From 6e31e87de15851ee4561a0bda952d0f21eac69ec Mon Sep 17 00:00:00 2001
From: Bernardo Damele <bernardo.damele@gmail.com>
Date: Fri, 14 Dec 2012 02:49:25 +0000
Subject: [PATCH] added initial support (hidden from -hh and not yet usable)
 for REST-JSON API

---
 _sqlmap.py           | 26 +++++++++++++++++++++++++-
 lib/core/settings.py |  3 +++
 lib/parse/cmdline.py |  8 +++++++-
 lib/utils/xmlrpc.py  |  1 +
 4 files changed, 36 insertions(+), 2 deletions(-)

diff --git a/_sqlmap.py b/_sqlmap.py
index a4606a576..f1a3c404f 100755
--- a/_sqlmap.py
+++ b/_sqlmap.py
@@ -32,6 +32,7 @@ from lib.core.data import logger
 from lib.core.data import paths
 from lib.core.common import unhandledExceptionMessage
 from lib.core.exception import exceptionsTuple
+from lib.core.exception import SqlmapMissingDependence
 from lib.core.exception import SqlmapSilentQuitException
 from lib.core.exception import SqlmapUserQuitException
 from lib.core.log import FORMATTER
@@ -39,12 +40,20 @@ from lib.core.log import LOGGER_HANDLER
 from lib.core.option import init
 from lib.core.profiling import profile
 from lib.core.settings import LEGAL_DISCLAIMER
+from lib.core.settings import RESTAPI_SERVER_PORT
 from lib.core.settings import XMLRPC_SERVER_PORT
 from lib.core.testing import smokeTest
 from lib.core.testing import liveTest
 from lib.parse.cmdline import cmdLineParser
 from lib.utils.xmlrpc import XMLRPCServer
 
+try:
+    from lib.utils.restapi import restAPIrun
+except SqlmapMissingDependence, e:
+    e = getUnicode(e)
+    logger.critical(e)
+    sys.exit(1)
+
 def modulePath():
     """
     This will get us the program's directory, even if we are frozen
@@ -53,6 +62,18 @@ def modulePath():
 
     return os.path.dirname(getUnicode(sys.executable if weAreFrozen() else __file__, sys.getfilesystemencoding()))
 
+def restApiServe():
+    logger.setLevel(logging.INFO)
+    cmdLineOptions.batch = True
+    cmdLineOptions.disableColoring = True
+    restAPIrun(port=cmdLineOptions.restApiPort or RESTAPI_SERVER_PORT)
+    def emit(self, record):
+        message = stdoutencode(FORMATTER.format(record))
+        sys.stdout.write("%s\n" % message.strip('\r'))
+    LOGGER_HANDLER.emit = types.MethodType(emit, LOGGER_HANDLER, type(LOGGER_HANDLER))
+    sys.stdout = StringIO.StringIO()
+    sys.stderr = StringIO.StringIO()
+
 def xmlRpcServe():
     logger.setLevel(logging.INFO)
     cmdLineOptions.batch = True
@@ -82,7 +103,9 @@ def main():
         # Store original command line options for possible later restoration
         cmdLineOptions.update(cmdLineParser().__dict__)
 
-        if cmdLineOptions.xmlRpc:
+        if cmdLineOptions.restApi:
+            restApiServe()
+        elif cmdLineOptions.xmlRpc:
             xmlRpcServe()
         else:
             init(cmdLineOptions)
@@ -106,6 +129,7 @@ def main():
     except exceptionsTuple, e:
         e = getUnicode(e)
         logger.critical(e)
+        sys.exit(1)
 
     except KeyboardInterrupt:
         print
diff --git a/lib/core/settings.py b/lib/core/settings.py
index 6e1a930f2..a05e7291e 100644
--- a/lib/core/settings.py
+++ b/lib/core/settings.py
@@ -485,6 +485,9 @@ LIMITED_ROWS_TEST_NUMBER = 15
 # Default TCP port used for XML-RPC server instance
 XMLRPC_SERVER_PORT = 8776
 
+# Default TCP port used for REST API server instance
+RESTAPI_SERVER_PORT = 8775
+
 # Regular expression for SOAP-like POST data
 SOAP_RECOGNITION_REGEX = r"(?s)\A(<\?xml[^>]+>)?\s*<([^> ]+)( [^>]+)?>.+</\2.*>\s*\Z"
 
diff --git a/lib/parse/cmdline.py b/lib/parse/cmdline.py
index 5d4fd6412..4b0f99e40 100644
--- a/lib/parse/cmdline.py
+++ b/lib/parse/cmdline.py
@@ -682,6 +682,12 @@ def cmdLineParser():
         parser.add_option("--run-case", dest="runCase", type="int",
                           help=SUPPRESS_HELP)
 
+        parser.add_option("--restapi", dest="restApi", action="store_true",
+                          help=SUPPRESS_HELP)
+
+        parser.add_option("--restApi-port", dest="restApiPort", type="int",
+                          help=SUPPRESS_HELP)
+
         parser.add_option("--xmlrpc", dest="xmlRpc", action="store_true",
                           help=SUPPRESS_HELP)
 
@@ -761,7 +767,7 @@ def cmdLineParser():
 
         if not any((args.direct, args.url, args.logFile, args.bulkFile, args.googleDork, args.configFile, \
             args.requestFile, args.updateAll, args.smokeTest, args.liveTest, args.wizard, args.dependencies, \
-            args.xmlRpc, args.purgeOutput)):
+            args.restApi, args.xmlRpc, args.purgeOutput)):
             errMsg = "missing a mandatory option (-d, -u, -l, -m, -r, -g, -c, --wizard, --update, --purge-output or --dependencies), "
             errMsg += "use -h for basic or -hh for advanced help"
             parser.error(errMsg)
diff --git a/lib/utils/xmlrpc.py b/lib/utils/xmlrpc.py
index 93d5c3813..6e19e60b8 100644
--- a/lib/utils/xmlrpc.py
+++ b/lib/utils/xmlrpc.py
@@ -66,6 +66,7 @@ class XMLRPCServer:
         return retval
 
     def run(self):
+        print "CALLING RUN"
         if not self.is_busy():
             init(self.options, True)
             thread = threading.Thread(target=start)