mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2024-11-25 11:03:47 +03:00
Some refactoring
This commit is contained in:
parent
bb6e8fd4ce
commit
edc6f47758
|
@ -10,10 +10,9 @@ import httplib
|
|||
import random
|
||||
import re
|
||||
import socket
|
||||
import subprocess
|
||||
import time
|
||||
|
||||
from subprocess import Popen as execute
|
||||
|
||||
from extra.beep.beep import beep
|
||||
from lib.core.agent import agent
|
||||
from lib.core.common import Backend
|
||||
|
@ -200,7 +199,7 @@ def checkSqlInjection(place, parameter, value):
|
|||
if conf.tech and isinstance(conf.tech, list) and stype not in conf.tech:
|
||||
debugMsg = "skipping test '%s' because the user " % title
|
||||
debugMsg += "specified to test only for "
|
||||
debugMsg += "%s techniques" % " & ".join(map(lambda x: PAYLOAD.SQLINJECTION[x], conf.tech))
|
||||
debugMsg += "%s techniques" % " & ".join(PAYLOAD.SQLINJECTION[_] for _ in conf.tech)
|
||||
logger.debug(debugMsg)
|
||||
continue
|
||||
|
||||
|
@ -651,20 +650,20 @@ def checkSqlInjection(place, parameter, value):
|
|||
|
||||
# Feed with test details every time a test is successful
|
||||
if hasattr(test, "details"):
|
||||
for dKey, dValue in test.details.items():
|
||||
if dKey == "dbms":
|
||||
injection.dbms = dValue
|
||||
for key, value in test.details.items():
|
||||
if key == "dbms":
|
||||
injection.dbms = value
|
||||
|
||||
if not isinstance(dValue, list):
|
||||
Backend.setDbms(dValue)
|
||||
if not isinstance(value, list):
|
||||
Backend.setDbms(value)
|
||||
else:
|
||||
Backend.forceDbms(dValue[0], True)
|
||||
Backend.forceDbms(value[0], True)
|
||||
|
||||
elif dKey == "dbms_version" and injection.dbms_version is None and not conf.testFilter:
|
||||
injection.dbms_version = Backend.setVersion(dValue)
|
||||
elif key == "dbms_version" and injection.dbms_version is None and not conf.testFilter:
|
||||
injection.dbms_version = Backend.setVersion(value)
|
||||
|
||||
elif dKey == "os" and injection.os is None:
|
||||
injection.os = Backend.setOs(dValue)
|
||||
elif key == "os" and injection.os is None:
|
||||
injection.os = Backend.setOs(value)
|
||||
|
||||
if vector is None and "vector" in test and test.vector is not None:
|
||||
vector = test.vector
|
||||
|
@ -696,7 +695,7 @@ def checkSqlInjection(place, parameter, value):
|
|||
infoMsg = "executing alerting shell command(s) ('%s')" % conf.alert
|
||||
logger.info(infoMsg)
|
||||
|
||||
process = execute(conf.alert, shell=True)
|
||||
process = subprocess.Popen(conf.alert, shell=True)
|
||||
process.wait()
|
||||
|
||||
kb.alerted = True
|
||||
|
@ -921,8 +920,10 @@ def heuristicCheckSqlInjection(place, parameter):
|
|||
|
||||
origValue = conf.paramDict[place][parameter]
|
||||
paramType = conf.method if conf.method not in (None, HTTPMETHOD.GET, HTTPMETHOD.POST) else place
|
||||
|
||||
prefix = ""
|
||||
suffix = ""
|
||||
randStr = ""
|
||||
|
||||
if conf.prefix or conf.suffix:
|
||||
if conf.prefix:
|
||||
|
@ -931,8 +932,6 @@ def heuristicCheckSqlInjection(place, parameter):
|
|||
if conf.suffix:
|
||||
suffix = conf.suffix
|
||||
|
||||
randStr = ""
|
||||
|
||||
while randStr.count('\'') != 1 or randStr.count('\"') != 1:
|
||||
randStr = randomStr(length=10, alphabet=HEURISTIC_CHECK_ALPHABET)
|
||||
|
||||
|
|
|
@ -165,7 +165,7 @@ def _showInjections():
|
|||
if hasattr(conf, "api"):
|
||||
conf.dumper.string("", kb.injections, content_type=CONTENT_TYPE.TECHNIQUES)
|
||||
else:
|
||||
data = "".join(set(map(lambda x: _formatInjection(x), kb.injections))).rstrip("\n")
|
||||
data = "".join(set(_formatInjection(_) for _ in kb.injections)).rstrip("\n")
|
||||
conf.dumper.string(header, data)
|
||||
|
||||
if conf.tamper:
|
||||
|
@ -224,7 +224,7 @@ def _saveToResultsFile():
|
|||
return
|
||||
|
||||
results = {}
|
||||
techniques = dict(map(lambda x: (x[1], x[0]), getPublicTypeMembers(PAYLOAD.TECHNIQUE)))
|
||||
techniques = dict((_[1], _[0]) for _ in getPublicTypeMembers(PAYLOAD.TECHNIQUE))
|
||||
|
||||
for injection in kb.injections + kb.falsePositives:
|
||||
if injection.place is None or injection.parameter is None:
|
||||
|
@ -238,7 +238,7 @@ def _saveToResultsFile():
|
|||
|
||||
for key, value in results.items():
|
||||
place, parameter, notes = key
|
||||
line = "%s,%s,%s,%s,%s%s" % (safeCSValue(kb.originalUrls.get(conf.url) or conf.url), place, parameter, "".join(map(lambda x: techniques[x][0].upper(), sorted(value))), notes, os.linesep)
|
||||
line = "%s,%s,%s,%s,%s%s" % (safeCSValue(kb.originalUrls.get(conf.url) or conf.url), place, parameter, "".join(techniques[_][0].upper() for _ in sorted(value)), notes, os.linesep)
|
||||
conf.resultsFP.writelines(line)
|
||||
|
||||
if not results:
|
||||
|
|
|
@ -23,6 +23,7 @@ import random
|
|||
import re
|
||||
import socket
|
||||
import string
|
||||
import subprocess
|
||||
import sys
|
||||
import tempfile
|
||||
import time
|
||||
|
@ -37,8 +38,6 @@ from StringIO import StringIO
|
|||
from difflib import SequenceMatcher
|
||||
from math import sqrt
|
||||
from optparse import OptionValueError
|
||||
from subprocess import PIPE
|
||||
from subprocess import Popen as execute
|
||||
from xml.dom import minidom
|
||||
from xml.sax import parse
|
||||
from xml.sax import SAXParseException
|
||||
|
@ -1889,7 +1888,7 @@ def getConsoleWidth(default=80):
|
|||
FNULL = open(os.devnull, 'w')
|
||||
except IOError:
|
||||
FNULL = None
|
||||
process = execute("stty size", shell=True, stdout=PIPE, stderr=FNULL or PIPE)
|
||||
process = subprocess.Popen("stty size", shell=True, stdout=subprocess.PIPE, stderr=FNULL or subprocess.PIPE)
|
||||
stdout, _ = process.communicate()
|
||||
items = stdout.split()
|
||||
|
||||
|
|
|
@ -1335,17 +1335,17 @@ def _setHTTPAuthentication():
|
|||
debugMsg = "setting the HTTP authentication type and credentials"
|
||||
logger.debug(debugMsg)
|
||||
|
||||
aTypeLower = conf.authType.lower()
|
||||
authType = conf.authType.lower()
|
||||
|
||||
if aTypeLower in (AUTH_TYPE.BASIC, AUTH_TYPE.DIGEST):
|
||||
if authType in (AUTH_TYPE.BASIC, AUTH_TYPE.DIGEST):
|
||||
regExp = "^(.*?):(.*?)$"
|
||||
errMsg = "HTTP %s authentication credentials " % aTypeLower
|
||||
errMsg = "HTTP %s authentication credentials " % authType
|
||||
errMsg += "value must be in format 'username:password'"
|
||||
elif aTypeLower == AUTH_TYPE.NTLM:
|
||||
elif authType == AUTH_TYPE.NTLM:
|
||||
regExp = "^(.*\\\\.*):(.*?)$"
|
||||
errMsg = "HTTP NTLM authentication credentials value must "
|
||||
errMsg += "be in format 'DOMAIN\username:password'"
|
||||
elif aTypeLower == AUTH_TYPE.PKI:
|
||||
elif authType == AUTH_TYPE.PKI:
|
||||
errMsg = "HTTP PKI authentication require "
|
||||
errMsg += "usage of option `--auth-pki`"
|
||||
raise SqlmapSyntaxException(errMsg)
|
||||
|
@ -1362,13 +1362,13 @@ def _setHTTPAuthentication():
|
|||
|
||||
_setAuthCred()
|
||||
|
||||
if aTypeLower == AUTH_TYPE.BASIC:
|
||||
if authType == AUTH_TYPE.BASIC:
|
||||
authHandler = SmartHTTPBasicAuthHandler(kb.passwordMgr)
|
||||
|
||||
elif aTypeLower == AUTH_TYPE.DIGEST:
|
||||
elif authType == AUTH_TYPE.DIGEST:
|
||||
authHandler = urllib2.HTTPDigestAuthHandler(kb.passwordMgr)
|
||||
|
||||
elif aTypeLower == AUTH_TYPE.NTLM:
|
||||
elif authType == AUTH_TYPE.NTLM:
|
||||
try:
|
||||
from ntlm import HTTPNtlmAuthHandler
|
||||
except ImportError:
|
||||
|
|
|
@ -7,9 +7,7 @@ See the file 'doc/COPYING' for copying permission
|
|||
|
||||
import os
|
||||
import re
|
||||
|
||||
from subprocess import PIPE
|
||||
from subprocess import Popen as execute
|
||||
import subprocess
|
||||
|
||||
def getRevisionNumber():
|
||||
"""
|
||||
|
@ -46,7 +44,7 @@ def getRevisionNumber():
|
|||
break
|
||||
|
||||
if not retVal:
|
||||
process = execute("git rev-parse --verify HEAD", shell=True, stdout=PIPE, stderr=PIPE)
|
||||
process = subprocess.Popen("git rev-parse --verify HEAD", shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
|
||||
stdout, _ = process.communicate()
|
||||
match = re.search(r"(?i)[0-9a-f]{32}", stdout or "")
|
||||
retVal = match.group(0) if match else None
|
||||
|
|
|
@ -19,7 +19,7 @@ from lib.core.enums import DBMS_DIRECTORY_NAME
|
|||
from lib.core.enums import OS
|
||||
|
||||
# sqlmap version (<major>.<minor>.<month>.<monthly commit>)
|
||||
VERSION = "1.0.12.10"
|
||||
VERSION = "1.0.12.11"
|
||||
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
|
||||
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
|
||||
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
|
||||
|
@ -527,7 +527,7 @@ UNION_CHAR_REGEX = r"\A\w+\Z"
|
|||
UNENCODED_ORIGINAL_VALUE = "original"
|
||||
|
||||
# Common column names containing usernames (used for hash cracking in some cases)
|
||||
COMMON_USER_COLUMNS = ("login", "user", "username", "user_name", "user_login", "benutzername", "benutzer", "utilisateur", "usager", "consommateur", "utente", "utilizzatore", "usufrutuario", "korisnik", "usuario", "consumidor")
|
||||
COMMON_USER_COLUMNS = ("login", "user", "username", "user_name", "user_login", "benutzername", "benutzer", "utilisateur", "usager", "consommateur", "utente", "utilizzatore", "usufrutuario", "korisnik", "usuario", "consumidor", "client", "cuser")
|
||||
|
||||
# Default delimiter in GET/POST values
|
||||
DEFAULT_GET_POST_DELIMITER = '&'
|
||||
|
|
|
@ -8,11 +8,9 @@ See the file 'doc/COPYING' for copying permission
|
|||
import locale
|
||||
import os
|
||||
import re
|
||||
import subprocess
|
||||
import time
|
||||
|
||||
from subprocess import PIPE
|
||||
from subprocess import Popen as execute
|
||||
|
||||
from lib.core.common import dataToStdout
|
||||
from lib.core.common import getSafeExString
|
||||
from lib.core.common import pollProcess
|
||||
|
@ -44,7 +42,7 @@ def update():
|
|||
dataToStdout("\r[%s] [INFO] update in progress " % time.strftime("%X"))
|
||||
|
||||
try:
|
||||
process = execute("git checkout . && git pull %s HEAD" % GIT_REPOSITORY, shell=True, stdout=PIPE, stderr=PIPE, cwd=paths.SQLMAP_ROOT_PATH.encode(locale.getpreferredencoding())) # Reference: http://blog.stastnarodina.com/honza-en/spot/python-unicodeencodeerror/
|
||||
process = subprocess.Popen("git checkout . && git pull %s HEAD" % GIT_REPOSITORY, shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE, cwd=paths.SQLMAP_ROOT_PATH.encode(locale.getpreferredencoding())) # Reference: http://blog.stastnarodina.com/honza-en/spot/python-unicodeencodeerror/
|
||||
pollProcess(process, True)
|
||||
stdout, stderr = process.communicate()
|
||||
success = not process.returncode
|
||||
|
|
|
@ -63,6 +63,7 @@ def direct(query, content=True):
|
|||
elif output:
|
||||
infoMsg = "resumed: %s..." % getUnicode(output, UNICODE_ENCODING)[:20]
|
||||
logger.info(infoMsg)
|
||||
|
||||
threadData.lastQueryDuration = calculateDeltaSeconds(start)
|
||||
|
||||
if not output:
|
||||
|
|
|
@ -364,7 +364,7 @@ def getValue(expression, blind=True, union=True, error=True, time=True, fromUser
|
|||
if conf.direct:
|
||||
value = direct(forgeCaseExpression if expected == EXPECTED.BOOL else expression)
|
||||
|
||||
elif any(map(isTechniqueAvailable, getPublicTypeMembers(PAYLOAD.TECHNIQUE, onlyValues=True))):
|
||||
elif any(isTechniqueAvailable(_) for _ in getPublicTypeMembers(PAYLOAD.TECHNIQUE, onlyValues=True)):
|
||||
query = cleanQuery(expression)
|
||||
query = expandAsteriskForColumns(query)
|
||||
value = None
|
||||
|
|
|
@ -25,13 +25,13 @@ from lib.core.shell import autoCompletion
|
|||
from lib.request import inject
|
||||
from lib.takeover.udf import UDF
|
||||
from lib.takeover.web import Web
|
||||
from lib.takeover.xp_cmdshell import Xp_cmdshell
|
||||
from lib.takeover.xp_cmdshell import XP_cmdshell
|
||||
|
||||
|
||||
class Abstraction(Web, UDF, Xp_cmdshell):
|
||||
class Abstraction(Web, UDF, XP_cmdshell):
|
||||
"""
|
||||
This class defines an abstraction layer for OS takeover functionalities
|
||||
to UDF / Xp_cmdshell objects
|
||||
to UDF / XP_cmdshell objects
|
||||
"""
|
||||
|
||||
def __init__(self):
|
||||
|
@ -40,7 +40,7 @@ class Abstraction(Web, UDF, Xp_cmdshell):
|
|||
|
||||
UDF.__init__(self)
|
||||
Web.__init__(self)
|
||||
Xp_cmdshell.__init__(self)
|
||||
XP_cmdshell.__init__(self)
|
||||
|
||||
def execCmd(self, cmd, silent=False):
|
||||
if self.webBackdoorUrl and not isStackingAvailable():
|
||||
|
|
|
@ -33,7 +33,7 @@ from lib.core.exception import SqlmapUnsupportedFeatureException
|
|||
from lib.core.threads import getCurrentThreadData
|
||||
from lib.request import inject
|
||||
|
||||
class Xp_cmdshell:
|
||||
class XP_cmdshell:
|
||||
"""
|
||||
This class defines methods to deal with Microsoft SQL Server
|
||||
xp_cmdshell extended procedure for plugins.
|
||||
|
|
|
@ -114,9 +114,9 @@ def _findUnionCharCount(comment, place, parameter, value, prefix, suffix, where=
|
|||
|
||||
if not isNullValue(kb.uChar):
|
||||
for regex in (kb.uChar, r'>\s*%s\s*<' % kb.uChar):
|
||||
contains = [(count, re.search(regex, page or "", re.IGNORECASE) is not None) for count, page in pages.items()]
|
||||
if len(filter(lambda x: x[1], contains)) == 1:
|
||||
retVal = filter(lambda x: x[1], contains)[0][0]
|
||||
contains = [(count, re.search(regex, _ or "", re.IGNORECASE) is not None) for count, _ in pages.items()]
|
||||
if len(filter(lambda _: _[1], contains)) == 1:
|
||||
retVal = filter(lambda _: _[1], contains)[0][0]
|
||||
break
|
||||
|
||||
if not retVal:
|
||||
|
@ -133,10 +133,10 @@ def _findUnionCharCount(comment, place, parameter, value, prefix, suffix, where=
|
|||
elif item[1] == max_:
|
||||
maxItem = item
|
||||
|
||||
if all(map(lambda x: x == min_ and x != max_, ratios)):
|
||||
if all(_ == min_ and _ != max_ for _ in ratios):
|
||||
retVal = maxItem[0]
|
||||
|
||||
elif all(map(lambda x: x != min_ and x == max_, ratios)):
|
||||
elif all(_ != min_ and _ == max_ for _ in ratios):
|
||||
retVal = minItem[0]
|
||||
|
||||
elif abs(max_ - min_) >= MIN_STATISTICAL_RANGE:
|
||||
|
|
|
@ -337,7 +337,7 @@ def unionUse(expression, unpack=True, dump=False):
|
|||
|
||||
if output:
|
||||
with kb.locks.value:
|
||||
if all(map(lambda _: _ in output, (kb.chars.start, kb.chars.stop))):
|
||||
if all(_ in output for _ in (kb.chars.start, kb.chars.stop)):
|
||||
items = parseUnionPage(output)
|
||||
|
||||
if threadData.shared.showEta:
|
||||
|
|
|
@ -19,33 +19,33 @@ def checkDependencies():
|
|||
|
||||
try:
|
||||
if dbmsName in (DBMS.MSSQL, DBMS.SYBASE):
|
||||
import _mssql
|
||||
import pymssql
|
||||
__import__("_mssql")
|
||||
|
||||
import pymssql
|
||||
if not hasattr(pymssql, "__version__") or pymssql.__version__ < "1.0.2":
|
||||
warnMsg = "'%s' third-party library must be " % data[1]
|
||||
warnMsg += "version >= 1.0.2 to work properly. "
|
||||
warnMsg += "Download from %s" % data[2]
|
||||
logger.warn(warnMsg)
|
||||
elif dbmsName == DBMS.MYSQL:
|
||||
import pymysql
|
||||
__import__("pymysql")
|
||||
elif dbmsName == DBMS.PGSQL:
|
||||
import psycopg2
|
||||
__import__("psycopg2")
|
||||
elif dbmsName == DBMS.ORACLE:
|
||||
import cx_Oracle
|
||||
__import__("cx_Oracle")
|
||||
elif dbmsName == DBMS.SQLITE:
|
||||
import sqlite3
|
||||
__import__("sqlite3")
|
||||
elif dbmsName == DBMS.ACCESS:
|
||||
import pyodbc
|
||||
__import__("pyodbc")
|
||||
elif dbmsName == DBMS.FIREBIRD:
|
||||
import kinterbasdb
|
||||
__import__("kinterbasdb")
|
||||
elif dbmsName == DBMS.DB2:
|
||||
import ibm_db_dbi
|
||||
__import__("ibm_db_dbi")
|
||||
elif dbmsName == DBMS.HSQLDB:
|
||||
import jaydebeapi
|
||||
import jpype
|
||||
__import__("jaydebeapi")
|
||||
__import__("jpype")
|
||||
elif dbmsName == DBMS.INFORMIX:
|
||||
import ibm_db_dbi
|
||||
__import__("ibm_db_dbi")
|
||||
except ImportError:
|
||||
warnMsg = "sqlmap requires '%s' third-party library " % data[1]
|
||||
warnMsg += "in order to directly connect to the DBMS "
|
||||
|
@ -59,7 +59,7 @@ def checkDependencies():
|
|||
logger.debug(debugMsg)
|
||||
|
||||
try:
|
||||
import impacket
|
||||
__import__("impacket")
|
||||
debugMsg = "'python-impacket' third-party library is found"
|
||||
logger.debug(debugMsg)
|
||||
except ImportError:
|
||||
|
@ -70,7 +70,7 @@ def checkDependencies():
|
|||
missing_libraries.add('python-impacket')
|
||||
|
||||
try:
|
||||
import ntlm
|
||||
__import__("ntlm")
|
||||
debugMsg = "'python-ntlm' third-party library is found"
|
||||
logger.debug(debugMsg)
|
||||
except ImportError:
|
||||
|
@ -81,7 +81,7 @@ def checkDependencies():
|
|||
missing_libraries.add('python-ntlm')
|
||||
|
||||
try:
|
||||
from websocket import ABNF
|
||||
__import__("websocket.ABNF")
|
||||
debugMsg = "'python websocket-client' library is found"
|
||||
logger.debug(debugMsg)
|
||||
except ImportError:
|
||||
|
@ -93,7 +93,7 @@ def checkDependencies():
|
|||
|
||||
if IS_WIN:
|
||||
try:
|
||||
import pyreadline
|
||||
__import__("pyreadline")
|
||||
debugMsg = "'python-pyreadline' third-party library is found"
|
||||
logger.debug(debugMsg)
|
||||
except ImportError:
|
||||
|
|
|
@ -10,7 +10,7 @@ import sys
|
|||
PYVERSION = sys.version.split()[0]
|
||||
|
||||
if PYVERSION >= "3" or PYVERSION < "2.6":
|
||||
exit("[CRITICAL] incompatible Python version detected ('%s'). For successfully running sqlmap you'll have to use version 2.6 or 2.7 (visit 'http://www.python.org/download/')" % PYVERSION)
|
||||
exit("[CRITICAL] incompatible Python version detected ('%s'). For successfully running sqlmap you'll have to use version 2.6.x or 2.7.x (visit 'http://www.python.org/download/')" % PYVERSION)
|
||||
|
||||
extensions = ("gzip", "ssl", "sqlite3", "zlib")
|
||||
try:
|
||||
|
|
|
@ -5,7 +5,6 @@ Copyright (c) 2006-2016 sqlmap developers (http://sqlmap.org/)
|
|||
See the file 'doc/COPYING' for copying permission
|
||||
"""
|
||||
|
||||
from lib.core.common import Backend
|
||||
from lib.core.common import isDBMSVersionAtLeast
|
||||
from plugins.generic.syntax import Syntax as GenericSyntax
|
||||
|
||||
|
@ -16,6 +15,7 @@ class Syntax(GenericSyntax):
|
|||
@staticmethod
|
||||
def escape(expression, quote=True):
|
||||
"""
|
||||
>>> from lib.core.common import Backend
|
||||
>>> Backend.setVersion('2.0')
|
||||
['2.0']
|
||||
>>> Syntax.escape("SELECT 'abcdefgh' FROM foobar")
|
||||
|
|
|
@ -7,7 +7,6 @@ See the file 'doc/COPYING' for copying permission
|
|||
|
||||
import binascii
|
||||
|
||||
from lib.core.common import Backend
|
||||
from lib.core.common import isDBMSVersionAtLeast
|
||||
from lib.core.settings import UNICODE_ENCODING
|
||||
from plugins.generic.syntax import Syntax as GenericSyntax
|
||||
|
@ -19,6 +18,7 @@ class Syntax(GenericSyntax):
|
|||
@staticmethod
|
||||
def escape(expression, quote=True):
|
||||
"""
|
||||
>>> from lib.core.common import Backend
|
||||
>>> Backend.setVersion('2')
|
||||
['2']
|
||||
>>> Syntax.escape("SELECT 'abcdefgh' FROM foobar")
|
||||
|
|
|
@ -119,13 +119,13 @@ class Custom:
|
|||
infoMsg = "executing SQL statements from given file(s)"
|
||||
logger.info(infoMsg)
|
||||
|
||||
for sfile in re.split(PARAMETER_SPLITTING_REGEX, conf.sqlFile):
|
||||
sfile = sfile.strip()
|
||||
for filename in re.split(PARAMETER_SPLITTING_REGEX, conf.sqlFile):
|
||||
filename = filename.strip()
|
||||
|
||||
if not sfile:
|
||||
if not filename:
|
||||
continue
|
||||
|
||||
snippet = getSQLSnippet(Backend.getDbms(), sfile)
|
||||
snippet = getSQLSnippet(Backend.getDbms(), filename)
|
||||
|
||||
if snippet and all(query.strip().upper().startswith("SELECT") for query in filter(None, snippet.split(';' if ';' in snippet else '\n'))):
|
||||
for query in filter(None, snippet.split(';' if ';' in snippet else '\n')):
|
||||
|
|
|
@ -20,13 +20,13 @@ a8dd1f5799ed863a80b94c36b5428528 extra/shutils/regressiontest.py
|
|||
cc9c82cfffd8ee9b25ba3af6284f057e extra/sqlharvest/__init__.py
|
||||
4f2f817596540d82f9fcc0c5b2228beb extra/sqlharvest/sqlharvest.py
|
||||
2daa39e4d59526acb4772b6c47eb315f lib/controller/action.py
|
||||
33299308c821d04c2caf35d4c7a415ff lib/controller/checks.py
|
||||
35029bd013e74ca45749aa57e585aac9 lib/controller/controller.py
|
||||
eb36e67d0f698384978486d9b16591c5 lib/controller/checks.py
|
||||
f5183cfef62974889db81beb0adbf8fd lib/controller/controller.py
|
||||
ec007a1424da78cfdae90da6ae49ed9b lib/controller/handler.py
|
||||
cc9c82cfffd8ee9b25ba3af6284f057e lib/controller/__init__.py
|
||||
cdffff6260c40ccb4e4092fc21d9d63f lib/core/agent.py
|
||||
eb0bd28b0bd9fbf67dcc3119116df377 lib/core/bigarray.py
|
||||
aef64655185ac789696de9ba73d65ec9 lib/core/common.py
|
||||
35f2579af5793e3c8299f05190eec734 lib/core/common.py
|
||||
ab5ef8fe4e4beaef4016d458d0fdefe3 lib/core/convert.py
|
||||
e77cca1cb063016f71f6e6bdebf4ec73 lib/core/data.py
|
||||
1d042f0bc0557d3fd564ea5a46deb77e lib/core/datatype.py
|
||||
|
@ -39,20 +39,20 @@ e4aec2b11c1ad6039d0c3dbbfbc5eb1a lib/core/exception.py
|
|||
cc9c82cfffd8ee9b25ba3af6284f057e lib/core/__init__.py
|
||||
91c514013daa796e2cdd940389354eac lib/core/log.py
|
||||
86c86d2ee9e0eb74b13c16797b7dfc51 lib/core/optiondict.py
|
||||
eb5e96b4baef52ad172e0359c1783d83 lib/core/option.py
|
||||
5d530c06c9720626ef6bf9e0a3decd2a lib/core/option.py
|
||||
7af487340c138f7b5dbd443161cbb428 lib/core/profiling.py
|
||||
e60456db5380840a586654344003d4e6 lib/core/readlineng.py
|
||||
b3a62d41a5af6cd7fa733b6227febb0c lib/core/replication.py
|
||||
99a2b496b9d5b546b335653ca801153f lib/core/revision.py
|
||||
dfb664b223ac3585d51e58839b777d9b lib/core/revision.py
|
||||
7c15dd2777af4dac2c89cab6df17462e lib/core/session.py
|
||||
904783b704023a9bbf40a3474a1f05ba lib/core/settings.py
|
||||
e892660b4e7981a575dde143ca06754b lib/core/settings.py
|
||||
7af83e4f18cab6dff5e67840eb65be80 lib/core/shell.py
|
||||
23657cd7d924e3c6d225719865855827 lib/core/subprocessng.py
|
||||
c3ace7874a536d801f308cf1fd03df99 lib/core/target.py
|
||||
d43f059747ffd48952922c94152e2a07 lib/core/testing.py
|
||||
95997f8d0b23fed9289b04b85d0e9b64 lib/core/threads.py
|
||||
53c15b78e0288274f52410db25406432 lib/core/unescaper.py
|
||||
f054dd08b488a09181abc177b92c25b5 lib/core/update.py
|
||||
542d106b505c6d8675d42bdfcf745eea lib/core/update.py
|
||||
8485a3cd94c0a5af2718bad60c5f1ae5 lib/core/wordlist.py
|
||||
cc9c82cfffd8ee9b25ba3af6284f057e lib/__init__.py
|
||||
c1288bc4ce5651dbdd82d4a9435fdc03 lib/parse/banner.py
|
||||
|
@ -68,24 +68,24 @@ b40a4c5d91770d347df36d3065b63798 lib/parse/sitemap.py
|
|||
083e7f446909b12009e72ae8e5e5737c lib/request/basic.py
|
||||
c48285682a61d49982cb508351013cb4 lib/request/comparison.py
|
||||
de812e1f9e88659adc4d904014260ea9 lib/request/connect.py
|
||||
d4d52c1073c75a6eecd2ebb98b670b96 lib/request/direct.py
|
||||
3d4416fb6802e7e29cf727aefa29355d lib/request/direct.py
|
||||
4ae7f4570fb859045f0487cc0b055a8e lib/request/dns.py
|
||||
58f63132eb56ad41ae6af4fe61933a2d lib/request/httpshandler.py
|
||||
cc9c82cfffd8ee9b25ba3af6284f057e lib/request/__init__.py
|
||||
62aff2a7bdd43f6e4d33385f57ec3e4c lib/request/inject.py
|
||||
33c871507bf9be32385497dfde8cdc85 lib/request/inject.py
|
||||
3fc323d525beddd14cd4d4dca4934fa8 lib/request/methodrequest.py
|
||||
585a6705cfac79f795b835affb80c901 lib/request/pkihandler.py
|
||||
b2ffd261947994f4a4af555d468b4970 lib/request/rangehandler.py
|
||||
30eda640dc427585c3dbf4762a30bd38 lib/request/redirecthandler.py
|
||||
4d838b086f128a94a91aa293ca1e0719 lib/request/templates.py
|
||||
937b7e276f25ccac5a2ac0bf9b1ef434 lib/takeover/abstraction.py
|
||||
142e0971c7a79f93bf3ae91e121fb525 lib/takeover/abstraction.py
|
||||
3ecf028d8d93025d2a12c6f6fc13adb2 lib/takeover/icmpsh.py
|
||||
cc9c82cfffd8ee9b25ba3af6284f057e lib/takeover/__init__.py
|
||||
2d39688ec1b871005b520b6f1ed97ba6 lib/takeover/metasploit.py
|
||||
7083825564c051a7265cfdd1a5e6629c lib/takeover/registry.py
|
||||
7d6cd7bdfc8f4bc4e8aed60c84cdf87f lib/takeover/udf.py
|
||||
d9bdcc17091374c53ad2eea7fd72a909 lib/takeover/web.py
|
||||
9af83a62de360184f1c14e69b8a95cfe lib/takeover/xp_cmdshell.py
|
||||
8a67ed220d114148ec0e4a2c56a87613 lib/takeover/xp_cmdshell.py
|
||||
0ad6fbd71649f736083c00e58de750b9 lib/techniques/blind/inference.py
|
||||
cc9c82cfffd8ee9b25ba3af6284f057e lib/techniques/blind/__init__.py
|
||||
cc9c82cfffd8ee9b25ba3af6284f057e lib/techniques/brute/__init__.py
|
||||
|
@ -97,11 +97,11 @@ cc9c82cfffd8ee9b25ba3af6284f057e lib/techniques/error/__init__.py
|
|||
4a1fb475f4a193e2cac48c8c038f5677 lib/techniques/error/use.py
|
||||
cc9c82cfffd8ee9b25ba3af6284f057e lib/techniques/__init__.py
|
||||
cc9c82cfffd8ee9b25ba3af6284f057e lib/techniques/union/__init__.py
|
||||
f5d6884cdeed28281187c111d3e49e3b lib/techniques/union/test.py
|
||||
12ce1bb7ee5f1f23f58be12fe9fa8472 lib/techniques/union/use.py
|
||||
8c00374e60a7699d4d34337da951d64b lib/techniques/union/test.py
|
||||
afd4d2e3896853299a9b449fe6db626a lib/techniques/union/use.py
|
||||
26c1babc6289fac9056f8b21d10f3bb1 lib/utils/api.py
|
||||
7c94b6c3088b68975d468c86d47b1b03 lib/utils/crawler.py
|
||||
84604ae4cf0f31602b412036b51f5dae lib/utils/deps.py
|
||||
2f76b2667244d849cf8401446f571258 lib/utils/deps.py
|
||||
4dfd3a95e73e806f62372d63bc82511f lib/utils/getch.py
|
||||
f71a7b0aec145ba77edd3c4543621fb9 lib/utils/hashdb.py
|
||||
0330607242d4f704ae6d7bba5f52ccae lib/utils/hash.py
|
||||
|
@ -113,7 +113,7 @@ da08a0b58c08ff452c7d1da4857d6680 lib/utils/progress.py
|
|||
cc9b0f68dd58a2576a5a454b7f5f6b9c lib/utils/search.py
|
||||
f976d920f13dee6ebf3e247e43dc8375 lib/utils/sqlalchemy.py
|
||||
93dc08ba9f732d378f02cf85eae89df2 lib/utils/timeout.py
|
||||
e6fa0e76367a77015da113811dfd9712 lib/utils/versioncheck.py
|
||||
e862dae0484e32691994390efa15c379 lib/utils/versioncheck.py
|
||||
adafdb28095ba2d03322fee2aae4548f lib/utils/xrange.py
|
||||
988100b4a1cd3b07acfd8b6ec692aed5 plugins/dbms/access/connector.py
|
||||
27a5ae5611836b073dd53b21435f0979 plugins/dbms/access/enumeration.py
|
||||
|
@ -134,7 +134,7 @@ b95216204096179fd50004c489ba5c6e plugins/dbms/db2/fingerprint.py
|
|||
9e12a966e280951deb996a8a634eb9e2 plugins/dbms/firebird/filesystem.py
|
||||
74f0a234bcb11cac697751ef9488579b plugins/dbms/firebird/fingerprint.py
|
||||
0f9bf6cf9dad52336ad1c528bdb4d142 plugins/dbms/firebird/__init__.py
|
||||
d16de4d9516f95956d4518e9412de77a plugins/dbms/firebird/syntax.py
|
||||
0d257a96a54ec2f25798d1c2d8b92227 plugins/dbms/firebird/syntax.py
|
||||
80496d64b22c10ed4893b4149a162365 plugins/dbms/firebird/takeover.py
|
||||
e125fb5d8d75861532a01828d829d85e plugins/dbms/hsqldb/connector.py
|
||||
8fbc4653d0c880ca78278c8ae6823136 plugins/dbms/hsqldb/enumeration.py
|
||||
|
@ -191,7 +191,7 @@ cac6bd84d44ac929da6800719279875b plugins/dbms/oracle/takeover.py
|
|||
f3318e79b1130e052242db8299eb1968 plugins/dbms/sqlite/filesystem.py
|
||||
17752c107b24f5a83926f8c62a50f15a plugins/dbms/sqlite/fingerprint.py
|
||||
098c50a83ceca04e3acc67a7c66fb0d2 plugins/dbms/sqlite/__init__.py
|
||||
a27325e2c88a0d38fe871509329cc9d5 plugins/dbms/sqlite/syntax.py
|
||||
cfd9cad568949aa8728b7ddcc5f5828e plugins/dbms/sqlite/syntax.py
|
||||
53b0be0cb6599d042bf6772e62b25ca5 plugins/dbms/sqlite/takeover.py
|
||||
579d582f3716c310689b4aa7317b57df plugins/dbms/sybase/connector.py
|
||||
7d58cbb4527d7a48ca05037f0b2ffe0a plugins/dbms/sybase/enumeration.py
|
||||
|
@ -201,7 +201,7 @@ d0c7cc8ec2aa716b2e5cd3b5ab805c3a plugins/dbms/sybase/__init__.py
|
|||
4763a90266c1633054ad7f3f0926a71d plugins/dbms/sybase/syntax.py
|
||||
7a1c6cb238b5b464e1e9641469e6e503 plugins/dbms/sybase/takeover.py
|
||||
62faa58e5aace4b6a6d562788685186f plugins/generic/connector.py
|
||||
cdbf6eec4a94f830deb7dbab1c1a2935 plugins/generic/custom.py
|
||||
33f214396e5a4da2fd2ea8d985e6de63 plugins/generic/custom.py
|
||||
f27f76bfd2ed9ce384dcd43fb7e10226 plugins/generic/databases.py
|
||||
1177bbad4e77a2ca85e0054569e03d38 plugins/generic/entries.py
|
||||
e335b868f5fb1154c9f72143d602915d plugins/generic/enumeration.py
|
||||
|
|
Loading…
Reference in New Issue
Block a user