIQUE.STACKED))
|
||||
retVal = hashDBRetrieve(expression, checkConf=True)
|
||||
|
|
|
@ -39,7 +39,7 @@ class Fingerprint(GenericFingerprint):
|
|||
|
||||
minor, major = None, None
|
||||
|
||||
for version in [6, 7]:
|
||||
for version in (6, 7):
|
||||
result = inject.checkBooleanExpression("%d=(SELECT MAJORVERSION FROM SYSINFO.VERSION)" % version)
|
||||
|
||||
if result:
|
||||
|
|
|
@ -92,9 +92,9 @@ class Fingerprint(GenericFingerprint):
|
|||
infoMsg = "confirming %s" % DBMS.MSSQL
|
||||
logger.info(infoMsg)
|
||||
|
||||
for version, check in [ ("2000", "HOST_NAME()=HOST_NAME()"), \
|
||||
for version, check in ( ("2000", "HOST_NAME()=HOST_NAME()"), \
|
||||
("2005", "XACT_STATE()=XACT_STATE()"), \
|
||||
("2008", "SYSDATETIME()=SYSDATETIME()") ]:
|
||||
("2008", "SYSDATETIME()=SYSDATETIME()") ):
|
||||
result = inject.checkBooleanExpression(check)
|
||||
|
||||
if result:
|
||||
|
|
Loading…
Reference in New Issue
Block a user