Merge branch 'master' of github.com:sqlmapproject/sqlmap

2026-01-03 05:09:15 +00:00 · 2013-01-09 16:04:29 +00:00
parent 510ceb6e19 bf5544903b
commit 7f4ce4afbb
22 changed files with 229 additions and 221 deletions
--- a/lib/core/agent.py
+++ b/lib/core/agent.py
@@ -855,13 +855,13 @@ class Agent(object):
        else:
            query = expression

-        if ( select and re.search("\A(COUNT|LTRIM)\(", query, re.I) ) or len(query) <= 1:
+        if (select and re.search("\A(COUNT|LTRIM)\(", query, re.I)) or len(query) <= 1:
            return query

        if selectDistinctExpr:
            lengthExpr = "SELECT %s FROM (%s)" % (lengthQuery % query, expression)

-            if Backend.getIdentifiedDbms() in ( DBMS.MYSQL, DBMS.PGSQL ):
+            if Backend.getIdentifiedDbms() in (DBMS.MYSQL, DBMS.PGSQL):
                lengthExpr += " AS %s" % randomStr(lowercase=True)
        elif select:
            lengthExpr = expression.replace(query, lengthQuery % query, 1)
--- a/lib/core/option.py
+++ b/lib/core/option.py
@@ -14,6 +14,7 @@ import socket
 import string
 import sys
 import threading
+import time
 import urllib2
 import urlparse

@@ -135,7 +136,7 @@ from lib.request.httpshandler import HTTPSHandler
 from lib.request.rangehandler import HTTPRangeHandler
 from lib.request.redirecthandler import SmartRedirectHandler
 from lib.request.templates import getPageTemplate
-from lib.utils.crawler import Crawler
+from lib.utils.crawler import crawl
 from lib.utils.deps import checkDependencies
 from lib.utils.google import Google
 from thirdparty.colorama.initialise import init as coloramainit
@@ -307,7 +308,7 @@ def _feedTargetsDict(reqFile, addedTargetUrls):
                        params = True

                    # Avoid proxy and connection type related headers
-                    elif key not in ( HTTPHEADER.PROXY_CONNECTION, HTTPHEADER.CONNECTION ):
+                    elif key not in (HTTPHEADER.PROXY_CONNECTION, HTTPHEADER.CONNECTION):
                        conf.httpHeaders.append((getUnicode(key), getUnicode(value)))

            if getPostReq and (params or cookie):
@@ -462,8 +463,7 @@ def _setCrawler():
    if not conf.crawlDepth:
        return

-    crawler = Crawler()
-    crawler.getTargetUrls()
+    crawl(conf.url)

 def _setGoogleDorking():
    """
@@ -571,15 +571,29 @@ def _findPageForms():
    if not conf.forms or conf.crawlDepth:
        return

-    if not checkConnection():
+    if conf.url and not checkConnection():
        return

    infoMsg = "searching for forms"
    logger.info(infoMsg)

-    page, _ = Request.queryPage(content=True)
+    if not conf.bulkFile:
+        page, _ = Request.queryPage(content=True)
+        findPageForms(page, conf.url, True, True)
+    else:
+        targets = getFileItems(conf.bulkFile)
+        for i in xrange(len(targets)):
+            try:
+                target = targets[i]
+                page, _, _= Request.getPage(url=target.strip(), crawling=True, raise404=False)
+                findPageForms(page, target, False, True)

-    findPageForms(page, conf.url, True, True)
+                if conf.verbose in (1, 2):
+                    status = '%d/%d links visited (%d%%)' % (i + 1, len(targets), round(100.0 * (i + 1) / len(targets)))
+                    dataToStdout("\r[%s] [INFO] %s" % (time.strftime("%X"), status), True)
+            except Exception, ex:
+                errMsg = "problem occured while searching for forms at '%s' ('%s')" % (target, ex)
+                logger.error(errMsg)

 def _setDBMSAuthentication():
    """
@@ -1047,11 +1061,11 @@ def _setHTTPAuthentication():

        aTypeLower = conf.aType.lower()

-        if aTypeLower not in ( "basic", "digest", "ntlm" ):
+        if aTypeLower not in ("basic", "digest", "ntlm"):
            errMsg = "HTTP authentication type value must be "
            errMsg += "Basic, Digest or NTLM"
            raise SqlmapSyntaxException(errMsg)
-        elif aTypeLower in ( "basic", "digest" ):
+        elif aTypeLower in ("basic", "digest"):
            regExp = "^(.*?):(.*?)$"
            errMsg = "HTTP %s authentication credentials " % aTypeLower
            errMsg += "value must be in format username:password"
@@ -1712,8 +1726,8 @@ def _saveCmdline():
            if value is None:
                if datatype == "boolean":
                    value = "False"
-                elif datatype in ( "integer", "float" ):
-                    if option in ( "threads", "verbose" ):
+                elif datatype in ("integer", "float"):
+                    if option in ("threads", "verbose"):
                        value = "1"
                    elif option == "timeout":
                        value = "10"
@@ -1836,7 +1850,7 @@ def _setTorHttpProxySettings():

    found = None

-    for port in (DEFAULT_TOR_HTTP_PORTS if not conf.torPort else (conf.torPort, )):
+    for port in (DEFAULT_TOR_HTTP_PORTS if not conf.torPort else (conf.torPort,)):
        try:
            s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
            s.connect((LOCALHOST, port))
@@ -1965,8 +1979,8 @@ def _basicOptionValidation():
        errMsg = "maximum number of used threads is %d avoiding possible connection issues" % MAX_NUMBER_OF_THREADS
        raise SqlmapSyntaxException(errMsg)

-    if conf.forms and not conf.url:
-        errMsg = "switch '--forms' requires usage of option '-u' (--url)"
+    if conf.forms and not any ((conf.url, conf.bulkFile)):
+        errMsg = "switch '--forms' requires usage of option '-u' (--url) or '-m'"
        raise SqlmapSyntaxException(errMsg)

    if conf.requestFile and conf.url:
@@ -2009,8 +2023,8 @@ def _basicOptionValidation():
        errMsg = "option '--proxy' is incompatible with switch '--ignore-proxy'"
        raise SqlmapSyntaxException(errMsg)

-    if conf.forms and any([conf.logFile, conf.bulkFile, conf.direct, conf.requestFile, conf.googleDork]):
-        errMsg = "switch '--forms' is compatible only with option '-u' (--url)"
+    if conf.forms and any([conf.logFile, conf.direct, conf.requestFile, conf.googleDork]):
+        errMsg = "switch '--forms' is compatible only with options '-u' (--url) and '-m'"
        raise SqlmapSyntaxException(errMsg)

    if conf.timeSec < 1:
--- a/lib/core/readlineng.py
+++ b/lib/core/readlineng.py
@@ -38,7 +38,7 @@ uses_libedit = False
 if PLATFORM == 'mac' and _readline:
    import commands

-    (status, result) = commands.getstatusoutput( "otool -L %s | grep libedit" % _readline.__file__ )
+    (status, result) = commands.getstatusoutput("otool -L %s | grep libedit" % _readline.__file__)

    if status == 0 and len(result) > 0:
        # We are bound to libedit - new in Leopard
--- a/lib/core/settings.py
+++ b/lib/core/settings.py
@@ -131,43 +131,43 @@ PLATFORM = os.name
 PYVERSION = sys.version.split()[0]

 # Database management system specific variables
-MSSQL_SYSTEM_DBS = ( "Northwind", "master", "model", "msdb", "pubs", "tempdb" )
-MYSQL_SYSTEM_DBS = ( "information_schema", "mysql" )                   # Before MySQL 5.0 only "mysql"
-PGSQL_SYSTEM_DBS = ( "information_schema", "pg_catalog", "pg_toast" )
-ORACLE_SYSTEM_DBS = ( "SYSTEM", "SYSAUX", "SYS" )                      # These are TABLESPACE_NAME
-SQLITE_SYSTEM_DBS = ( "sqlite_master", "sqlite_temp_master" )
-ACCESS_SYSTEM_DBS = ( "MSysAccessObjects", "MSysACEs", "MSysObjects", "MSysQueries", "MSysRelationships", "MSysAccessStorage",\
-                        "MSysAccessXML", "MSysModules", "MSysModules2" )
-FIREBIRD_SYSTEM_DBS = ( "RDB$BACKUP_HISTORY", "RDB$CHARACTER_SETS", "RDB$CHECK_CONSTRAINTS", "RDB$COLLATIONS", "RDB$DATABASE",\
+MSSQL_SYSTEM_DBS = ("Northwind", "master", "model", "msdb", "pubs", "tempdb")
+MYSQL_SYSTEM_DBS = ("information_schema", "mysql")                   # Before MySQL 5.0 only "mysql"
+PGSQL_SYSTEM_DBS = ("information_schema", "pg_catalog", "pg_toast")
+ORACLE_SYSTEM_DBS = ("SYSTEM", "SYSAUX", "SYS")                      # These are TABLESPACE_NAME
+SQLITE_SYSTEM_DBS = ("sqlite_master", "sqlite_temp_master")
+ACCESS_SYSTEM_DBS = ("MSysAccessObjects", "MSysACEs", "MSysObjects", "MSysQueries", "MSysRelationships", "MSysAccessStorage",\
+                        "MSysAccessXML", "MSysModules", "MSysModules2")
+FIREBIRD_SYSTEM_DBS = ("RDB$BACKUP_HISTORY", "RDB$CHARACTER_SETS", "RDB$CHECK_CONSTRAINTS", "RDB$COLLATIONS", "RDB$DATABASE",\
                        "RDB$DEPENDENCIES", "RDB$EXCEPTIONS", "RDB$FIELDS", "RDB$FIELD_DIMENSIONS", " RDB$FILES", "RDB$FILTERS",\
                        "RDB$FORMATS", "RDB$FUNCTIONS", "RDB$FUNCTION_ARGUMENTS", "RDB$GENERATORS", "RDB$INDEX_SEGMENTS", "RDB$INDICES",\
                        "RDB$LOG_FILES", "RDB$PAGES", "RDB$PROCEDURES", "RDB$PROCEDURE_PARAMETERS", "RDB$REF_CONSTRAINTS", "RDB$RELATIONS",\
                        "RDB$RELATION_CONSTRAINTS", "RDB$RELATION_FIELDS", "RDB$ROLES", "RDB$SECURITY_CLASSES", "RDB$TRANSACTIONS", "RDB$TRIGGERS",\
-                        "RDB$TRIGGER_MESSAGES", "RDB$TYPES", "RDB$USER_PRIVILEGES", "RDB$VIEW_RELATIONS" )
-MAXDB_SYSTEM_DBS = ( "SYSINFO", "DOMAIN" )
-SYBASE_SYSTEM_DBS = ( "master", "model", "sybsystemdb", "sybsystemprocs" )
-DB2_SYSTEM_DBS = ( "NULLID", "SQLJ", "SYSCAT", "SYSFUN", "SYSIBM", "SYSIBMADM", "SYSIBMINTERNAL", "SYSIBMTS",\
-                   "SYSPROC", "SYSPUBLIC", "SYSSTAT", "SYSTOOLS" )
+                        "RDB$TRIGGER_MESSAGES", "RDB$TYPES", "RDB$USER_PRIVILEGES", "RDB$VIEW_RELATIONS")
+MAXDB_SYSTEM_DBS = ("SYSINFO", "DOMAIN")
+SYBASE_SYSTEM_DBS = ("master", "model", "sybsystemdb", "sybsystemprocs")
+DB2_SYSTEM_DBS = ("NULLID", "SQLJ", "SYSCAT", "SYSFUN", "SYSIBM", "SYSIBMADM", "SYSIBMINTERNAL", "SYSIBMTS",\
+                   "SYSPROC", "SYSPUBLIC", "SYSSTAT", "SYSTOOLS")

-MSSQL_ALIASES = ( "microsoft sql server", "mssqlserver", "mssql", "ms" )
-MYSQL_ALIASES = ( "mysql", "my" )
-PGSQL_ALIASES = ( "postgresql", "postgres", "pgsql", "psql", "pg" )
-ORACLE_ALIASES = ( "oracle", "orcl", "ora", "or" )
-SQLITE_ALIASES = ( "sqlite", "sqlite3" )
-ACCESS_ALIASES = ( "msaccess", "access", "jet", "microsoft access" )
-FIREBIRD_ALIASES = ( "firebird", "mozilla firebird", "interbase", "ibase", "fb" )
-MAXDB_ALIASES = ( "maxdb", "sap maxdb", "sap db" )
-SYBASE_ALIASES = ( "sybase", "sybase sql server" )
-DB2_ALIASES = ( "db2", "ibm db2", "ibmdb2" )
+MSSQL_ALIASES = ("microsoft sql server", "mssqlserver", "mssql", "ms")
+MYSQL_ALIASES = ("mysql", "my")
+PGSQL_ALIASES = ("postgresql", "postgres", "pgsql", "psql", "pg")
+ORACLE_ALIASES = ("oracle", "orcl", "ora", "or")
+SQLITE_ALIASES = ("sqlite", "sqlite3")
+ACCESS_ALIASES = ("msaccess", "access", "jet", "microsoft access")
+FIREBIRD_ALIASES = ("firebird", "mozilla firebird", "interbase", "ibase", "fb")
+MAXDB_ALIASES = ("maxdb", "sap maxdb", "sap db")
+SYBASE_ALIASES = ("sybase", "sybase sql server")
+DB2_ALIASES = ("db2", "ibm db2", "ibmdb2")

 DBMS_DIRECTORY_DICT = dict((getattr(DBMS, _), getattr(DBMS_DIRECTORY_NAME, _)) for _ in dir(DBMS) if not _.startswith("_"))

 SUPPORTED_DBMS = MSSQL_ALIASES + MYSQL_ALIASES + PGSQL_ALIASES + ORACLE_ALIASES + SQLITE_ALIASES + ACCESS_ALIASES + FIREBIRD_ALIASES + MAXDB_ALIASES + SYBASE_ALIASES + DB2_ALIASES
-SUPPORTED_OS = ( "linux", "windows" )
+SUPPORTED_OS = ("linux", "windows")

-USER_AGENT_ALIASES = ( "ua", "useragent", "user-agent" )
-REFERER_ALIASES = ( "ref", "referer", "referrer" )
-HOST_ALIASES = ( "host", )
+USER_AGENT_ALIASES = ("ua", "useragent", "user-agent")
+REFERER_ALIASES = ("ref", "referer", "referrer")
+HOST_ALIASES = ("host",)

 # Items displayed in basic help (-h) output
 BASIC_HELP_ITEMS = (
--- a/lib/core/testing.py
+++ b/lib/core/testing.py
@@ -73,7 +73,7 @@ def smokeTest():
                        retVal = False

            count += 1
-            status = '%d/%d (%d%s) ' % (count, length, round(100.0*count/length), '%')
+            status = '%d/%d (%d%%) ' % (count, length, round(100.0 * count / length))
            dataToStdout("\r[%s] [INFO] complete: %s" % (time.strftime("%X"), status))

    clearConsoleLine()