diff --git a/lib/utils/api.py b/lib/utils/api.py index 3f5bf0183..43c27163c 100644 --- a/lib/utils/api.py +++ b/lib/utils/api.py @@ -98,16 +98,18 @@ class Task(object): def __init__(self, taskid): self.process = None self.output_directory = None + self.options = None + self._original_options = None self.initialize_options(taskid) def initialize_options(self, taskid): - dataype = {"boolean": False, "string": None, "integer": None, "float": None} + datatype = {"boolean": False, "string": None, "integer": None, "float": None} self.options = AttribDict() for _ in optDict: for name, type_ in optDict[_].items(): type_ = unArrayizeValue(type_) - self.options[name] = _defaults.get(name, dataype[type_]) + self.options[name] = _defaults.get(name, datatype[type_]) # Let sqlmap engine knows it is getting called by the API, the task ID and the file path of the IPC database self.options.api = True @@ -119,6 +121,8 @@ class Task(object): self.options.disableColoring = True self.options.eta = False + self._original_options = AttribDict(self.options) + def set_option(self, option, value): self.options[option] = value @@ -128,6 +132,9 @@ class Task(object): def get_options(self): return self.options + def reset_options(self): + self.options = AttribDict(self._original_options) + def set_output_directory(self): if not self.output_directory or not os.path.isdir(self.output_directory): self.output_directory = tempfile.mkdtemp(prefix="sqlmapoutput-") @@ -419,6 +426,8 @@ def scan_start(taskid): if taskid not in tasks: abort(500, "Invalid task ID") + tasks[taskid].reset_options() + # Initialize sqlmap engine's options with user's provided options, if any for option, value in request.json.items(): tasks[taskid].set_option(option, value) diff --git a/sqlmapapi.py b/sqlmapapi.py index f82e92c66..e6ed63281 100755 --- a/sqlmapapi.py +++ b/sqlmapapi.py @@ -42,3 +42,5 @@ if __name__ == "__main__": server(args.host, args.port) elif args.client is True: client(args.host, args.port) + else: + apiparser.print_help()