From f94b91ad8798da612c9ffd330ef45c7a3a786b50 Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Fri, 24 Feb 2012 13:07:20 +0000 Subject: [PATCH] added helper function for HashDB data storing/retrieval --- lib/controller/controller.py | 10 ++++++---- lib/core/common.py | 14 ++++++++++++++ lib/request/inject.py | 6 ++++-- lib/techniques/blind/inference.py | 8 +++++--- lib/techniques/brute/use.py | 6 ++++-- lib/techniques/error/use.py | 6 ++++-- lib/techniques/union/use.py | 6 ++++-- lib/utils/hash.py | 8 +++++--- 8 files changed, 46 insertions(+), 18 deletions(-) diff --git a/lib/controller/controller.py b/lib/controller/controller.py index a68d0de14..3ad3dd99e 100644 --- a/lib/controller/controller.py +++ b/lib/controller/controller.py @@ -26,6 +26,8 @@ from lib.core.common import extractRegexResult from lib.core.common import getFilteredPageContent from lib.core.common import getPublicTypeMembers from lib.core.common import getUnicode +from lib.core.common import hashDBRetrieve +from lib.core.common import hashDBWrite from lib.core.common import intersect from lib.core.common import parseTargetUrl from lib.core.common import randomStr @@ -179,12 +181,12 @@ def __saveToSessionFile(): setInjection(inj) def __saveToHashDB(): - _ = conf.hashDB.retrieve(HASHDB_KEYS.KB_ABS_FILE_PATHS, True) or set() + _ = hashDBRetrieve(HASHDB_KEYS.KB_ABS_FILE_PATHS, True) or set() _.update(kb.absFilePaths) - conf.hashDB.write(HASHDB_KEYS.KB_ABS_FILE_PATHS, _, True) + hashDBWrite(HASHDB_KEYS.KB_ABS_FILE_PATHS, _, True) - if not conf.hashDB.retrieve(HASHDB_KEYS.KB_CHARS): - conf.hashDB.write(HASHDB_KEYS.KB_CHARS, kb.chars, True) + if not hashDBRetrieve(HASHDB_KEYS.KB_CHARS): + hashDBWrite(HASHDB_KEYS.KB_CHARS, kb.chars, True) def __saveToResultsFile(): if not conf.resultsFP: diff --git a/lib/core/common.py b/lib/core/common.py index 83a0a3113..998b7ed55 100644 --- a/lib/core/common.py +++ b/lib/core/common.py @@ -3176,3 +3176,17 @@ def setFormatterPrependFlag(value=True): """ FORMATTER._prepend_flag = value + +def hashDBWrite(key, value, serialize=False): + """ + Helper function for writing session data to HashDB + """ + + conf.hashDB.write(key, value, serialize) + +def hashDBRetrieve(key, unserialize=False): + """ + Helper function for restoring session data from HashDB + """ + + return conf.hashDB.retrieve(key, unserialize) if not any([conf.flushSession, conf.freshQueries, not kb.resumeValues]) else None diff --git a/lib/request/inject.py b/lib/request/inject.py index b99cf9d5b..50c2fd5d5 100644 --- a/lib/request/inject.py +++ b/lib/request/inject.py @@ -19,6 +19,8 @@ from lib.core.common import dataToSessionFile from lib.core.common import expandAsteriskForColumns from lib.core.common import extractExpectedValue from lib.core.common import getPublicTypeMembers +from lib.core.common import hashDBRetrieve +from lib.core.common import hashDBWrite from lib.core.common import initTechnique from lib.core.common import isNumPosStrValue from lib.core.common import isTechniqueAvailable @@ -315,13 +317,13 @@ def __goBooleanProxy(expression): payload = agent.payload(newValue=query) timeBasedCompare = kb.technique in (PAYLOAD.TECHNIQUE.TIME, PAYLOAD.TECHNIQUE.STACKED) - output = conf.hashDB.retrieve(expression) if not any([conf.flushSession, conf.freshQueries, not kb.resumeValues]) else None + output = hashDBRetrieve(expression) if not output: output = Request.queryPage(payload, timeBasedCompare=timeBasedCompare, raise404=False) if output is not None: - conf.hashDB.write(expression, output) + hashDBWrite(expression, output) return output diff --git a/lib/techniques/blind/inference.py b/lib/techniques/blind/inference.py index 127ccdb16..e33ab9d23 100644 --- a/lib/techniques/blind/inference.py +++ b/lib/techniques/blind/inference.py @@ -21,6 +21,8 @@ from lib.core.common import getCharset from lib.core.common import getCounter from lib.core.common import goGoodSamaritan from lib.core.common import getPartRun +from lib.core.common import hashDBRetrieve +from lib.core.common import hashDBWrite from lib.core.common import incrementCounter from lib.core.common import safeStringFormat from lib.core.common import setFormatterPrependFlag @@ -57,7 +59,7 @@ def bisection(payload, expression, length=None, charsetType=None, firstChar=None abortedFlag = False asciiTbl = getCharset(charsetType) timeBasedCompare = (kb.technique in (PAYLOAD.TECHNIQUE.TIME, PAYLOAD.TECHNIQUE.STACKED)) - retVal = conf.hashDB.retrieve(expression) if not any([conf.flushSession, conf.freshQueries, not kb.resumeValues]) else None + retVal = hashDBRetrieve(expression) if retVal: if PARTIAL_VALUE_MARKER in retVal: @@ -517,9 +519,9 @@ def bisection(payload, expression, length=None, charsetType=None, firstChar=None if finalValue is not None: finalValue = decodeHexValue(finalValue) if conf.hexConvert else finalValue - conf.hashDB.write(expression, finalValue) + hashDBWrite(expression, finalValue) else: - conf.hashDB.write(expression, "%s%s" % (PARTIAL_VALUE_MARKER, partialValue)) + hashDBWrite(expression, "%s%s" % (PARTIAL_VALUE_MARKER, partialValue)) if kb.threadException: raise sqlmapThreadException, "something unexpected happened inside the threads" diff --git a/lib/techniques/brute/use.py b/lib/techniques/brute/use.py index 9c71a68b2..cd89fd83b 100644 --- a/lib/techniques/brute/use.py +++ b/lib/techniques/brute/use.py @@ -15,6 +15,8 @@ from lib.core.common import filterListValue from lib.core.common import getFileItems from lib.core.common import Backend from lib.core.common import getPageWordSet +from lib.core.common import hashDBRetrieve +from lib.core.common import hashDBWrite from lib.core.common import randomInt from lib.core.common import randomStr from lib.core.common import safeStringFormat @@ -132,7 +134,7 @@ def tableExists(tableFile, regex=None): if _ not in kb.brute.tables: kb.brute.tables.append(_) - conf.hashDB.write(HASHDB_KEYS.KB_BRUTE_TABLES, kb.brute.tables, True) + hashDBWrite(HASHDB_KEYS.KB_BRUTE_TABLES, kb.brute.tables, True) return kb.data.cachedTables @@ -231,6 +233,6 @@ def columnExists(columnFile, regex=None): if _ not in kb.brute.columns: kb.brute.columns.append(_) - conf.hashDB.write(HASHDB_KEYS.KB_BRUTE_COLUMNS, kb.brute.columns, True) + hashDBWrite(HASHDB_KEYS.KB_BRUTE_COLUMNS, kb.brute.columns, True) return kb.data.cachedColumns diff --git a/lib/techniques/error/use.py b/lib/techniques/error/use.py index 3819fd69b..6b90644be 100644 --- a/lib/techniques/error/use.py +++ b/lib/techniques/error/use.py @@ -19,6 +19,8 @@ from lib.core.common import dataToStdout from lib.core.common import decodeHexValue from lib.core.common import extractRegexResult from lib.core.common import getUnicode +from lib.core.common import hashDBRetrieve +from lib.core.common import hashDBWrite from lib.core.common import incrementCounter from lib.core.common import initTechnique from lib.core.common import isNumPosStrValue @@ -43,7 +45,7 @@ from lib.core.unescaper import unescaper from lib.request.connect import Connect as Request def __oneShotErrorUse(expression, field): - retVal = conf.hashDB.retrieve(expression) if not any([conf.flushSession, conf.freshQueries, not kb.resumeValues]) else None + retVal = hashDBRetrieve(expression) threadData = getCurrentThreadData() threadData.resumed = retVal is not None @@ -126,7 +128,7 @@ def __oneShotErrorUse(expression, field): retVal = __errorReplaceChars(retVal) - conf.hashDB.write(expression, retVal) + hashDBWrite(expression, retVal) else: _ = "%s(?P.*?)%s" % (kb.chars.start, kb.chars.stop) diff --git a/lib/techniques/union/use.py b/lib/techniques/union/use.py index 486d1c480..814b10ab0 100644 --- a/lib/techniques/union/use.py +++ b/lib/techniques/union/use.py @@ -20,6 +20,8 @@ from lib.core.common import dataToStdout from lib.core.common import extractRegexResult from lib.core.common import getConsoleWidth from lib.core.common import getUnicode +from lib.core.common import hashDBRetrieve +from lib.core.common import hashDBWrite from lib.core.common import incrementCounter from lib.core.common import initTechnique from lib.core.common import isNumPosStrValue @@ -43,7 +45,7 @@ from lib.core.unescaper import unescaper from lib.request.connect import Connect as Request def __oneShotUnionUse(expression, unpack=True, limited=False): - retVal = conf.hashDB.retrieve(expression) if not any([conf.flushSession, conf.freshQueries, not kb.resumeValues]) else None + retVal = hashDBRetrieve(expression) threadData = getCurrentThreadData() threadData.resumed = retVal is not None @@ -92,7 +94,7 @@ def __oneShotUnionUse(expression, unpack=True, limited=False): warnMsg += "issues) or switch '--hex'" singleTimeWarnMessage(warnMsg) - conf.hashDB.write(expression, retVal) + hashDBWrite(expression, retVal) return retVal diff --git a/lib/utils/hash.py b/lib/utils/hash.py index 88c652fff..290a29076 100644 --- a/lib/utils/hash.py +++ b/lib/utils/hash.py @@ -38,6 +38,8 @@ from lib.core.common import dataToStdout from lib.core.common import getCompiledRegex from lib.core.common import getFileItems from lib.core.common import getPublicTypeMembers +from lib.core.common import hashDBRetrieve +from lib.core.common import hashDBWrite from lib.core.common import normalizeUnicode from lib.core.common import paths from lib.core.common import readInput @@ -592,7 +594,7 @@ def dictionaryAttack(attack_dict): item = [(user, hash_), {'salt': hash_[4:12], 'count': 1<