Update of vuln tests

2025-12-06 12:41:30 +00:00 · 2019-11-06 11:52:50 +01:00
parent 732267876c
commit c2b929301e
3 changed files with 17 additions and 12 deletions
--- a/lib/core/testing.py
+++ b/lib/core/testing.py
@@ -61,8 +61,19 @@ def vulnTest():
    Runs the testing against 'vulnserver'
    """

+    TESTS = (
+        ("--flush-session", ("CloudFlare",)),
+        ("--flush-session --data='{\"id\": 1}' --banner", ("Payload: {\"id\"", "banner: '3")),
+        ("--flush-session --data='<root><param name=\"id\" value=\"1*\"/></root>' --banner", ("Payload: <root><param name=\"id\" value=\"1", "banner: '3")),
+        ("--flush-session --parse-errors --eval=\"id2=2\" --referer=\"localhost\" --cookie=\"PHPSESSID=d41d8cd98f00b204e9800998ecf8427e\"", (": syntax error", "Type: boolean-based blind", "Type: time-based blind", "Type: UNION query", "back-end DBMS: SQLite", "3 columns")),
+        ("--banner --schema --dump -T users --binary-fields=surname --where \"id>3\"", ("banner: '3", "INTEGER", "TEXT", "id", "name", "surname", "2 entries", "6E616D6569736E756C6C")),
+        ("--all --tamper=between,randomcase", ("5 entries", "luther", "blisset", "fluffy", "179ad45c6ce2cb97cf1029e212046e81", "NULL", "nameisnull", "testpass")),
+        ("-z \"tec=B\" --hex --fresh-queries --threads=4 --sql-query=\"SELECT 987654321\"", ("length of query output", ": '987654321'",)),
+        ("--technique=T --fresh-queries --sql-query=\"SELECT 1234\"", (": '1234'",)),
+    )
+
    retVal = True
-    count, length = 0, 6
+    count = 0
    address, port = "127.0.0.10", random.randint(1025, 65535)

    def _thread():
@@ -73,15 +84,7 @@ def vulnTest():
    thread.daemon = True
    thread.start()

-    for options, checks in (
-        ("--flush-session", ("CloudFlare",)),
-        ("--flush-session --data='{\"id\": 1}' --banner", ("Payload: {\"id\"", "banner: '3")),
-        ("--flush-session --parse-errors --eval=\"id2=2\" --referer=\"localhost\" --cookie=\"PHPSESSID=d41d8cd98f00b204e9800998ecf8427e\"", (": syntax error", "Type: boolean-based blind", "Type: time-based blind", "Type: UNION query", "back-end DBMS: SQLite", "3 columns")),
-        ("--banner --schema --dump -T users --binary-fields=surname --where \"id>3\"", ("banner: '3", "INTEGER", "TEXT", "id", "name", "surname", "2 entries", "6E616D6569736E756C6C")),
-        ("--all --tamper=between,randomcase", ("5 entries", "luther", "blisset", "fluffy", "179ad45c6ce2cb97cf1029e212046e81", "NULL", "nameisnull", "testpass")),
-        ("-z \"tec=B\" --hex --fresh-queries --threads=4 --sql-query=\"SELECT 987654321\"", ("length of query output", ": '987654321'",)),
-        ("--technique=T --fresh-queries --sql-query=\"SELECT 1234\"", (": '1234'",)),
-    ):
+    for options, checks in TESTS:
        cmd = "%s %s -u http://%s:%d/?id=1 --batch %s" % (sys.executable, os.path.abspath(os.path.join(os.path.dirname(__file__), "..", "..", "sqlmap.py")), address, port, options)
        output = shellExec(cmd)

@@ -91,7 +94,7 @@ def vulnTest():
            retVal = False

        count += 1
-        status = '%d/%d (%d%%) ' % (count, length, round(100.0 * count / length))
+        status = '%d/%d (%d%%) ' % (count, len(TESTS), round(100.0 * count / len(TESTS)))
        dataToStdout("\r[%s] [INFO] complete: %s" % (time.strftime("%X"), status))

    clearConsoleLine()