Patching profile capabilities

doc/THANKS.md

@@ -151,11 +151,6 @@ Giorgio Fedon, <giorgio.fedon(at)gmail.com>
 Kasper Fons, <thefeds(at)mail.dk>
 * for reporting several bugs
 
-Jose Fonseca, <jose.r.fonseca(at)gmail.com>
-* for his Gprof2Dot utility for converting profiler output to dot graph(s) and for his XDot utility to render nicely dot graph(s), both included in sqlmap tree inside extra folder. These libraries are used for sqlmap development purposes only
-    http://code.google.com/p/jrfonseca/wiki/Gprof2Dot
-    http://code.google.com/p/jrfonseca/wiki/XDot
-
 Alan Franzoni, <alan.franzoni(at)gmail.com>
 * for helping out with Python subprocess library
 

doc/THIRD-PARTY.md

@@ -48,14 +48,10 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
 * The `Chardet` library located under `thirdparty/chardet/`.
   Copyright (C) 2008, Mark Pilgrim.
-* The `Gprof2dot` library located under `thirdparty/gprof2dot/`.
-  Copyright (C) 2008-2009, Jose Fonseca.
 * The `KeepAlive` library located under `thirdparty/keepalive/`.
   Copyright (C) 2002-2003, Michael D. Stenner.
 * The `MultipartPost` library located under `thirdparty/multipart/`.
   Copyright (C) 2006, Will Holcomb.
-* The `XDot` library located under `thirdparty/xdot/`
-  Copyright (C) 2008, Jose Fonseca.
 * The `icmpsh` tool located under `extra/icmpsh/`.
   Copyright (C) 2010, Nico Leidecker, Bernardo Damele.
 

lib/core/profiling.py

@@ -14,86 +14,19 @@ from lib.core.data import logger
 from lib.core.data import paths
 from lib.core.settings import UNICODE_ENCODING
 
-def profile(profileOutputFile=None, dotOutputFile=None, imageOutputFile=None):
+def profile(profileOutputFile=None):
     """
     This will run the program and present profiling data in a nice looking graph
     """
 
-    try:
-        __import__("gobject")
-        from thirdparty.gprof2dot import gprof2dot
-        from thirdparty.xdot import xdot
-        import gtk
-        import pydot
-    except ImportError as ex:
-        errMsg = "profiling requires third-party libraries ('%s') " % getSafeExString(ex)
-        errMsg += "(Hint: 'sudo apt install python-pydot python-pyparsing python-profiler graphviz')"
-        logger.error(errMsg)
-
-        return
-
     if profileOutputFile is None:
         profileOutputFile = os.path.join(paths.SQLMAP_OUTPUT_PATH, "sqlmap_profile.raw")
 
-    if dotOutputFile is None:
-        dotOutputFile = os.path.join(paths.SQLMAP_OUTPUT_PATH, "sqlmap_profile.dot")
-
-    if imageOutputFile is None:
-        imageOutputFile = os.path.join(paths.SQLMAP_OUTPUT_PATH, "sqlmap_profile.png")
-
     if os.path.exists(profileOutputFile):
         os.remove(profileOutputFile)
 
-    if os.path.exists(dotOutputFile):
-        os.remove(dotOutputFile)
-
-    if os.path.exists(imageOutputFile):
-        os.remove(imageOutputFile)
-
-    infoMsg = "profiling the execution into file '%s'" % profileOutputFile
-    logger.info(infoMsg)
-
     # Start sqlmap main function and generate a raw profile file
     cProfile.run("start()", profileOutputFile)
 
-    infoMsg = "converting profile data into a dot file '%s'" % dotOutputFile
+    infoMsg = "execution profiled and stored into file '%s' (e.g. 'gprof2dot -f pstats %s | dot -Tpng -o /tmp/sqlmap_profile.png')" % (profileOutputFile, profileOutputFile)
     logger.info(infoMsg)
-
-    # Create dot file by using extra/gprof2dot/gprof2dot.py
-    # http://code.google.com/p/jrfonseca/wiki/Gprof2Dot
-    dotFilePointer = codecs.open(dotOutputFile, 'wt', UNICODE_ENCODING)
-    parser = gprof2dot.PstatsParser(profileOutputFile)
-    profile = parser.parse()
-    profile.prune(0.5 / 100.0, 0.1 / 100.0)
-    dot = gprof2dot.DotWriter(dotFilePointer)
-    dot.graph(profile, gprof2dot.TEMPERATURE_COLORMAP)
-    dotFilePointer.close()
-
-    infoMsg = "converting dot file into a graph image '%s'" % imageOutputFile
-    logger.info(infoMsg)
-
-    # Create graph image (png) by using pydot (python-pydot)
-    # http://code.google.com/p/pydot/
-    pydotGraph = pydot.graph_from_dot_file(dotOutputFile)
-
-    # Reference: http://stackoverflow.com/questions/38176472/graph-write-pdfiris-pdf-attributeerror-list-object-has-no-attribute-writ
-    if isinstance(pydotGraph, list):
-        pydotGraph = pydotGraph[0]
-
-    try:
-        pydotGraph.write_png(imageOutputFile)
-    except OSError:
-        errMsg = "profiling requires graphviz installed "
-        errMsg += "(Hint: 'sudo apt install graphviz')"
-        logger.error(errMsg)
-    else:
-        infoMsg = "displaying interactive graph with xdot library"
-        logger.info(infoMsg)
-
-        # Display interactive Graphviz dot file by using extra/xdot/xdot.py
-        # http://code.google.com/p/jrfonseca/wiki/XDot
-        win = xdot.DotWindow()
-        win.connect('destroy', gtk.main_quit)
-        win.set_filter("dot")
-        win.open_file(dotOutputFile)
-        gtk.main()

lib/core/settings.py

@@ -18,7 +18,7 @@ from lib.core.enums import OS
 from thirdparty.six import unichr as _unichr
 
 # sqlmap version (<major>.<minor>.<month>.<monthly commit>)
-VERSION = "1.5.1.14"
+VERSION = "1.5.1.15"
 TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
 TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
 VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)

sqlmap.py

@@ -182,7 +182,7 @@ def main():
                 fuzzTest()
             else:
                 from lib.controller.controller import start
-                if conf.profile and six.PY2:
+                if conf.profile:
                     from lib.core.profiling import profile
                     globals()["start"] = start
                     profile()

thirdparty/gprof2dot/__init__.py

@@ -1,19 +0,0 @@
-#!/usr/bin/env python2
-#
-# Copyright 2008-2009 Jose Fonseca
-#
-# This program is free software: you can redistribute it and/or modify it
-# under the terms of the GNU Lesser General Public License as published
-# by the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU Lesser General Public License for more details.
-#
-# You should have received a copy of the GNU Lesser General Public License
-# along with this program.  If not, see <http://www.gnu.org/licenses/>.
-#
-
-pass

thirdparty/xdot/__init__.py

@@ -1,19 +0,0 @@
-#!/usr/bin/env python2
-#
-# Copyright 2008-2009 Jose Fonseca
-#
-# This program is free software: you can redistribute it and/or modify it
-# under the terms of the GNU Lesser General Public License as published
-# by the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU Lesser General Public License for more details.
-#
-# You should have received a copy of the GNU Lesser General Public License
-# along with this program.  If not, see <http://www.gnu.org/licenses/>.
-#
-
-pass