sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-11-22 09:36:35 +03:00
Code Issues Packages Projects Releases Wiki Activity

Minor cleanup and one bug fix

Browse Source
This commit is contained in:
Miroslav Stampar 2017-04-19 14:46:27 +02:00
parent c8a0c525fc
commit fc8eede952
19 changed files with 91 additions and 106 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
lib/controller/checks.py
View File

@ -739,7 +739,7 @@ def checkSqlInjection(place, parameter, value):
logger.warn(warnMsg) logger.warn(warnMsg)
msg = "how do you want to proceed? [(S)kip current test/(e)nd detection phase/(n)ext parameter/(c)hange verbosity/(q)uit]" msg = "how do you want to proceed? [(S)kip current test/(e)nd detection phase/(n)ext parameter/(c)hange verbosity/(q)uit]"
choice = readInput(msg, default='S', checkBatch=False).strip().upper() choice = readInput(msg, default='S', checkBatch=False).upper()
if choice == 'C': if choice == 'C':
choice = None choice = None
@ -747,7 +747,7 @@ def checkSqlInjection(place, parameter, value):
if choice: if choice:
logger.warn("invalid value") logger.warn("invalid value")
msg = "enter new verbosity level: [0-6] " msg = "enter new verbosity level: [0-6] "
choice = readInput(msg, default=str(conf.verbose), checkBatch=False).strip() choice = readInput(msg, default=str(conf.verbose), checkBatch=False)
conf.verbose = int(choice) conf.verbose = int(choice)
setVerbosity() setVerbosity()
tests.insert(0, test) tests.insert(0, test)
@ -998,7 +998,7 @@ def heuristicCheckSqlInjection(place, parameter):
if kb.ignoreCasted is None: if kb.ignoreCasted is None:
message = "do you want to skip those kind of cases (and save scanning time)? %s " % ("[Y/n]" if conf.multipleTargets else "[y/N]") message = "do you want to skip those kind of cases (and save scanning time)? %s " % ("[Y/n]" if conf.multipleTargets else "[y/N]")
kb.ignoreCasted = readInput(message, default='Y' if conf.multipleTargets else 'N').upper() != 'N' kb.ignoreCasted = readInput(message, default='Y' if conf.multipleTargets else 'N', boolean=True)
elif result: elif result:
infoMsg += "be injectable" infoMsg += "be injectable"
@ -1176,7 +1176,7 @@ def checkStability():
logger.warn(warnMsg) logger.warn(warnMsg)
message = "how do you want to proceed? [(C)ontinue/(s)tring/(r)egex/(q)uit] " message = "how do you want to proceed? [(C)ontinue/(s)tring/(r)egex/(q)uit] "
choice = readInput(message, default='C').strip().upper() choice = readInput(message, default='C').upper()
if choice == 'Q': if choice == 'Q':
raise SqlmapUserQuitException raise SqlmapUserQuitException
@ -1306,9 +1306,8 @@ def checkWaf():
if not conf.identifyWaf: if not conf.identifyWaf:
message = "do you want sqlmap to try to detect backend " message = "do you want sqlmap to try to detect backend "
message += "WAF/IPS/IDS? [y/N] " message += "WAF/IPS/IDS? [y/N] "
output = readInput(message, default="N")
if output and output[0] in ("Y", "y"): if readInput(message, default='N', boolean=True):
conf.identifyWaf = True conf.identifyWaf = True
if conf.timeout == defaults.timeout: if conf.timeout == defaults.timeout:

18
lib/controller/controller.py
View File

@ -116,11 +116,11 @@ def _selectInjection():
message += "\n" message += "\n"
message += "[q] Quit" message += "[q] Quit"
select = readInput(message, default="0") choice = readInput(message, default='0').upper()
if select.isdigit() and int(select) < len(kb.injections) and int(select) >= 0: if choice.isdigit() and int(choice) < len(kb.injections) and int(choice) >= 0:
index = int(select) index = int(choice)
elif select[0] in ("Q", "q"): elif choice == 'Q':
raise SqlmapUserQuitException raise SqlmapUserQuitException
else: else:
errMsg = "invalid choice" errMsg = "invalid choice"
@ -184,7 +184,7 @@ def _randomFillBlankFields(value):
if extractRegexResult(EMPTY_FORM_FIELDS_REGEX, value): if extractRegexResult(EMPTY_FORM_FIELDS_REGEX, value):
message = "do you want to fill blank fields with random values? [Y/n] " message = "do you want to fill blank fields with random values? [Y/n] "
if readInput(message, default="Y", boolean=True): if readInput(message, default='Y', boolean=True):
for match in re.finditer(EMPTY_FORM_FIELDS_REGEX, retVal): for match in re.finditer(EMPTY_FORM_FIELDS_REGEX, retVal):
item = match.group("result") item = match.group("result")
if not any(_ in item for _ in IGNORE_PARAMETERS) and not re.search(ASP_NET_CONTROL_REGEX, item): if not any(_ in item for _ in IGNORE_PARAMETERS) and not re.search(ASP_NET_CONTROL_REGEX, item):
@ -306,7 +306,7 @@ def start():
message += "against '%s'. Do you want to skip " % conf.hostname message += "against '%s'. Do you want to skip " % conf.hostname
message += "further tests involving it? [Y/n]" message += "further tests involving it? [Y/n]"
kb.skipVulnHost = readInput(message, default="Y", boolean=True) kb.skipVulnHost = readInput(message, default='Y', boolean=True)
testSqlInj = not kb.skipVulnHost testSqlInj = not kb.skipVulnHost
@ -334,7 +334,7 @@ def start():
continue continue
message += "\ndo you want to test this form? [Y/n/q] " message += "\ndo you want to test this form? [Y/n/q] "
choice = readInput(message, default='Y').strip().upper() choice = readInput(message, default='Y').upper()
if choice == 'N': if choice == 'N':
continue continue
@ -360,7 +360,7 @@ def start():
else: else:
message += "\ndo you want to test this URL? [Y/n/q]" message += "\ndo you want to test this URL? [Y/n/q]"
choice = readInput(message, default='Y').strip().upper() choice = readInput(message, default='Y').upper()
if choice == 'N': if choice == 'N':
dataToStdout(os.linesep) dataToStdout(os.linesep)
@ -640,7 +640,7 @@ def start():
logger.warn(warnMsg) logger.warn(warnMsg)
message = "do you want to skip to the next target in list? [Y/n/q]" message = "do you want to skip to the next target in list? [Y/n/q]"
choice = readInput(message, default='Y').strip().upper() choice = readInput(message, default='Y').upper()
if choice == 'N': if choice == 'N':
return False return False

35
lib/core/common.py
View File

@ -322,14 +322,14 @@ class Backend:
msg += "correct [%s (default)/%s] " % (kb.dbms, dbms) msg += "correct [%s (default)/%s] " % (kb.dbms, dbms)
while True: while True:
_ = readInput(msg, default=kb.dbms) choice = readInput(msg, default=kb.dbms)
if aliasToDbmsEnum(_) == kb.dbms: if aliasToDbmsEnum(choice) == kb.dbms:
kb.dbmsVersion = [] kb.dbmsVersion = []
kb.resolutionDbms = kb.dbms kb.resolutionDbms = kb.dbms
break break
elif aliasToDbmsEnum(_) == dbms: elif aliasToDbmsEnum(choice) == dbms:
kb.dbms = aliasToDbmsEnum(_) kb.dbms = aliasToDbmsEnum(choice)
break break
else: else:
warnMsg = "invalid value" warnMsg = "invalid value"
@ -382,12 +382,12 @@ class Backend:
msg += "correct [%s (default)/%s] " % (kb.os, os) msg += "correct [%s (default)/%s] " % (kb.os, os)
while True: while True:
_ = readInput(msg, default=kb.os) choice = readInput(msg, default=kb.os)
if _ == kb.os: if choice == kb.os:
break break
elif _ == os: elif choice == os:
kb.os = _.capitalize() kb.os = choice.capitalize()
break break
else: else:
warnMsg = "invalid value" warnMsg = "invalid value"
@ -421,10 +421,10 @@ class Backend:
msg += "\n[2] 64-bit" msg += "\n[2] 64-bit"
while True: while True:
_ = readInput(msg, default='1') choice = readInput(msg, default='1')
if isinstance(_, basestring) and _.isdigit() and int(_) in (1, 2): if isinstance(choice, basestring) and choice.isdigit() and int(choice) in (1, 2):
kb.arch = 32 if int(_) == 1 else 64 kb.arch = 32 if int(choice) == 1 else 64
break break
else: else:
warnMsg = "invalid value. Valid values are 1 and 2" warnMsg = "invalid value. Valid values are 1 and 2"
@ -754,17 +754,17 @@ def getManualDirectories():
message += "[2] custom location(s)\n" message += "[2] custom location(s)\n"
message += "[3] custom directory list file\n" message += "[3] custom directory list file\n"
message += "[4] brute force search" message += "[4] brute force search"
choice = readInput(message, default="1").strip() choice = readInput(message, default='1')
if choice == "2": if choice == '2':
message = "please provide a comma separate list of absolute directory paths: " message = "please provide a comma separate list of absolute directory paths: "
directories = readInput(message, default="").split(',') directories = readInput(message, default="").split(',')
elif choice == "3": elif choice == '3':
message = "what's the list file location?\n" message = "what's the list file location?\n"
listPath = readInput(message, default="") listPath = readInput(message, default="")
checkFile(listPath) checkFile(listPath)
directories = getFileItems(listPath) directories = getFileItems(listPath)
elif choice == "4": elif choice == '4':
targets = set([conf.hostname]) targets = set([conf.hostname])
_ = conf.hostname.split('.') _ = conf.hostname.split('.')
@ -1038,8 +1038,11 @@ def readInput(message, default=None, checkBatch=True, boolean=False):
finally: finally:
logging._releaseLock() logging._releaseLock()
if retVal and default and isinstance(default, basestring) and len(default) == 1:
retVal = retVal.strip()
if boolean: if boolean:
retVal = retVal.strip().upper == 'Y' retVal = retVal.strip().upper() == 'Y'
return retVal return retVal

2
lib/core/option.py
View File

@ -944,7 +944,7 @@ def _setTamperingFunctions():
message = "it appears that you might have mixed " message = "it appears that you might have mixed "
message += "the order of tamper scripts. " message += "the order of tamper scripts. "
message += "Do you want to auto resolve this? [Y/n/q] " message += "Do you want to auto resolve this? [Y/n/q] "
choice = readInput(message, default='Y').strip().upper() choice = readInput(message, default='Y').upper()
if choice == 'N': if choice == 'N':
resolve_priorities = False resolve_priorities = False

2
lib/core/settings.py
View File

@ -19,7 +19,7 @@ from lib.core.enums import DBMS_DIRECTORY_NAME
from lib.core.enums import OS from lib.core.enums import OS
# sqlmap version (<major>.<minor>.<month>.<monthly commit>) # sqlmap version (<major>.<minor>.<month>.<monthly commit>)
VERSION = "1.1.4.37" VERSION = "1.1.4.38"
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable" TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34} TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE) VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)

12
lib/core/target.py
View File

@ -152,7 +152,7 @@ def _setRequestParams():
elif re.search(JSON_LIKE_RECOGNITION_REGEX, conf.data): elif re.search(JSON_LIKE_RECOGNITION_REGEX, conf.data):
message = "JSON-like data found in %s data. " % conf.method message = "JSON-like data found in %s data. " % conf.method
message += "Do you want to process it? [Y/n/q] " message += "Do you want to process it? [Y/n/q] "
choice = readInput(message, default='Y').strip().upper() choice = readInput(message, default='Y').upper()
if choice == 'Q': if choice == 'Q':
raise SqlmapUserQuitException raise SqlmapUserQuitException
@ -166,7 +166,7 @@ def _setRequestParams():
elif re.search(ARRAY_LIKE_RECOGNITION_REGEX, conf.data): elif re.search(ARRAY_LIKE_RECOGNITION_REGEX, conf.data):
message = "Array-like data found in %s data. " % conf.method message = "Array-like data found in %s data. " % conf.method
message += "Do you want to process it? [Y/n/q] " message += "Do you want to process it? [Y/n/q] "
choice = readInput(message, default='Y').strip().upper() choice = readInput(message, default='Y').upper()
if choice == 'Q': if choice == 'Q':
raise SqlmapUserQuitException raise SqlmapUserQuitException
@ -178,7 +178,7 @@ def _setRequestParams():
elif re.search(XML_RECOGNITION_REGEX, conf.data): elif re.search(XML_RECOGNITION_REGEX, conf.data):
message = "SOAP/XML data found in %s data. " % conf.method message = "SOAP/XML data found in %s data. " % conf.method
message += "Do you want to process it? [Y/n/q] " message += "Do you want to process it? [Y/n/q] "
choice = readInput(message, default='Y').strip().upper() choice = readInput(message, default='Y').upper()
if choice == 'Q': if choice == 'Q':
raise SqlmapUserQuitException raise SqlmapUserQuitException
@ -191,7 +191,7 @@ def _setRequestParams():
elif re.search(MULTIPART_RECOGNITION_REGEX, conf.data): elif re.search(MULTIPART_RECOGNITION_REGEX, conf.data):
message = "Multipart-like data found in %s data. " % conf.method message = "Multipart-like data found in %s data. " % conf.method
message += "Do you want to process it? [Y/n/q] " message += "Do you want to process it? [Y/n/q] "
choice = readInput(message, default='Y').strip().upper() choice = readInput(message, default='Y').upper()
if choice == 'Q': if choice == 'Q':
raise SqlmapUserQuitException raise SqlmapUserQuitException
@ -228,7 +228,7 @@ def _setRequestParams():
message = "do you want to try URI injections " message = "do you want to try URI injections "
message += "in the target URL itself? [Y/n/q] " message += "in the target URL itself? [Y/n/q] "
choice = readInput(message, default='Y').strip().upper() choice = readInput(message, default='Y').upper()
if choice == 'Q': if choice == 'Q':
raise SqlmapUserQuitException raise SqlmapUserQuitException
@ -243,7 +243,7 @@ def _setRequestParams():
lut = {PLACE.URI: '-u', PLACE.CUSTOM_POST: '--data', PLACE.CUSTOM_HEADER: '--headers/--user-agent/--referer/--cookie'} lut = {PLACE.URI: '-u', PLACE.CUSTOM_POST: '--data', PLACE.CUSTOM_HEADER: '--headers/--user-agent/--referer/--cookie'}
message = "custom injection marking character ('%s') found in option " % CUSTOM_INJECTION_MARK_CHAR message = "custom injection marking character ('%s') found in option " % CUSTOM_INJECTION_MARK_CHAR
message += "'%s'. Do you want to process it? [Y/n/q] " % lut[place] message += "'%s'. Do you want to process it? [Y/n/q] " % lut[place]
choice = readInput(message, default='Y').strip().upper() choice = readInput(message, default='Y').upper()
if choice == 'Q': if choice == 'Q':
raise SqlmapUserQuitException raise SqlmapUserQuitException

2
lib/request/inject.py
View File

@ -208,7 +208,7 @@ def _goInferenceProxy(expression, fromUser=False, batch=False, unpack=True, char
message += "entries do you want to retrieve?\n" message += "entries do you want to retrieve?\n"
message += "[a] All (default)\n[#] Specific number\n" message += "[a] All (default)\n[#] Specific number\n"
message += "[q] Quit" message += "[q] Quit"
choice = readInput(message, default='A').strip().upper() choice = readInput(message, default='A').upper()
if choice == 'A': if choice == 'A':
stopLimit = count stopLimit = count

2
lib/request/redirecthandler.py
View File

@ -59,7 +59,7 @@ class SmartRedirectHandler(urllib2.HTTPRedirectHandler):
msg += "resend original POST data to a new " msg += "resend original POST data to a new "
msg += "location? [%s] " % ("Y/n" if not kb.originalPage else "y/N") msg += "location? [%s] " % ("Y/n" if not kb.originalPage else "y/N")
kb.resendPostOnRedirect = readInput(msg, default=("Y" if not kb.originalPage else "N"), boolean=True) kb.resendPostOnRedirect = readInput(msg, default=('Y' if not kb.originalPage else 'N'), boolean=True)
if kb.resendPostOnRedirect: if kb.resendPostOnRedirect:
self.redirect_request = self._redirect_request self.redirect_request = self._redirect_request

29
lib/takeover/udf.py
View File

@ -154,9 +154,8 @@ class UDF:
message = "do you want to proceed anyway? Beware that the " message = "do you want to proceed anyway? Beware that the "
message += "operating system takeover will fail [y/N] " message += "operating system takeover will fail [y/N] "
choice = readInput(message, default="N")
if choice and choice.lower() == "y": if readInput(message, default='N', boolean=True):
written = True written = True
else: else:
return False return False
@ -237,9 +236,9 @@ class UDF:
msg += "from the shared library? " msg += "from the shared library? "
while True: while True:
udfCount = readInput(msg, default=1) udfCount = readInput(msg, default='1')
if isinstance(udfCount, basestring) and udfCount.isdigit(): if udfCount.isdigit():
udfCount = int(udfCount) udfCount = int(udfCount)
if udfCount <= 0: if udfCount <= 0:
@ -247,10 +246,6 @@ class UDF:
return return
else: else:
break break
elif isinstance(udfCount, int):
break
else: else:
logger.warn("invalid value, only digits are allowed") logger.warn("invalid value, only digits are allowed")
@ -272,20 +267,16 @@ class UDF:
self.udfs[udfName]["input"] = [] self.udfs[udfName]["input"] = []
default = 1
msg = "how many input parameters takes UDF " msg = "how many input parameters takes UDF "
msg += "'%s'? (default: %d) " % (udfName, default) msg += "'%s'? (default: 1) " % udfName
while True: while True:
parCount = readInput(msg, default=default) parCount = readInput(msg, default='1')
if isinstance(parCount, basestring) and parCount.isdigit() and int(parCount) >= 0: if parCount.isdigit() and int(parCount) >= 0:
parCount = int(parCount) parCount = int(parCount)
break break
elif isinstance(parCount, int):
break
else: else:
logger.warn("invalid value, only digits >= 0 are allowed") logger.warn("invalid value, only digits >= 0 are allowed")
@ -294,9 +285,9 @@ class UDF:
msg += "number %d? (default: %s) " % ((y + 1), defaultType) msg += "number %d? (default: %s) " % ((y + 1), defaultType)
while True: while True:
parType = readInput(msg, default=defaultType) parType = readInput(msg, default=defaultType).strip()
if isinstance(parType, basestring) and parType.isdigit(): if parType.isdigit():
logger.warn("you need to specify the data-type of the parameter") logger.warn("you need to specify the data-type of the parameter")
else: else:
@ -323,7 +314,7 @@ class UDF:
msg = "do you want to call your injected user-defined " msg = "do you want to call your injected user-defined "
msg += "functions now? [Y/n/q] " msg += "functions now? [Y/n/q] "
choice = readInput(msg, default='Y').strip().upper() choice = readInput(msg, default='Y').upper()
if choice == 'N': if choice == 'N':
self.cleanup(udfDict=self.udfs) self.cleanup(udfDict=self.udfs)
@ -343,7 +334,7 @@ class UDF:
msg += "\n[q] Quit" msg += "\n[q] Quit"
while True: while True:
choice = readInput(msg).strip().upper() choice = readInput(msg).upper()
if choice == 'Q': if choice == 'Q':
break break

2
lib/utils/hash.py
View File

@ -482,7 +482,7 @@ def attackDumpedTable():
storeHashesToFile(attack_dict) storeHashesToFile(attack_dict)
message = "do you want to crack them via a dictionary-based attack? %s" % ("[y/N/q]" if conf.multipleTargets else "[Y/n/q]") message = "do you want to crack them via a dictionary-based attack? %s" % ("[y/N/q]" if conf.multipleTargets else "[Y/n/q]")
choice = readInput(message, default='N' if conf.multipleTargets else 'Y').strip().upper() choice = readInput(message, default='N' if conf.multipleTargets else 'Y').upper()
if choice == 'N': if choice == 'N':
return return

6
lib/utils/search.py
View File

@ -111,11 +111,11 @@ def _search(dork):
message += "\n[1] (re)try with DuckDuckGo (default)" message += "\n[1] (re)try with DuckDuckGo (default)"
message += "\n[2] (re)try with Disconnect Search" message += "\n[2] (re)try with Disconnect Search"
message += "\n[3] quit" message += "\n[3] quit"
choice = readInput(message, default="1").strip().upper() choice = readInput(message, default='1')
if choice == "Q": if choice == '3':
raise SqlmapUserQuitException raise SqlmapUserQuitException
elif choice == "2": elif choice == '2':
url = "https://search.disconnect.me/searchTerms/search?" url = "https://search.disconnect.me/searchTerms/search?"
url += "start=nav&option=Web" url += "start=nav&option=Web"
url += "&query=%s" % urlencode(dork, convall=True) url += "&query=%s" % urlencode(dork, convall=True)

2
plugins/dbms/maxdb/enumeration.py
View File

@ -172,7 +172,7 @@ class Enumeration(GenericEnumeration):
return kb.data.cachedColumns return kb.data.cachedColumns
message = "do you want to use common column existence check? [y/N/q] " message = "do you want to use common column existence check? [y/N/q] "
choice = readInput(message, default='Y' if 'Y' in message else 'N').strip().upper() choice = readInput(message, default='Y' if 'Y' in message else 'N').upper()
if choice == 'N': if choice == 'N':
return return

2
plugins/dbms/sybase/enumeration.py
View File

@ -240,7 +240,7 @@ class Enumeration(GenericEnumeration):
return kb.data.cachedColumns return kb.data.cachedColumns
message = "do you want to use common column existence check? [y/N/q] " message = "do you want to use common column existence check? [y/N/q] "
choice = readInput(message, default='Y' if 'Y' in message else 'N').strip().upper() choice = readInput(message, default='Y' if 'Y' in message else 'N').upper()
if choice == 'N': if choice == 'N':
return return

4
plugins/generic/databases.py
View File

@ -243,7 +243,7 @@ class Databases:
return kb.data.cachedTables return kb.data.cachedTables
message = "do you want to use common table existence check? %s " % ("[Y/n/q]" if Backend.getIdentifiedDbms() in (DBMS.ACCESS,) else "[y/N/q]") message = "do you want to use common table existence check? %s " % ("[Y/n/q]" if Backend.getIdentifiedDbms() in (DBMS.ACCESS,) else "[y/N/q]")
choice = readInput(message, default='Y' if 'Y' in message else 'N').strip().upper() choice = readInput(message, default='Y' if 'Y' in message else 'N').upper()
if choice == 'N': if choice == 'N':
return return
@ -486,7 +486,7 @@ class Databases:
return kb.data.cachedColumns return kb.data.cachedColumns
message = "do you want to use common column existence check? %s" % ("[Y/n/q]" if Backend.getIdentifiedDbms() in (DBMS.ACCESS,) else "[y/N/q]") message = "do you want to use common column existence check? %s" % ("[Y/n/q]" if Backend.getIdentifiedDbms() in (DBMS.ACCESS,) else "[y/N/q]")
choice = readInput(message, default='Y' if 'Y' in message else 'N').strip().upper() choice = readInput(message, default='Y' if 'Y' in message else 'N').upper()
if choice == 'N': if choice == 'N':
return return

6
plugins/generic/fingerprint.py
View File

@ -45,12 +45,12 @@ class Fingerprint:
msg = "do you want to provide the OS? [(W)indows/(l)inux]" msg = "do you want to provide the OS? [(W)indows/(l)inux]"
while True: while True:
os = readInput(msg, default="W") os = readInput(msg, default='W').upper()
if os[0].lower() == "w": if os == 'W':
Backend.setOs(OS.WINDOWS) Backend.setOs(OS.WINDOWS)
break break
elif os[0].lower() == "l": elif os == 'L':
Backend.setOs(OS.LINUX) Backend.setOs(OS.LINUX)
break break
else: else:

2
plugins/generic/search.py
View File

@ -146,7 +146,7 @@ class Search:
if bruteForce: if bruteForce:
message = "do you want to use common table existence check? %s" % ("[Y/n/q]" if Backend.getIdentifiedDbms() in (DBMS.ACCESS,) else "[y/N/q]") message = "do you want to use common table existence check? %s" % ("[Y/n/q]" if Backend.getIdentifiedDbms() in (DBMS.ACCESS,) else "[y/N/q]")
choice = readInput(message, default='Y' if 'Y' in message else 'N').strip().upper() choice = readInput(message, default='Y' if 'Y' in message else 'N').upper()
if choice == 'N': if choice == 'N':
return return

22
plugins/generic/takeover.py
View File

@ -96,20 +96,16 @@ class Takeover(Abstraction, Metasploit, ICMPsh, Registry, Miscellaneous):
msg = "how do you want to establish the tunnel?" msg = "how do you want to establish the tunnel?"
msg += "\n[1] TCP: Metasploit Framework (default)" msg += "\n[1] TCP: Metasploit Framework (default)"
msg += "\n[2] ICMP: icmpsh - ICMP tunneling" msg += "\n[2] ICMP: icmpsh - ICMP tunneling"
valids = (1, 2)
while True: while True:
tunnel = readInput(msg, default=1) tunnel = readInput(msg, default='1')
if isinstance(tunnel, basestring) and tunnel.isdigit() and int(tunnel) in valids: if tunnel.isdigit() and int(tunnel) in (1, 2):
tunnel = int(tunnel) tunnel = int(tunnel)
break break
elif isinstance(tunnel, int) and tunnel in valids:
break
else: else:
warnMsg = "invalid value, valid values are 1 and 2" warnMsg = "invalid value, valid values are '1' and '2'"
logger.warn(warnMsg) logger.warn(warnMsg)
else: else:
tunnel = 1 tunnel = 1
@ -170,17 +166,14 @@ class Takeover(Abstraction, Metasploit, ICMPsh, Registry, Miscellaneous):
msg += "\n[2] Via shellcodeexec (file system way, preferred on 64-bit systems)" msg += "\n[2] Via shellcodeexec (file system way, preferred on 64-bit systems)"
while True: while True:
choice = readInput(msg, default=1) choice = readInput(msg, default='1')
if isinstance(choice, basestring) and choice.isdigit() and int(choice) in (1, 2): if choice.isdigit() and int(choice) in (1, 2):
choice = int(choice) choice = int(choice)
break break
elif isinstance(choice, int) and choice in (1, 2):
break
else: else:
warnMsg = "invalid value, valid values are 1 and 2" warnMsg = "invalid value, valid values are '1' and '2'"
logger.warn(warnMsg) logger.warn(warnMsg)
if choice == 1: if choice == 1:
@ -457,9 +450,8 @@ class Takeover(Abstraction, Metasploit, ICMPsh, Registry, Miscellaneous):
message = "are you sure that you want to delete the Windows " message = "are you sure that you want to delete the Windows "
message += "registry path '%s\%s? [y/N] " % (regKey, regVal) message += "registry path '%s\%s? [y/N] " % (regKey, regVal)
output = readInput(message, default="N")
if output and output[0] not in ("Y", "y"): if not readInput(message, default='N', boolean=True):
return return
infoMsg = "deleting Windows registry path '%s\%s'. " % (regKey, regVal) infoMsg = "deleting Windows registry path '%s\%s'. " % (regKey, regVal)

2
plugins/generic/users.py
View File

@ -319,7 +319,7 @@ class Users:
message = "do you want to perform a dictionary-based attack " message = "do you want to perform a dictionary-based attack "
message += "against retrieved password hashes? [Y/n/q]" message += "against retrieved password hashes? [Y/n/q]"
choice = readInput(message, default='Y').strip().upper() choice = readInput(message, default='Y').upper()
if choice == 'N': if choice == 'N':
pass pass

36
txt/checksum.md5
View File

@ -21,13 +21,13 @@ c55b400b72acc43e0e59c87dd8bb8d75 extra/shellcodeexec/windows/shellcodeexec.x32.
310efc965c862cfbd7b0da5150a5ad36 extra/sqlharvest/__init__.py 310efc965c862cfbd7b0da5150a5ad36 extra/sqlharvest/__init__.py
7713aa366c983cdf1f3dbaa7383ea9e1 extra/sqlharvest/sqlharvest.py 7713aa366c983cdf1f3dbaa7383ea9e1 extra/sqlharvest/sqlharvest.py
7afe836fd97271ccba67b4c0da2482ff lib/controller/action.py 7afe836fd97271ccba67b4c0da2482ff lib/controller/action.py
21c79cf1a79b61c6d90f9bd249f71584 lib/controller/checks.py 95fda7f284e0a882634cf5e94cbb73e1 lib/controller/checks.py
adf62498f7f8c8f9af48350d3591e404 lib/controller/controller.py df647d57cf02cc0e4bda6b8ccc9d8138 lib/controller/controller.py
52a3969f57170e935e3fc0156335bf2c lib/controller/handler.py 52a3969f57170e935e3fc0156335bf2c lib/controller/handler.py
310efc965c862cfbd7b0da5150a5ad36 lib/controller/__init__.py 310efc965c862cfbd7b0da5150a5ad36 lib/controller/__init__.py
d3b4e1139bf117fe4cf6451d43d8253c lib/core/agent.py d3b4e1139bf117fe4cf6451d43d8253c lib/core/agent.py
6cc95a117fbd34ef31b9aa25520f0e31 lib/core/bigarray.py 6cc95a117fbd34ef31b9aa25520f0e31 lib/core/bigarray.py
dd39007e2dd0da81c712995a16775d0f lib/core/common.py d114fe95801c88816fa2eec493c39f01 lib/core/common.py
5065a4242a8cccf72f91e22e1007ae63 lib/core/convert.py 5065a4242a8cccf72f91e22e1007ae63 lib/core/convert.py
a8143dab9d3a27490f7d49b6b29ea530 lib/core/data.py a8143dab9d3a27490f7d49b6b29ea530 lib/core/data.py
7936d78b1a7f1f008ff92bf2f88574ba lib/core/datatype.py 7936d78b1a7f1f008ff92bf2f88574ba lib/core/datatype.py
@ -40,16 +40,16 @@ b9ff4e622c416116bee6024c0f050349 lib/core/enums.py
310efc965c862cfbd7b0da5150a5ad36 lib/core/__init__.py 310efc965c862cfbd7b0da5150a5ad36 lib/core/__init__.py
9ba39bf66e9ecd469446bdbbeda906c3 lib/core/log.py 9ba39bf66e9ecd469446bdbbeda906c3 lib/core/log.py
ebb778c2d26eba8b34d7d8658e4105a6 lib/core/optiondict.py ebb778c2d26eba8b34d7d8658e4105a6 lib/core/optiondict.py
ede9841e7cbbe841f41588f149e85789 lib/core/option.py 5c8f5d4abbe68fd33e2cd0a5e18eb783 lib/core/option.py
5f2f56e6c5f274408df61943f1e080c0 lib/core/profiling.py 5f2f56e6c5f274408df61943f1e080c0 lib/core/profiling.py
40be71cd774662a7b420caeb7051e7d5 lib/core/readlineng.py 40be71cd774662a7b420caeb7051e7d5 lib/core/readlineng.py
d8e9250f3775119df07e9070eddccd16 lib/core/replication.py d8e9250f3775119df07e9070eddccd16 lib/core/replication.py
785f86e3f963fa3798f84286a4e83ff2 lib/core/revision.py 785f86e3f963fa3798f84286a4e83ff2 lib/core/revision.py
40c80b28b3a5819b737a5a17d4565ae9 lib/core/session.py 40c80b28b3a5819b737a5a17d4565ae9 lib/core/session.py
73759e4a4c8395f11e8323a1c6f8dd11 lib/core/settings.py 4f82edf6827d8ee3da5079f40aff8875 lib/core/settings.py
d91291997d2bd2f6028aaf371bf1d3b6 lib/core/shell.py d91291997d2bd2f6028aaf371bf1d3b6 lib/core/shell.py
2ad85c130cc5f2b3701ea85c2f6bbf20 lib/core/subprocessng.py 2ad85c130cc5f2b3701ea85c2f6bbf20 lib/core/subprocessng.py
92e35ddfdf0e9676dd51565bcf4fa5cf lib/core/target.py 4edc215f120af6ad352401527ad9e4b3 lib/core/target.py
8970b88627902239d695280b1160e16c lib/core/testing.py 8970b88627902239d695280b1160e16c lib/core/testing.py
40881e63d516d8304fc19971049cded0 lib/core/threads.py 40881e63d516d8304fc19971049cded0 lib/core/threads.py
ad74fc58fc7214802fd27067bce18dd2 lib/core/unescaper.py ad74fc58fc7214802fd27067bce18dd2 lib/core/unescaper.py
@ -73,18 +73,18 @@ fb6b788d0016ab4ec5e5f661f0f702ad lib/request/direct.py
cc1163d38e9b7ee5db2adac6784c02bb lib/request/dns.py cc1163d38e9b7ee5db2adac6784c02bb lib/request/dns.py
5dcdb37823a0b5eff65cd1018bcf09e4 lib/request/httpshandler.py 5dcdb37823a0b5eff65cd1018bcf09e4 lib/request/httpshandler.py
310efc965c862cfbd7b0da5150a5ad36 lib/request/__init__.py 310efc965c862cfbd7b0da5150a5ad36 lib/request/__init__.py
27abed3fa36e256508eeeea0b0bf4458 lib/request/inject.py 70ec3f5bce37cdd7bf085ba2ddda30ac lib/request/inject.py
dc1e0af84ee8eb421797d61c8cb8f172 lib/request/methodrequest.py dc1e0af84ee8eb421797d61c8cb8f172 lib/request/methodrequest.py
bb9c165b050f7696b089b96b5947fac3 lib/request/pkihandler.py bb9c165b050f7696b089b96b5947fac3 lib/request/pkihandler.py
602d4338a9fceaaee40c601410d8ac0b lib/request/rangehandler.py 602d4338a9fceaaee40c601410d8ac0b lib/request/rangehandler.py
40719fa09d3d82b36badf981a8dc175c lib/request/redirecthandler.py 111b3ee936f23167b5654a5f72e9731b lib/request/redirecthandler.py
20a0e6dac2edcf98fa8c47ee9a332c28 lib/request/templates.py 20a0e6dac2edcf98fa8c47ee9a332c28 lib/request/templates.py
992a02767d12254784f15501a7ab8dd8 lib/takeover/abstraction.py 992a02767d12254784f15501a7ab8dd8 lib/takeover/abstraction.py
c6bc7961a186baabe0a9f5b7e0d8974b lib/takeover/icmpsh.py c6bc7961a186baabe0a9f5b7e0d8974b lib/takeover/icmpsh.py
310efc965c862cfbd7b0da5150a5ad36 lib/takeover/__init__.py 310efc965c862cfbd7b0da5150a5ad36 lib/takeover/__init__.py
c90c993b020a6ae0f0e497fd84f37466 lib/takeover/metasploit.py c90c993b020a6ae0f0e497fd84f37466 lib/takeover/metasploit.py
ac541a0d38e4ecb4e41e97799a7235f4 lib/takeover/registry.py ac541a0d38e4ecb4e41e97799a7235f4 lib/takeover/registry.py
6574edede6a96bbfa281e99dce3fecf9 lib/takeover/udf.py d466eab3ff82dbe29dc820e303eb4cff lib/takeover/udf.py
e7f3012f4f9e822d39eabd934d050b0e lib/takeover/web.py e7f3012f4f9e822d39eabd934d050b0e lib/takeover/web.py
604b087dc52dbcb4c3938ad1bf63829c lib/takeover/xp_cmdshell.py 604b087dc52dbcb4c3938ad1bf63829c lib/takeover/xp_cmdshell.py
9f03972ea5ce2df74d43be5f30f068eb lib/techniques/blind/inference.py 9f03972ea5ce2df74d43be5f30f068eb lib/techniques/blind/inference.py
@ -104,13 +104,13 @@ d3da4c7ceaf57c4687a052d58722f6bb lib/techniques/dns/use.py
ba12c69a90061aa14d848b8396e79191 lib/utils/deps.py ba12c69a90061aa14d848b8396e79191 lib/utils/deps.py
3b9fd519164e0bf275d5fd361c3f11ff lib/utils/getch.py 3b9fd519164e0bf275d5fd361c3f11ff lib/utils/getch.py
ccfdad414ce2ec0c394c3deaa39a82bf lib/utils/hashdb.py ccfdad414ce2ec0c394c3deaa39a82bf lib/utils/hashdb.py
7559c3cbfbaaf4812e72c4c7454e31d2 lib/utils/hash.py ff3b7796590db894a3686b3b67037b37 lib/utils/hash.py
e76a08237ee6a4cd6855af79610ea8a5 lib/utils/htmlentities.py e76a08237ee6a4cd6855af79610ea8a5 lib/utils/htmlentities.py
310efc965c862cfbd7b0da5150a5ad36 lib/utils/__init__.py 310efc965c862cfbd7b0da5150a5ad36 lib/utils/__init__.py
9d8c858417d356e49e1959ba253aede4 lib/utils/pivotdumptable.py 9d8c858417d356e49e1959ba253aede4 lib/utils/pivotdumptable.py
8520a745c9b4db3814fe46f4c34c6fbc lib/utils/progress.py 8520a745c9b4db3814fe46f4c34c6fbc lib/utils/progress.py
2c3638d499f3c01c34187e531f77d004 lib/utils/purge.py 2c3638d499f3c01c34187e531f77d004 lib/utils/purge.py
2da1b35339667646e51101adaa1dfc32 lib/utils/search.py 4bd7dd4fc8f299f1566a26ed6c2cefb5 lib/utils/search.py
569521a83b2b6c62497879267b963b21 lib/utils/sqlalchemy.py 569521a83b2b6c62497879267b963b21 lib/utils/sqlalchemy.py
caeea96ec9c9d489f615f282259b32ca lib/utils/timeout.py caeea96ec9c9d489f615f282259b32ca lib/utils/timeout.py
6fa36b9742293756b226cddee11b7d52 lib/utils/versioncheck.py 6fa36b9742293756b226cddee11b7d52 lib/utils/versioncheck.py
@ -152,7 +152,7 @@ f06d263b2c9b52ea7a120593eb5806c4 plugins/dbms/informix/fingerprint.py
744fb5044f2b9f9d5ebda6e3f08e3be7 plugins/dbms/informix/takeover.py 744fb5044f2b9f9d5ebda6e3f08e3be7 plugins/dbms/informix/takeover.py
310efc965c862cfbd7b0da5150a5ad36 plugins/dbms/__init__.py 310efc965c862cfbd7b0da5150a5ad36 plugins/dbms/__init__.py
e50b624ff23c3e180d80e065deb1763f plugins/dbms/maxdb/connector.py e50b624ff23c3e180d80e065deb1763f plugins/dbms/maxdb/connector.py
d2d178a98a84a819c3bbb777f8dd0788 plugins/dbms/maxdb/enumeration.py affabeab69a2c5d4fc66f84b5aeaf24a plugins/dbms/maxdb/enumeration.py
815ea8e7b9bd714d73d9d6c454aff774 plugins/dbms/maxdb/filesystem.py 815ea8e7b9bd714d73d9d6c454aff774 plugins/dbms/maxdb/filesystem.py
017c723354eff28188773670d3837c01 plugins/dbms/maxdb/fingerprint.py 017c723354eff28188773670d3837c01 plugins/dbms/maxdb/fingerprint.py
c03001c1f70e76de39d26241dfcbd033 plugins/dbms/maxdb/__init__.py c03001c1f70e76de39d26241dfcbd033 plugins/dbms/maxdb/__init__.py
@ -194,7 +194,7 @@ ee430d142fa8f9ee571578d0a0916679 plugins/dbms/sqlite/fingerprint.py
4827722159a89652005f49265bb55c43 plugins/dbms/sqlite/syntax.py 4827722159a89652005f49265bb55c43 plugins/dbms/sqlite/syntax.py
02ab8ff465da9dd31ffe6a963c676180 plugins/dbms/sqlite/takeover.py 02ab8ff465da9dd31ffe6a963c676180 plugins/dbms/sqlite/takeover.py
e3e78fab9b5eb97867699f0b20e59b62 plugins/dbms/sybase/connector.py e3e78fab9b5eb97867699f0b20e59b62 plugins/dbms/sybase/connector.py
a9d4bff10fdd2efedc4b35fd2b279eb8 plugins/dbms/sybase/enumeration.py e98b82180be4fc5bbf4dfe7247afcbfe plugins/dbms/sybase/enumeration.py
62d772c7cd08275e3503304ba90c4e8a plugins/dbms/sybase/filesystem.py 62d772c7cd08275e3503304ba90c4e8a plugins/dbms/sybase/filesystem.py
deed74334b637767fc9de8f74b37647a plugins/dbms/sybase/fingerprint.py deed74334b637767fc9de8f74b37647a plugins/dbms/sybase/fingerprint.py
45436a42c2bb8075e1482a950d993d55 plugins/dbms/sybase/__init__.py 45436a42c2bb8075e1482a950d993d55 plugins/dbms/sybase/__init__.py
@ -202,17 +202,17 @@ deed74334b637767fc9de8f74b37647a plugins/dbms/sybase/fingerprint.py
654cd5e69cf5e5c644bfa5d284e61206 plugins/dbms/sybase/takeover.py 654cd5e69cf5e5c644bfa5d284e61206 plugins/dbms/sybase/takeover.py
be7481a96214220bcd8f51ca00239bed plugins/generic/connector.py be7481a96214220bcd8f51ca00239bed plugins/generic/connector.py
5390591ca955036d492de11355b52e8f plugins/generic/custom.py 5390591ca955036d492de11355b52e8f plugins/generic/custom.py
3d6a7dce69bf4df8e3d5790076ba2190 plugins/generic/databases.py 4ad4bccc03256b8f3d21ba4f8f759404 plugins/generic/databases.py
5eae2e0992a719bfce9cf78ed0a0ea2f plugins/generic/entries.py 5eae2e0992a719bfce9cf78ed0a0ea2f plugins/generic/entries.py
55802d1d5d65938414c77ccc27731cab plugins/generic/enumeration.py 55802d1d5d65938414c77ccc27731cab plugins/generic/enumeration.py
0d10a0410c416fece51c26a935e68568 plugins/generic/filesystem.py 0d10a0410c416fece51c26a935e68568 plugins/generic/filesystem.py
feca57a968c528a2fe3ccafbc83a17f8 plugins/generic/fingerprint.py 2e397afd83939889d1a7a07893b19ae7 plugins/generic/fingerprint.py
310efc965c862cfbd7b0da5150a5ad36 plugins/generic/__init__.py 310efc965c862cfbd7b0da5150a5ad36 plugins/generic/__init__.py
84c16ffdf7047831355d1ecc09060e59 plugins/generic/misc.py 84c16ffdf7047831355d1ecc09060e59 plugins/generic/misc.py
7a0b472f3413c28d491a7b2c4bcfd063 plugins/generic/search.py 070f58c52e2a04e7a9896b42b2d17dc2 plugins/generic/search.py
562cfa80a15d5f7f1d52e10c5736d7e2 plugins/generic/syntax.py 562cfa80a15d5f7f1d52e10c5736d7e2 plugins/generic/syntax.py
3f520f49811197f24a3f223fc995028a plugins/generic/takeover.py fca9946e960942cc9b22ef26e12b8b3a plugins/generic/takeover.py
ee2a108effa7737b18c3930a8b9edf5b plugins/generic/users.py 156ea264f3f1c7fc18faa251cc1f1a4b plugins/generic/users.py
310efc965c862cfbd7b0da5150a5ad36 plugins/__init__.py 310efc965c862cfbd7b0da5150a5ad36 plugins/__init__.py
b04db3e861edde1f9dd0a3850d5b96c8 shell/backdoor.asp_ b04db3e861edde1f9dd0a3850d5b96c8 shell/backdoor.asp_
158bfa168128393dde8d6ed11fe9a1b8 shell/backdoor.aspx_ 158bfa168128393dde8d6ed11fe9a1b8 shell/backdoor.aspx_