sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-11-28 20:43:49 +03:00
Code Issues Packages Projects Releases Wiki Activity

show warning when example is missing

Browse Source
This commit is contained in:
donnd-t 2021-09-17 18:44:18 +10:00
parent 59e8bb94f2
commit f031e00970
1 changed files with 41 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
lib/core/swagger.py
View File

@ -9,24 +9,27 @@ import json
from lib.core.data import logger from lib.core.data import logger
from lib.core.exception import SqlmapSyntaxException from lib.core.exception import SqlmapSyntaxException
from lib.core.exception import SqlmapSkipTargetException
class Operation: class Operation:
def __init__(self, op): def __init__(self, name, method, props):
self.op = op self.name = name
self.method = method
self.props = props
def tags(self): def tags(self):
return self.op["tags"] return self.props["tags"]
def parameters(self): def parameters(self):
return self.op["parameters"] return self.props["parameters"]
def parametersForTypes(self, types): def parametersForTypes(self, types):
return list(filter(lambda p: (p["in"] in types), self.parameters())) return list(filter(lambda p: (p["in"] in types), self.parameters()))
def bodyRef(self): def bodyRef(self):
if "requestBody" in self.op: if "requestBody" in self.props:
return self.op["requestBody"]["content"]["application/json"]["schema"]["$ref"] return self.props["requestBody"]["content"]["application/json"]["schema"]["$ref"]
return None return None
# header injection is not currently supported # header injection is not currently supported
@ -39,6 +42,8 @@ class Operation:
return None return None
queryString = "" queryString = ""
for qp in queryParameters: for qp in queryParameters:
if "example" not in qp:
raise SqlmapSkipTargetException("missing example for parameter '%s'" %qp["name"])
queryString += "&%s=%s" %(qp["name"], qp["example"]) queryString += "&%s=%s" %(qp["name"], qp["example"])
return queryString.replace('&', '', 1) return queryString.replace('&', '', 1)
@ -49,6 +54,8 @@ class Operation:
return path return path
parameterPath = path parameterPath = path
for p in pathParameters: for p in pathParameters:
if "example" not in p:
raise SqlmapSkipTargetException("missing example for parameter '%s'" %p["name"])
parameterPath = parameterPath.replace("{%s}" %p["name"], "%s*" %p["example"]) parameterPath = parameterPath.replace("{%s}" %p["name"], "%s*" %p["example"])
return parameterPath return parameterPath
@ -72,6 +79,9 @@ def _example(swagger, refPath):
example[prop] = _example(swagger, properties[prop]["$ref"]) example[prop] = _example(swagger, properties[prop]["$ref"])
elif properties[prop]["type"] == "array" and "$ref" in properties[prop]["items"]: elif properties[prop]["type"] == "array" and "$ref" in properties[prop]["items"]:
example[prop] = [ _example(swagger, properties[prop]["items"]["$ref"]) ] example[prop] = [ _example(swagger, properties[prop]["items"]["$ref"]) ]
else:
raise SqlmapSkipTargetException("missing example for parameter '%s'" %prop)
return example return example
@ -100,31 +110,28 @@ def parse(content, tags):
logger.info("swagger OpenAPI version '%s', server '%s'" %(swagger["openapi"], server)) logger.info("swagger OpenAPI version '%s', server '%s'" %(swagger["openapi"], server))
for path in swagger["paths"]: for path in swagger["paths"]:
for operation in swagger["paths"][path]: for method in swagger["paths"][path]:
op = Operation(swagger["paths"][path][operation]) op = Operation(path, method, swagger["paths"][path][method])
method = method.upper()
# skip any operations without one of our tags # skip any operations without one of our tags
if tags is not None and not any(tag in op.tags() for tag in tags): if tags is not None and not any(tag in op.tags() for tag in tags):
continue continue
try:
body = {} body = {}
bodyRef = op.bodyRef() bodyRef = op.bodyRef()
if bodyRef: if bodyRef:
body = _example(swagger, bodyRef) body = _example(swagger, bodyRef)
if not op.injectable(body): if op.injectable(body):
logger.info("excluding path '%s', operation '%s' as there are no parameters to inject" %(path, operation))
continue
url = None url = None
method = None
data = None data = None
cookie = None cookie = None
parameterPath = op.path(path) parameterPath = op.path(path)
qs = op.queryString() qs = op.queryString()
url = "%s%s" % (server, parameterPath) url = "%s%s" % (server, parameterPath)
method = operation.upper()
if body: if body:
data = json.dumps(body) data = json.dumps(body)
@ -133,6 +140,11 @@ def parse(content, tags):
logger.debug("including url '%s', method '%s', data '%s', cookie '%s'" %(url, method, data, cookie)) logger.debug("including url '%s', method '%s', data '%s', cookie '%s'" %(url, method, data, cookie))
yield (url, method, data, cookie, None) yield (url, method, data, cookie, None)
else:
logger.info("excluding path '%s', method '%s' as there are no parameters to inject" %(path, method))
except SqlmapSkipTargetException as e:
logger.warn("excluding path '%s', method '%s': %s" %(path, method, e))
except json.decoder.JSONDecodeError: except json.decoder.JSONDecodeError:
errMsg = "swagger file is not valid JSON" errMsg = "swagger file is not valid JSON"