After the storm, a restore..

2025-12-06 20:51:31 +00:00 · 2008-10-15 15:38:22 +00:00
commit 8e3eb45510
78 changed files with 21360 additions and 0 deletions
--- a/lib/parse/html.py
+++ b/lib/parse/html.py
@@ -0,0 +1,75 @@
+#!/usr/bin/env python
+
+"""
+$Id: html.py 286 2008-07-25 23:09:48Z inquisb $
+
+This file is part of the sqlmap project, http://sqlmap.sourceforge.net.
+
+Copyright (c) 2006-2008 Bernardo Damele A. G. <bernardo.damele@gmail.com>
+                        and Daniele Bellucci <daniele.bellucci@gmail.com>
+
+sqlmap is free software; you can redistribute it and/or modify it under
+the terms of the GNU General Public License as published by the Free
+Software Foundation version 2 of the License.
+
+sqlmap is distributed in the hope that it will be useful, but WITHOUT ANY
+WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more
+details.
+
+You should have received a copy of the GNU General Public License along
+with sqlmap; if not, write to the Free Software Foundation, Inc., 51
+Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+"""
+
+
+
+import re
+
+from xml.sax import parse
+from xml.sax.handler import ContentHandler
+
+from lib.core.common import checkFile
+from lib.core.common import sanitizeStr
+
+
+class htmlHandler(ContentHandler):
+    """
+    This class defines methods to parse the input HTML page to
+    fingerprint the back-end database management system
+    """
+
+    def __init__(self, page):
+        self.__dbms = None
+        self.__page = page
+        self.__regexp = None
+        self.__match = None
+
+        self.dbms = None
+
+
+    def startElement(self, name, attrs):
+        if name == "dbms":
+            self.__dbms = attrs.get("value")
+
+        if name == "error":
+            self.__regexp = attrs.get("regexp")
+            self.__match = re.search(self.__regexp, self.__page, re.I)
+
+            if self.__match:
+                self.dbms = self.__dbms
+                self.__match = None
+
+
+def htmlParser(page, xmlfile):
+    """
+    This function calls a class that parses the input HTML page to
+    fingerprint the back-end database management system
+    """
+
+    checkFile(xmlfile)
+    page = sanitizeStr(page)
+    handler = htmlHandler(page)
+    parse(xmlfile, handler)
+
+    return handler.dbms