sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-11-04 09:57:38 +03:00
Code Issues Packages Projects Releases Wiki Activity

Baby steps

Browse Source
This commit is contained in:
Miroslav Stampar 2019-01-22 01:28:24 +01:00
parent db3bed3f44
commit fd705c3dff
13 changed files with 51 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
extra/wafdetectify/wafdetectify.py
View File

@ -126,7 +126,7 @@ def main():
if not found:
print(colorize("[o] nothing found"))
print
print()
exit(int(not found))

2
lib/core/settings.py
View File

@ -19,7 +19,7 @@ from lib.core.enums import DBMS_DIRECTORY_NAME
from lib.core.enums import OS
# sqlmap version (<major>.<minor>.<month>.<monthly commit>)
VERSION = "1.3.1.61"
VERSION = "1.3.1.62"
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)

8
lib/core/threads.py
View File

@ -5,6 +5,8 @@ Copyright (c) 2006-2019 sqlmap developers (http://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
from __future__ import print_function
import difflib
import random
import threading
@ -167,7 +169,7 @@ def runThreads(numThreads, threadFunction, cleanupFunction=None, forwardExceptio
time.sleep(0.1)
except (KeyboardInterrupt, SqlmapUserQuitException) as ex:
print
print()
kb.prependFlag = False
kb.threadContinue = False
kb.threadException = True
@ -185,7 +187,7 @@ def runThreads(numThreads, threadFunction, cleanupFunction=None, forwardExceptio
raise
except (SqlmapConnectionException, SqlmapValueException) as ex:
print
print()
kb.threadException = True
logger.error("thread %s: %s" % (threading.currentThread().getName(), ex.message))
@ -195,7 +197,7 @@ def runThreads(numThreads, threadFunction, cleanupFunction=None, forwardExceptio
except:
from lib.core.common import unhandledExceptionMessage
print
print()
kb.threadException = True
errMsg = unhandledExceptionMessage()
logger.error("thread %s: %s" % (threading.currentThread().getName(), errMsg))

2
lib/parse/cmdline.py
View File

@ -794,7 +794,7 @@ def cmdLineParser(argv=None):
command = raw_input("sqlmap-shell> ").strip()
command = getUnicode(command, encoding=sys.stdin.encoding)
except (KeyboardInterrupt, EOFError):
print
print()
raise SqlmapShellQuitException
if not command:

4
lib/request/inject.py
View File

@ -5,6 +5,8 @@ Copyright (c) 2006-2019 sqlmap developers (http://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
from __future__ import print_function
import re
import time
@ -277,7 +279,7 @@ def _goInferenceProxy(expression, fromUser=False, batch=False, unpack=True, char
raise SqlmapDataException(errMsg)
except KeyboardInterrupt:
print
print()
warnMsg = "user aborted during dumping phase"
logger.warn(warnMsg)

6
lib/takeover/abstraction.py
View File

@ -5,6 +5,8 @@ Copyright (c) 2006-2019 sqlmap developers (http://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
from __future__ import print_function
import sys
from extra.safe2bin.safe2bin import safechardecode
@ -129,11 +131,11 @@ class Abstraction(Web, UDF, XP_cmdshell):
command = raw_input("os-shell> ")
command = getUnicode(command, encoding=sys.stdin.encoding)
except KeyboardInterrupt:
print
print()
errMsg = "user aborted"
logger.error(errMsg)
except EOFError:
print
print()
errMsg = "exit"
logger.error(errMsg)
break

4
lib/takeover/metasploit.py
View File

@ -5,6 +5,8 @@ Copyright (c) 2006-2019 sqlmap developers (http://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
from __future__ import print_function
import os
import re
import select
@ -483,7 +485,7 @@ class Metasploit:
send_all(proc, "getuid\n")
if conf.privEsc:
print
print()
infoMsg = "trying to escalate privileges using Meterpreter "
infoMsg += "'getsystem' command which tries different "

4
lib/techniques/error/use.py
View File

@ -5,6 +5,8 @@ Copyright (c) 2006-2019 sqlmap developers (http://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
from __future__ import print_function
import re
import time
@ -242,7 +244,7 @@ def _errorFields(expression, expressionFields, expressionFieldsList, num=None, e
if not suppressOutput:
if kb.fileReadMode and output and output.strip():
print
print()
elif output is not None and not (threadData.resumed and kb.suppressResumeInfo) and not (emptyFields and field in emptyFields):
status = "[%s] [INFO] %s: '%s'" % (time.strftime("%X"), "resumed" if threadData.resumed else "retrieved", output if kb.safeCharEncode else safecharencode(output))

4
lib/utils/api.py
View File

@ -6,6 +6,8 @@ Copyright (c) 2006-2019 sqlmap developers (http://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
from __future__ import print_function
import contextlib
import httplib
import logging
@ -762,7 +764,7 @@ def client(host=RESTAPI_DEFAULT_ADDRESS, port=RESTAPI_DEFAULT_PORT, username=Non
command = raw_input("api%s> " % (" (%s)" % taskid if taskid else "")).strip()
command = re.sub(r"\A(\w+)", lambda match: match.group(1).lower(), command)
except (EOFError, KeyboardInterrupt):
print
print()
break
if command in ("data", "log", "status", "stop", "kill"):

6
lib/utils/hash.py
View File

@ -5,6 +5,8 @@ Copyright (c) 2006-2019 sqlmap developers (http://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
from __future__ import print_function
try:
from crypt import crypt
except: # removed ImportError because of https://github.com/sqlmapproject/sqlmap/issues/3171
@ -1061,7 +1063,7 @@ def dictionaryAttack(attack_dict):
_bruteProcessVariantA(attack_info, hash_regex, suffix, retVal, 0, 1, kb.wordlists, custom_wordlist, conf.api)
except KeyboardInterrupt:
print
print()
processException = True
warnMsg = "user aborted during dictionary-based attack phase (Ctrl+C was pressed)"
logger.warn(warnMsg)
@ -1157,7 +1159,7 @@ def dictionaryAttack(attack_dict):
found = found_.value
except KeyboardInterrupt:
print
print()
processException = True
warnMsg = "user aborted during dictionary-based attack phase (Ctrl+C was pressed)"
logger.warn(warnMsg)

6
plugins/generic/custom.py
View File

@ -5,6 +5,8 @@ Copyright (c) 2006-2019 sqlmap developers (http://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
from __future__ import print_function
import re
import sys
@ -90,11 +92,11 @@ class Custom:
query = getUnicode(query, encoding=sys.stdin.encoding)
query = query.strip("; ")
except KeyboardInterrupt:
print
print()
errMsg = "user aborted"
logger.error(errMsg)
except EOFError:
print
print()
errMsg = "exit"
logger.error(errMsg)
break

12
sqlmap.py
View File

@ -5,6 +5,8 @@ Copyright (c) 2006-2019 sqlmap developers (http://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""
from __future__ import print_function
try:
import sys
@ -188,10 +190,10 @@ def main():
raise SystemExit
except KeyboardInterrupt:
print
print()
except EOFError:
print
print()
errMsg = "exit"
logger.error(errMsg)
@ -200,7 +202,7 @@ def main():
pass
except:
print
print()
errMsg = unhandledExceptionMessage()
excMsg = traceback.format_exc()
valid = checkIntegrity()
@ -210,13 +212,13 @@ def main():
errMsg += "You should retrieve the latest development version from official GitHub "
errMsg += "repository at '%s'" % GIT_PAGE
logger.critical(errMsg)
print
print()
dataToStdout(excMsg)
raise SystemExit
elif any(_ in excMsg for _ in ("tamper/", "waf/")):
logger.critical(errMsg)
print
print()
dataToStdout(excMsg)
raise SystemExit

24
txt/checksum.md5
View File

@ -21,7 +21,7 @@ a32e12410e0f86c1d035db6daae84680 extra/shutils/duplicates.py
fb6be55d21a70765e35549af2484f762 extra/sqlharvest/__init__.py
4f82e97b09cc530cb9a92472d0835cea extra/sqlharvest/sqlharvest.py
fb6be55d21a70765e35549af2484f762 extra/wafdetectify/__init__.py
e0581096d2890506878e9b424e4e1001 extra/wafdetectify/wafdetectify.py
d62ae3224aca6a9496b35583db61412a extra/wafdetectify/wafdetectify.py
ec782b9cdb8d857a80b6ecf0f32db7f4 lib/controller/action.py
d099724a49c5fd6b0dca8c777e82604e lib/controller/checks.py
c4d559a98cfc62b401ef7e0bfab782f0 lib/controller/controller.py
@ -49,18 +49,18 @@ fe370021c6bc99daf44b2bfc0d1effb3 lib/core/patch.py
7d8a22c582ad201f65b73225e4456170 lib/core/replication.py
3179d34f371e0295dd4604568fb30bcd lib/core/revision.py
d6269c55789f78cf707e09a0f5b45443 lib/core/session.py
1d9c5cc98c251357da6eb91902d75c4d lib/core/settings.py
0013f0712973543735d356560295a047 lib/core/settings.py
a8a7501d1e6b21669b858a62e921d191 lib/core/shell.py
5dc606fdf0afefd4b305169c21ab2612 lib/core/subprocessng.py
072c08d834d01b33e5f39320dcf67a0d lib/core/target.py
7857b24b7865ccb4a05283faa596974d lib/core/testing.py
bf4bdec9b247a999f877a5e5d7daeb70 lib/core/threads.py
203d2082929b4ac5454605c8c7c800a9 lib/core/threads.py
2c263c8610667fdc593c50a35ab20f57 lib/core/unescaper.py
ff45c74515fecc95277f7b9ad945f17c lib/core/update.py
b40f4c20a38729bb4933b8221665f106 lib/core/wordlist.py
fb6be55d21a70765e35549af2484f762 lib/__init__.py
4881480d0c1778053908904e04570dc3 lib/parse/banner.py
ff78461bf084b700b35c51c758685917 lib/parse/cmdline.py
f60469363c303b86255246e5a9604ba3 lib/parse/cmdline.py
06ccbccb63255c8f1c35950a4c8a6f6b lib/parse/configfile.py
9b33e52f697d6e915c7a10153562ce89 lib/parse/handler.py
43deb2400e269e602e916efaec7c0903 lib/parse/headers.py
@ -76,16 +76,16 @@ fc25d951217077fe655ed2a3a81552ae lib/request/comparison.py
2b7509ba38a667c61cefff036ec4ca6f lib/request/dns.py
ceac6b3bf1f726f8ff43c6814e9d7281 lib/request/httpshandler.py
fb6be55d21a70765e35549af2484f762 lib/request/__init__.py
00720f9eddf42f4fefa083fba40f69ed lib/request/inject.py
338f39808f63af8d4f4afe9e7b0665a2 lib/request/inject.py
52a067bd2fe91ea9395269a684380cbb lib/request/methodrequest.py
ac482ec52227daf48f523827dd67078f lib/request/pkihandler.py
16ff6e078819fe517b1fc0ae3cbc1aa8 lib/request/rangehandler.py
db4dc98d03d1865cc6266a79cd5c81b7 lib/request/redirecthandler.py
1e60edebdb3997055616d12f4a932375 lib/request/templates.py
d0059dbb1e928871747a8893b41ce268 lib/takeover/abstraction.py
eafa28e4beb2b7492dfc8036033ac824 lib/takeover/abstraction.py
ac9efea51eba120b667b4b73536d7f1c lib/takeover/icmpsh.py
fb6be55d21a70765e35549af2484f762 lib/takeover/__init__.py
093301eaeac3cd19374f2e389e873b18 lib/takeover/metasploit.py
838002e763b071ed6dc334cabf4fffd9 lib/takeover/metasploit.py
6b5b841d445b7b973c2e033edfb01b16 lib/takeover/registry.py
ad038ac567f97a4b940b7987792d64a4 lib/takeover/udf.py
915a3fbd557fb136bd0e16c46d993be3 lib/takeover/web.py
@ -96,19 +96,19 @@ fb6be55d21a70765e35549af2484f762 lib/techniques/dns/__init__.py
ea48db4c48276d7d0e71aa467c0c523f lib/techniques/dns/test.py
437786cd2f9c3237614e3cac0220b2a6 lib/techniques/dns/use.py
fb6be55d21a70765e35549af2484f762 lib/techniques/error/__init__.py
c23a6f8e88242c84b54426ae7cd430a1 lib/techniques/error/use.py
2c945522ce05c2a1204d1563ae64eff2 lib/techniques/error/use.py
fb6be55d21a70765e35549af2484f762 lib/techniques/__init__.py
fb6be55d21a70765e35549af2484f762 lib/techniques/union/__init__.py
baa3946c23749d898f473dba0f4eecff lib/techniques/union/test.py
d32988e13713417286ab83a00856858e lib/techniques/union/use.py
31d0ac4f92d4ffddf9936499829484cc lib/utils/api.py
78cd3133349e9cfdcc6b3512c7d5ce36 lib/utils/api.py
544dee96e782560fe4355cbf6ee19b8c lib/utils/brute.py
b27421eb57cea711050135f84be99258 lib/utils/crawler.py
da4bc159e6920f1f7e45c92c39941690 lib/utils/deps.py
f7c64515a3e4fcfe8266ca2be77be565 lib/utils/getch.py
0d497906b06eb82d14da676e9f9c98f5 lib/utils/har.py
d11f7f208ccf3a7753ccc417b4b01901 lib/utils/hashdb.py
9d9bd2896858ce0eabbb9a4ef1f5ca0e lib/utils/hash.py
4bcee9dd3300aaad495e7f27f9fbccc0 lib/utils/hash.py
17009289bb5c0dc0cceaa483113101e1 lib/utils/htmlentities.py
fb6be55d21a70765e35549af2484f762 lib/utils/__init__.py
833b05c72c9fa60b0a25b0a26f8f31fb lib/utils/pivotdumptable.py
@ -212,7 +212,7 @@ d2391dfe74f053eb5f31b0efad3fdda0 plugins/dbms/sqlite/connector.py
ec3f406591fc9472f5750bd40993e72e plugins/dbms/sybase/syntax.py
369476221b3059106410de05766227e0 plugins/dbms/sybase/takeover.py
312020bc31ffb0bc6077f62e6fff6e73 plugins/generic/connector.py
54ac71c46c67c81196e2e6707e0989cf plugins/generic/custom.py
1ea0b0e7aa15b7687e1b00845e33f9ab plugins/generic/custom.py
a3fd48c7094fca6692be8b1ae5e29cea plugins/generic/databases.py
9c2c830b3cf66953ecffa6cf88fc7c14 plugins/generic/entries.py
f3624debb8ae6fbcfb5f1b7f1d0743d1 plugins/generic/enumeration.py
@ -234,7 +234,7 @@ ec2ba8c757ac96425dcd2b97970edd3a shell/stagers/stager.asp_
0c48ddb1feb7e38a951ef05a0d48e032 shell/stagers/stager.jsp_
2f9e459a4cf6a58680978cdce5ff7971 shell/stagers/stager.php_
41522f8ad02ac133ca0aeaab374c36a8 sqlmapapi.py
67607879bc78f039b9c9f3be6380d253 sqlmap.py
5cf6426651800869be0d4750b07b1b74 sqlmap.py
772fb3dd15edc9d4055ab9f9dee0c203 tamper/0x2char.py
3d89a5c4c33d4d1d9303f5e3bd11f0ae tamper/apostrophemask.py
1fd0eec63970728c1e6628b2e4c21d81 tamper/apostrophenullencode.py