Some more refactoring

2025-12-26 09:29:02 +00:00 · 2021-01-12 13:21:51 +01:00
parent e3028f195e
commit 2ef07c80db
14 changed files with 71 additions and 67 deletions
--- a/lib/controller/checks.py
+++ b/lib/controller/checks.py
@@ -1167,7 +1167,7 @@ def checkDynParam(place, parameter, value):
    dynamicity might depend on another parameter.
    """

-    if kb.redirectChoice:
+    if kb.choices.redirect:
        return None

    kb.matchRatio = None
@@ -1268,7 +1268,7 @@ def checkStability():

    secondPage, _, _ = Request.queryPage(content=True, noteResponseTime=False, raise404=False)

-    if kb.redirectChoice:
+    if kb.choices.redirect:
        return None

    kb.pageStable = (firstPage == secondPage)
@@ -1415,11 +1415,11 @@ def checkWaf():
        value = "" if not conf.parameters.get(PLACE.GET) else conf.parameters[PLACE.GET] + DEFAULT_GET_POST_DELIMITER
        value += "%s=%s" % (randomStr(), agent.addPayloadDelimiters(payload))

-    pushValue(kb.redirectChoice)
+    pushValue(kb.choices.redirect)
    pushValue(kb.resendPostOnRedirect)
    pushValue(conf.timeout)

-    kb.redirectChoice = REDIRECTION.YES
+    kb.choices.redirect = REDIRECTION.YES
    kb.resendPostOnRedirect = False
    conf.timeout = IPS_WAF_CHECK_TIMEOUT

@@ -1432,7 +1432,7 @@ def checkWaf():

        conf.timeout = popValue()
        kb.resendPostOnRedirect = popValue()
-        kb.redirectChoice = popValue()
+        kb.choices.redirect = popValue()

    hashDBWrite(HASHDB_KEYS.CHECK_WAF_RESULT, retVal, True)

@@ -1565,7 +1565,7 @@ def checkConnection(suppressOutput=False):
        else:
            kb.errorIsNone = True

-        if kb.redirectChoice == REDIRECTION.YES and threadData.lastRedirectURL and threadData.lastRedirectURL[0] == threadData.lastRequestUID:
+        if kb.choices.redirect == REDIRECTION.YES and threadData.lastRedirectURL and threadData.lastRedirectURL[0] == threadData.lastRequestUID:
            if (threadData.lastRedirectURL[1] or "").startswith("https://") and conf.hostname in getUnicode(threadData.lastRedirectURL[1]):
                conf.url = re.sub(r"https?://", "https://", conf.url)
                match = re.search(r":(\d+)", threadData.lastRedirectURL[1])
--- a/lib/core/datatype.py
+++ b/lib/core/datatype.py
@@ -21,13 +21,14 @@ class AttribDict(dict):
    1
    """

-    def __init__(self, indict=None, attribute=None):
+    def __init__(self, indict=None, attribute=None, keycheck=True):
        if indict is None:
            indict = {}

        # Set any attributes here - before initialisation
        # these remain as normal attributes
        self.attribute = attribute
+        self.keycheck = keycheck
        dict.__init__(self, indict)
        self.__initialised = True

@@ -43,7 +44,10 @@ class AttribDict(dict):
        try:
            return self.__getitem__(item)
        except KeyError:
-            raise AttributeError("unable to access item '%s'" % item)
+            if self.keycheck:
+                raise AttributeError("unable to access item '%s'" % item)
+            else:
+                return None

    def __setattr__(self, item, value):
        """
--- a/lib/core/option.py
+++ b/lib/core/option.py
@@ -2013,12 +2013,10 @@ def _setKnowledgeBaseAttributes(flushAll=True):
    kb.chars.stop = "%s%s%s" % (KB_CHARS_BOUNDARY_CHAR, randomStr(length=3, alphabet=KB_CHARS_LOW_FREQUENCY_ALPHABET), KB_CHARS_BOUNDARY_CHAR)
    kb.chars.at, kb.chars.space, kb.chars.dollar, kb.chars.hash_ = ("%s%s%s" % (KB_CHARS_BOUNDARY_CHAR, _, KB_CHARS_BOUNDARY_CHAR) for _ in randomStr(length=4, lowercase=True))

+    kb.choices = AttribDict(keycheck=False)
    kb.codePage = None
-    kb.columnExistsChoice = None
    kb.commonOutputs = None
-    kb.connErrorChoice = None
    kb.connErrorCounter = 0
-    kb.cookieEncodeChoice = None
    kb.copyExecTest = None
    kb.counters = {}
    kb.customInjectionMark = CUSTOM_INJECTION_MARK_CHAR
@@ -2122,7 +2120,6 @@ def _setKnowledgeBaseAttributes(flushAll=True):
    kb.proxyAuthHeader = None
    kb.queryCounter = 0
    kb.randomPool = {}
-    kb.redirectChoice = None
    kb.reflectiveMechanism = True
    kb.reflectiveCounters = {REFLECTIVE_COUNTER.MISS: 0, REFLECTIVE_COUNTER.HIT: 0}
    kb.requestCounter = 0
@@ -2142,9 +2139,7 @@ def _setKnowledgeBaseAttributes(flushAll=True):
    kb.reduceTests = None
    kb.sslSuccess = False
    kb.stickyDBMS = False
-    kb.storeHashesChoice = None
    kb.suppressResumeInfo = False
-    kb.tableExistsChoice = None
    kb.tableFrom = None
    kb.technique = None
    kb.tempDir = None
--- a/lib/core/settings.py
+++ b/lib/core/settings.py
@@ -18,7 +18,7 @@ from lib.core.enums import OS
 from thirdparty.six import unichr as _unichr

 # sqlmap version (<major>.<minor>.<month>.<monthly commit>)
-VERSION = "1.5.1.18"
+VERSION = "1.5.1.19"
 TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
 TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
 VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
--- a/lib/request/connect.py
+++ b/lib/request/connect.py
@@ -610,8 +610,8 @@ class Connect(object):

                # Get HTTP response
                if hasattr(conn, "redurl"):
-                    page = (threadData.lastRedirectMsg[1] if kb.redirectChoice == REDIRECTION.NO else Connect._connReadProxy(conn)) if not skipRead else None
-                    skipLogTraffic = kb.redirectChoice == REDIRECTION.NO
+                    page = (threadData.lastRedirectMsg[1] if kb.choices.redirect == REDIRECTION.NO else Connect._connReadProxy(conn)) if not skipRead else None
+                    skipLogTraffic = kb.choices.redirect == REDIRECTION.NO
                    code = conn.redcode if not finalCode else code
                else:
                    page = Connect._connReadProxy(conn) if not skipRead else None
@@ -844,13 +844,13 @@ class Connect(object):
            with kb.locks.connError:
                kb.connErrorCounter += 1

-                if kb.connErrorCounter >= MAX_CONSECUTIVE_CONNECTION_ERRORS and kb.connErrorChoice is None:
+                if kb.connErrorCounter >= MAX_CONSECUTIVE_CONNECTION_ERRORS and kb.choices.connError is None:
                    message = "there seems to be a continuous problem with connection to the target. "
                    message += "Are you sure that you want to continue? [y/N] "

-                    kb.connErrorChoice = readInput(message, default='N', boolean=True)
+                    kb.choices.connError = readInput(message, default='N', boolean=True)

-                if kb.connErrorChoice is False:
+                if kb.choices.connError is False:
                    raise SqlmapSkipTargetException

            if "forcibly closed" in tbMsg:
@@ -1025,10 +1025,10 @@ class Connect(object):
                    skip = False

                    if place == PLACE.COOKIE or place == PLACE.CUSTOM_HEADER and value.split(',')[0].upper() == HTTP_HEADER.COOKIE.upper():
-                        if kb.cookieEncodeChoice is None:
+                        if kb.choices.cookieEncode is None:
                            msg = "do you want to URL encode cookie values (implementation specific)? %s" % ("[Y/n]" if not conf.url.endswith(".aspx") else "[y/N]")  # Reference: https://support.microsoft.com/en-us/kb/313282
-                            kb.cookieEncodeChoice = readInput(msg, default='Y' if not conf.url.endswith(".aspx") else 'N', boolean=True)
-                        if not kb.cookieEncodeChoice:
+                            kb.choices.cookieEncode = readInput(msg, default='Y' if not conf.url.endswith(".aspx") else 'N', boolean=True)
+                        if not kb.choices.cookieEncode:
                            skip = True

                    if not skip:
--- a/lib/request/redirecthandler.py
+++ b/lib/request/redirecthandler.py
@@ -48,13 +48,13 @@ class SmartRedirectHandler(_urllib.request.HTTPRedirectHandler):

    def _ask_redirect_choice(self, redcode, redurl, method):
        with kb.locks.redirect:
-            if kb.redirectChoice is None:
+            if kb.choices.redirect is None:
                msg = "got a %d redirect to " % redcode
                msg += "'%s'. Do you want to follow? [Y/n] " % redurl

-                kb.redirectChoice = REDIRECTION.YES if readInput(msg, default='Y', boolean=True) else REDIRECTION.NO
+                kb.choices.redirect = REDIRECTION.YES if readInput(msg, default='Y', boolean=True) else REDIRECTION.NO

-            if kb.redirectChoice == REDIRECTION.YES and method == HTTPMETHOD.POST and kb.resendPostOnRedirect is None:
+            if kb.choices.redirect == REDIRECTION.YES and method == HTTPMETHOD.POST and kb.resendPostOnRedirect is None:
                msg = "redirect is a result of a "
                msg += "POST request. Do you want to "
                msg += "resend original POST data to a new "
@@ -116,7 +116,7 @@ class SmartRedirectHandler(_urllib.request.HTTPRedirectHandler):
                redurl = None
                result = fp

-        if redurl and kb.redirectChoice == REDIRECTION.YES:
+        if redurl and kb.choices.redirect == REDIRECTION.YES:
            parseResponse(content, headers)

            req.headers[HTTP_HEADER.HOST] = getHostHeader(redurl)
--- a/lib/utils/brute.py
+++ b/lib/utils/brute.py
@@ -63,15 +63,15 @@ def _addPageTextWords():

@stackedmethod
 def tableExists(tableFile, regex=None):
-    if kb.tableExistsChoice is None and not any(_ for _ in kb.injection.data if _ not in (PAYLOAD.TECHNIQUE.TIME, PAYLOAD.TECHNIQUE.STACKED)) and not conf.direct:
+    if kb.choices.tableExists is None and not any(_ for _ in kb.injection.data if _ not in (PAYLOAD.TECHNIQUE.TIME, PAYLOAD.TECHNIQUE.STACKED)) and not conf.direct:
        warnMsg = "it's not recommended to use '%s' and/or '%s' " % (PAYLOAD.SQLINJECTION[PAYLOAD.TECHNIQUE.TIME], PAYLOAD.SQLINJECTION[PAYLOAD.TECHNIQUE.STACKED])
        warnMsg += "for common table existence check"
        logger.warn(warnMsg)

        message = "are you sure you want to continue? [y/N] "
-        kb.tableExistsChoice = readInput(message, default='N', boolean=True)
+        kb.choices.tableExists = readInput(message, default='N', boolean=True)

-        if not kb.tableExistsChoice:
+        if not kb.choices.tableExists:
            return None

    result = inject.checkBooleanExpression("%s" % safeStringFormat(BRUTE_TABLE_EXISTS_TEMPLATE, (randomInt(1), randomStr())))
@@ -187,15 +187,15 @@ def tableExists(tableFile, regex=None):
    return kb.data.cachedTables

 def columnExists(columnFile, regex=None):
-    if kb.columnExistsChoice is None and not any(_ for _ in kb.injection.data if _ not in (PAYLOAD.TECHNIQUE.TIME, PAYLOAD.TECHNIQUE.STACKED)) and not conf.direct:
+    if kb.choices.columnExists is None and not any(_ for _ in kb.injection.data if _ not in (PAYLOAD.TECHNIQUE.TIME, PAYLOAD.TECHNIQUE.STACKED)) and not conf.direct:
        warnMsg = "it's not recommended to use '%s' and/or '%s' " % (PAYLOAD.SQLINJECTION[PAYLOAD.TECHNIQUE.TIME], PAYLOAD.SQLINJECTION[PAYLOAD.TECHNIQUE.STACKED])
        warnMsg += "for common column existence check"
        logger.warn(warnMsg)

        message = "are you sure you want to continue? [y/N] "
-        kb.columnExistsChoice = readInput(message, default='N', boolean=True)
+        kb.choices.columnExists = readInput(message, default='N', boolean=True)

-        if not kb.columnExistsChoice:
+        if not kb.choices.columnExists:
            return None

    if not conf.tbl:
--- a/lib/utils/hash.py
+++ b/lib/utils/hash.py
@@ -637,13 +637,13 @@ def storeHashesToFile(attack_dict):
                if item and item not in items:
                    items.add(item)

-    if kb.storeHashesChoice is None:
+    if kb.choices.storeHashes is None:
        message = "do you want to store hashes to a temporary file "
        message += "for eventual further processing with other tools [y/N] "

-        kb.storeHashesChoice = readInput(message, default='N', boolean=True)
+        kb.choices.storeHashes = readInput(message, default='N', boolean=True)

-    if items and kb.storeHashesChoice:
+    if items and kb.choices.storeHashes:
        handle, filename = tempfile.mkstemp(prefix=MKSTEMP_PREFIX.HASHES, suffix=".txt")
        os.close(handle)

--- a/lib/utils/search.py
+++ b/lib/utils/search.py
@@ -184,8 +184,8 @@ def _search(dork):

@stackedmethod
 def search(dork):
-    pushValue(kb.redirectChoice)
-    kb.redirectChoice = REDIRECTION.YES
+    pushValue(kb.choices.redirect)
+    kb.choices.redirect = REDIRECTION.YES

    try:
        return _search(dork)
@@ -203,7 +203,7 @@ def search(dork):
        else:
            raise
    finally:
-        kb.redirectChoice = popValue()
+        kb.choices.redirect = popValue()

 def setHTTPHandlers():  # Cross-referenced function
    raise NotImplementedError