upgraded to use custom subprocessng for non-blocking send and read functions for spawned processes. Added new method to display range of log messages, just in case and improved parsing/unpickling of read log messages

2024-11-26 03:23:48 +03:00 · 2013-01-10 00:01:28 +00:00 · 2013-01-10 00:01:28 +00:00 · ef40779ad3
commit ef40779ad3
parent 2126a5ba12
1 changed files with 43 additions and 8 deletions
--- a/lib/utils/api.py
+++ b/lib/utils/api.py
@ -14,7 +14,7 @@ import tempfile
 import types
 from subprocess import PIPE
-from subprocess import Popen
+from subprocess import STDOUT
 from lib.controller.controller import start
 from lib.core.common import unArrayizeValue
@ -32,6 +32,9 @@ from lib.core.exception import SqlmapMissingDependence
 from lib.core.optiondict import optDict
 from lib.core.option import init
 from lib.core.settings import UNICODE_ENCODING
 from lib.core.subprocessng import Popen as execute
 from lib.core.subprocessng import send_all
 from lib.core.subprocessng import recv_some
 from thirdparty.bottle.bottle import abort
 from thirdparty.bottle.bottle import error
 from thirdparty.bottle.bottle import get
@ -273,7 +276,7 @@ def scan_start(taskid):
    tasks[taskid]["fdLog"] = pipes[taskid][1]
    # Launch sqlmap engine
-    procs[taskid] = Popen("python sqlmap.py --pickled-options %s" % base64pickle(tasks[taskid]), shell=True, stdin=PIPE, stdout=PIPE, stderr=PIPE, close_fds=False)
+    procs[taskid] = execute("python sqlmap.py --pickled-options %s" % base64pickle(tasks[taskid]), shell=True, stdin=PIPE, stdout=PIPE, stderr=STDOUT, close_fds=False)
    return jsonize({"success": True})
@ -288,11 +291,9 @@ def scan_output(taskid):
    if taskid not in tasks:
        abort(500, "Invalid task ID")
-    stdout, stderr = procs[taskid].communicate()
+    stdout = recv_some(procs[taskid], t=1, e=0)
-    print "stderr:", stderr
+    return jsonize({"stdout": stdout})
    return jsonize({"stdout": stdout, "stderr": stderr})
@get("/scan/<taskid>/delete")
 def scan_delete(taskid):
@ -309,16 +310,50 @@ def scan_delete(taskid):
    return jsonize({"success": True})
-# Function to handle scans' logs
+# Functions to handle scans' logs
@get("/scan/<taskid>/log/<start>/<end>")
 def scan_log_limited(taskid, start, end):
    """
    Retrieve the log messages
    """
    log = None
    if taskid not in tasks:
        abort(500, "Invalid task ID")
    if not start.isdigit() or not end.isdigit() or end <= start:
        abort(500, "Invalid start or end value, must be digits")
    start = max(0, int(start)-1)
    end = max(1, int(end))
    pickledLog = os.read(pipes[taskid][0], 100000)
    try:
        log = base64unpickle(pickledLog)
        log = log[slice(start, end)]
    except (KeyError, IndexError, TypeError), e:
        logger.error("handled exception when trying to unpickle logger dictionary in scan_log_limited(): %s" % str(e))
    return jsonize({"log": log})
@get("/scan/<taskid>/log")
 def scan_log(taskid):
    """
    Retrieve the log messages
    """
    log = None
    if taskid not in tasks:
        abort(500, "Invalid task ID")
-    return jsonize({"log": base64unpickle(os.read(pipes[taskid][0], 100000))})
+    pickledLog = os.read(pipes[taskid][0], 100000)
    try:
        log = base64unpickle(pickledLog)
    except (KeyError, IndexError, TypeError), e:
        logger.error("handled exception when trying to unpickle logger dictionary in scan_log(): %s" % str(e))
    return jsonize({"log": log})
 # Function to handle files inside the output directory
@get("/download/<taskid>/<target>/<filename:path>")