Another update for an Issue #352

This commit is contained in:
Miroslav Stampar 2013-03-13 19:42:22 +01:00
parent 2f43c3eb9b
commit eb08c8d752
4 changed files with 72 additions and 4 deletions

View File

@ -1697,13 +1697,14 @@ def stdev(values):
key = (values[0], values[-1], len(values))
if key in kb.cache.stdev:
if kb.get("cache") and key in kb.cache.stdev:
retVal = kb.cache.stdev[key]
else:
avg = average(values)
_ = reduce(lambda x, y: x + pow((y or 0) - avg, 2), values, 0.0)
retVal = sqrt(_ / (len(values) - 1))
kb.cache.stdev[key] = retVal
if kb.get("cache"):
kb.cache.stdev[key] = retVal
return retVal
@ -2876,6 +2877,9 @@ def normalizeUnicode(value):
"""
Does an ASCII normalization of unicode strings
Reference: http://www.peterbe.com/plog/unicode-to-ascii
>>> normalizeUnicode(u'\u0161u\u0107uraj')
'sucuraj'
"""
return unicodedata.normalize('NFKD', value).encode('ascii', 'ignore') if isinstance(value, unicode) else value
@ -2965,6 +2969,8 @@ def isNullValue(value):
>>> isNullValue(u'NULL')
True
>>> isNullValue(u'foobar')
False
"""
return isinstance(value, basestring) and value.upper() == NULL
@ -3090,6 +3096,12 @@ def filterPairValues(values):
def randomizeParameterValue(value):
"""
Randomize a parameter value based on occurances of alphanumeric characters
>>> random.seed(0)
>>> randomizeParameterValue('foobar')
'rnvnav'
>>> randomizeParameterValue('17')
'83'
"""
retVal = value
@ -3119,6 +3131,9 @@ def asciifyUrl(url, forceQuote=False):
See also RFC 3987.
Reference: http://blog.elsdoerfer.name/2008/12/12/opening-iris-in-python/
>>> asciifyUrl(u'http://www.\u0161u\u0107uraj.com')
u'http://www.xn--uuraj-gxa24d.com'
"""
parts = urlparse.urlsplit(url)
@ -3290,6 +3305,9 @@ def findPageForms(content, url, raise_=False, addToTargets=False):
def getHostHeader(url):
"""
Returns proper Host header value for a given target URL
>>> getHostHeader('http://www.target.com/vuln.php?id=1')
'www.target.com'
"""
retVal = url
@ -3339,6 +3357,9 @@ def serializeObject(object_):
def unserializeObject(value):
"""
Unserializes object from given serialized form
>>> unserializeObject(serializeObject([1, 2, 3])) == [1, 2, 3]
True
"""
return base64unpickle(value) if value else None
@ -3367,6 +3388,9 @@ def getCounter(technique):
def applyFunctionRecursively(value, function):
"""
Applies function recursively through list-like structures
>>> applyFunctionRecursively([1, 2, [3, 4, [19]], -9], lambda _: _ > 0)
[True, True, [True, True, [True]], False]
"""
if isListLike(value):
@ -3379,6 +3403,9 @@ def applyFunctionRecursively(value, function):
def decodeHexValue(value):
"""
Returns value decoded from DBMS specific hexadecimal representation
>>> decodeHexValue('3132332031')
u'123 1'
"""
retVal = value
@ -3409,6 +3436,11 @@ def decodeHexValue(value):
def extractExpectedValue(value, expected):
"""
Extracts and returns expected value by a given type
>>> extractExpectedValue(['1'], EXPECTED.BOOL)
True
>>> extractExpectedValue('1', EXPECTED.INT)
1
"""
if expected:
@ -3516,6 +3548,9 @@ def prioritySortColumns(columns):
"""
Sorts given column names by length in ascending order while those containing
string 'id' go first
>>> prioritySortColumns(['password', 'userid', 'name'])
['userid', 'name', 'password']
"""
_ = lambda x: x and "id" in x.lower()
@ -3536,6 +3571,13 @@ def getRequestHeader(request, name):
def isNumber(value):
"""
Returns True if the given value is a number-like object
>>> isNumber(1)
True
>>> isNumber('0')
True
>>> isNumber('foobar')
False
"""
try:
@ -3566,7 +3608,10 @@ def zeroDepthSearch(expression, value):
def splitFields(fields, delimiter=','):
"""
Returns list of fields splitted by delimiter
Returns list of (0-depth) fields splitted by delimiter
>>> splitFields('foo, bar, max(foo, bar)')
['foo', 'bar', 'max(foo,bar)']
"""
fields = fields.replace("%s " % delimiter, delimiter)

View File

@ -14,6 +14,11 @@ class AttribDict(dict):
"""
This class defines the sqlmap object, inheriting from Python data
type dictionary.
>>> foo = AttribDict()
>>> foo.bar = 1
>>> foo.bar
1
"""
def __init__(self, indict=None, attribute=None):

View File

@ -99,13 +99,23 @@ def parseResponse(page, headers):
htmlParser(page)
def checkCharEncoding(encoding, warn=True):
"""
Checks encoding name, repairs common misspellings and adjusts to
proper namings used in codecs module
>>> checkCharEncoding('iso-8858', False)
'iso8859-1'
>>> checkCharEncoding('en_us', False)
'utf8'
"""
if encoding:
encoding = encoding.lower()
else:
return encoding
# Reference: http://www.destructor.de/charsets/index.htm
translate = {"windows-874": "iso-8859-11", "en_us": "utf8", "macintosh": "iso-8859-1", "euc_tw": "big5_tw", "th": "tis-620", "unicode": "utf8", "utc8": "utf8", "ebcdic": "ebcdic-cp-be"}
translate = {"windows-874": "iso-8859-11", "en_us": "utf8", "macintosh": "iso-8859-1", "euc_tw": "big5_tw", "th": "tis-620", "unicode": "utf8", "utc8": "utf8", "ebcdic": "ebcdic-cp-be", "iso-8859": "iso8859-1"}
for delimiter in (';', ',', '('):
if delimiter in encoding:

View File

@ -9,6 +9,14 @@ class xrange(object):
"""
Advanced (re)implementation of xrange (supports slice/copy/etc.)
Reference: http://code.activestate.com/recipes/521885-a-pythonic-implementation-of-xrange/
>>> foobar = xrange(1, 10)
>>> 7 in foobar
True
>>> 11 in foobar
False
>>> foobar[0]
1
"""
__slots__ = ['_slice']