PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2026-01-28 17:19:15 +00:00
Code Issues Projects Releases Wiki Activity

Fixing DeprecationWarning (logger.warn)

Browse Source
This commit is contained in:
Miroslav Stampar
2022-06-22 12:04:34 +02:00
parent 90b444c927
commit df4293473d
99 changed files with 429 additions and 428 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
lib/controller/checks.py
View File

@@ -810,7 +810,7 @@ def checkSqlInjection(place, parameter, value):
except KeyboardInterrupt:
warnMsg = "user aborted during detection phase"
logger.warn(warnMsg)
logger.warning(warnMsg)
if conf.multipleTargets:
msg = "how do you want to proceed? [ne(X)t target/(s)kip current test/(e)nd detection phase/(n)ext parameter/(c)hange verbosity/(q)uit]"
@@ -826,7 +826,7 @@ def checkSqlInjection(place, parameter, value):
choice = None
while not ((choice or "").isdigit() and 0 <= int(choice) <= 6):
if choice:
logger.warn("invalid value")
logger.warning("invalid value")
msg = "enter new verbosity level: [0-6] "
choice = readInput(msg, default=str(conf.verbose), checkBatch=False)
conf.verbose = int(choice)
@@ -851,7 +851,7 @@ def checkSqlInjection(place, parameter, value):
warnMsg = "in OR boolean-based injection cases, please consider usage "
warnMsg += "of switch '--drop-set-cookie' if you experience any "
warnMsg += "problems during data retrieval"
logger.warn(warnMsg)
logger.warning(warnMsg)
if not checkFalsePositives(injection):
if conf.hostname in kb.vulnHosts:
@@ -976,7 +976,7 @@ def checkFalsePositives(injection):
if not retVal:
warnMsg = "false positive or unexploitable injection point detected"
logger.warn(warnMsg)
logger.warning(warnMsg)
kb.injection = popValue()
@@ -1002,7 +1002,7 @@ def checkSuhosinPatch(injection):
warnMsg = "parameter length constraining "
warnMsg += "mechanism detected (e.g. Suhosin patch). "
warnMsg += "Potential problems in enumeration phase can be expected"
logger.warn(warnMsg)
logger.warning(warnMsg)
kb.injection = popValue()
@@ -1023,7 +1023,7 @@ def checkFilteredChars(injection):
warnMsg += "filtered by the back-end server. There is a strong "
warnMsg += "possibility that sqlmap won't be able to properly "
warnMsg += "exploit this vulnerability"
logger.warn(warnMsg)
logger.warning(warnMsg)
# inference techniques depend on character '>'
if not any(_ in injection.data for _ in (PAYLOAD.TECHNIQUE.ERROR, PAYLOAD.TECHNIQUE.UNION, PAYLOAD.TECHNIQUE.QUERY)):
@@ -1031,7 +1031,7 @@ def checkFilteredChars(injection):
warnMsg = "it appears that the character '>' is "
warnMsg += "filtered by the back-end server. You are strongly "
warnMsg += "advised to rerun with the '--tamper=between'"
logger.warn(warnMsg)
logger.warning(warnMsg)
kb.injection = popValue()
@@ -1122,7 +1122,7 @@ def heuristicCheckSqlInjection(place, parameter):
else:
infoMsg += "not be injectable"
logger.warn(infoMsg)
logger.warning(infoMsg)
kb.heuristicMode = True
kb.disableHtmlDecoding = True
@@ -1230,7 +1230,7 @@ def checkDynamicContent(firstPage, secondPage):
if count > conf.retries:
warnMsg = "target URL content appears to be too dynamic. "
warnMsg += "Switching to '--text-only' "
logger.warn(warnMsg)
logger.warning(warnMsg)
conf.textOnly = True
return
@@ -1288,7 +1288,7 @@ def checkStability():
warnMsg += "injectable parameters are detected, or in case of "
warnMsg += "junk results, refer to user's manual paragraph "
warnMsg += "'Page comparison'"
logger.warn(warnMsg)
logger.warning(warnMsg)
message = "how do you want to proceed? [(C)ontinue/(s)tring/(r)egex/(q)uit] "
choice = readInput(message, default='C').upper()
@@ -1513,7 +1513,7 @@ def checkConnection(suppressOutput=False):
warnMsg = "you provided '%s' as the string to " % conf.string
warnMsg += "match, but such a string is not within the target "
warnMsg += "URL raw response, sqlmap will carry on anyway"
logger.warn(warnMsg)
logger.warning(warnMsg)
if conf.regexp:
infoMsg = "testing if the provided regular expression matches within "
@@ -1524,7 +1524,7 @@ def checkConnection(suppressOutput=False):
warnMsg = "you provided '%s' as the regular expression " % conf.regexp
warnMsg += "which does not have any match within the target URL raw response. sqlmap "
warnMsg += "will carry on anyway"
logger.warn(warnMsg)
logger.warning(warnMsg)
kb.errorIsNone = False
@@ -1539,12 +1539,12 @@ def checkConnection(suppressOutput=False):
elif wasLastResponseDBMSError():
warnMsg = "there is a DBMS error found in the HTTP response body "
warnMsg += "which could interfere with the results of the tests"
logger.warn(warnMsg)
logger.warning(warnMsg)
elif wasLastResponseHTTPError():
if getLastRequestHTTPError() not in (conf.ignoreCode or []):
warnMsg = "the web server responded with an HTTP error code (%d) " % getLastRequestHTTPError()
warnMsg += "which could interfere with the results of the tests"
logger.warn(warnMsg)
logger.warning(warnMsg)
else:
kb.errorIsNone = True

12
lib/controller/controller.py
View File

@@ -186,12 +186,12 @@ def _showInjections():
if conf.tamper:
warnMsg = "changes made by tampering scripts are not "
warnMsg += "included in shown payload content(s)"
logger.warn(warnMsg)
logger.warning(warnMsg)
if conf.hpp:
warnMsg = "changes made by HTTP parameter pollution are not "
warnMsg += "included in shown payload content(s)"
logger.warn(warnMsg)
logger.warning(warnMsg)
def _randomFillBlankFields(value):
retVal = value
@@ -556,7 +556,7 @@ def start():
if not check:
warnMsg = "%sparameter '%s' does not appear to be dynamic" % ("%s " % paramType if paramType != parameter else "", parameter)
logger.warn(warnMsg)
logger.warning(warnMsg)
if conf.skipStatic:
infoMsg = "skipping static %sparameter '%s'" % ("%s " % paramType if paramType != parameter else "", parameter)
@@ -612,7 +612,7 @@ def start():
if not injectable:
warnMsg = "%sparameter '%s' does not seem to be injectable" % ("%s " % paramType if paramType != parameter else "", parameter)
logger.warn(warnMsg)
logger.warning(warnMsg)
finally:
if place == PLACE.COOKIE:
@@ -709,7 +709,7 @@ def start():
if conf.multipleTargets:
warnMsg = "user aborted in multiple target mode"
logger.warn(warnMsg)
logger.warning(warnMsg)
message = "do you want to skip to the next target in list? [Y/n/q]"
choice = readInput(message, default='Y').upper()
@@ -749,7 +749,7 @@ def start():
warnMsg = "it appears that the target "
warnMsg += "has a maximum connections "
warnMsg += "constraint"
logger.warn(warnMsg)
logger.warning(warnMsg)
if kb.dataOutputFlag and not conf.multipleTargets:
logger.info("fetched data logged to text files under '%s'" % conf.outputPath)

42
lib/core/common.py
View File

@@ -351,7 +351,7 @@ class Backend(object):
elif kb.dbms is not None and kb.dbms != dbms:
warnMsg = "there appears to be a high probability that "
warnMsg += "this could be a false positive case"
logger.warn(warnMsg)
logger.warning(warnMsg)
msg = "sqlmap previously fingerprinted back-end DBMS as "
msg += "%s. However now it has been fingerprinted " % kb.dbms
@@ -371,7 +371,7 @@ class Backend(object):
break
else:
warnMsg = "invalid value"
logger.warn(warnMsg)
logger.warning(warnMsg)
elif kb.dbms is None:
kb.dbms = aliasToDbmsEnum(dbms)
@@ -429,7 +429,7 @@ class Backend(object):
break
else:
warnMsg = "invalid value"
logger.warn(warnMsg)
logger.warning(warnMsg)
elif kb.os is None and isinstance(os, six.string_types):
kb.os = os.capitalize()
@@ -466,7 +466,7 @@ class Backend(object):
break
else:
warnMsg = "invalid value. Valid values are 1 and 2"
logger.warn(warnMsg)
logger.warning(warnMsg)
return kb.arch
@@ -663,7 +663,7 @@ def paramToDict(place, parameters=None):
warnMsg += "chars/statements from manual SQL injection test(s). "
warnMsg += "Please, always use only valid parameter values "
warnMsg += "so sqlmap could be able to run properly"
logger.warn(warnMsg)
logger.warning(warnMsg)
message = "are you really sure that you want to continue (sqlmap could have problems)? [y/N] "
@@ -673,7 +673,7 @@ def paramToDict(place, parameters=None):
warnMsg = "provided value for parameter '%s' is empty. " % parameter
warnMsg += "Please, always use only valid parameter values "
warnMsg += "so sqlmap could be able to run properly"
logger.warn(warnMsg)
logger.warning(warnMsg)
if place in (PLACE.POST, PLACE.GET):
for regex in (r"\A((?:<[^>]+>)+\w+)((?:<[^>]+>)+)\Z", r"\A([^\w]+.*\w+)([^\w]+)\Z"):
@@ -738,7 +738,7 @@ def paramToDict(place, parameters=None):
if len(conf.testParameter) > 1:
warnMsg = "provided parameters '%s' " % paramStr
warnMsg += "are not inside the %s" % place
logger.warn(warnMsg)
logger.warning(warnMsg)
else:
parameter = conf.testParameter[0]
@@ -763,7 +763,7 @@ def paramToDict(place, parameters=None):
if len(decoded) > MIN_ENCODED_LEN_CHECK and all(_ in getBytes(string.printable) for _ in decoded):
warnMsg = "provided parameter '%s' " % parameter
warnMsg += "appears to be '%s' encoded" % encoding
logger.warn(warnMsg)
logger.warning(warnMsg)
break
except:
pass
@@ -814,7 +814,7 @@ def getManualDirectories():
else:
warnMsg = "unable to automatically retrieve the web server "
warnMsg += "document root"
logger.warn(warnMsg)
logger.warning(warnMsg)
directories = []
@@ -900,7 +900,7 @@ def getAutoDirectories():
retVal.add(directory)
else:
warnMsg = "unable to automatically parse any web server path"
logger.warn(warnMsg)
logger.warning(warnMsg)
return list(retVal)
@@ -1637,7 +1637,7 @@ def parseTargetDirect():
if remote:
warnMsg = "direct connection over the network for "
warnMsg += "%s DBMS is not supported" % dbmsName
logger.warn(warnMsg)
logger.warning(warnMsg)
conf.hostname = "localhost"
conf.port = 0
@@ -1900,7 +1900,7 @@ def parseUnionPage(page):
if re.search(r"(?si)\A%s.*%s\Z" % (kb.chars.start, kb.chars.stop), page):
if len(page) > LARGE_OUTPUT_THRESHOLD:
warnMsg = "large output detected. This might take a while"
logger.warn(warnMsg)
logger.warning(warnMsg)
data = BigArray()
keys = set()
@@ -2789,7 +2789,7 @@ def wasLastResponseDelayed():
if len(kb.responseTimes[kb.responseTimeMode]) < MIN_TIME_RESPONSES:
warnMsg = "time-based standard deviation method used on a model "
warnMsg += "with less than %d response times" % MIN_TIME_RESPONSES
logger.warn(warnMsg)
logger.warning(warnMsg)
lowerStdLimit = average(kb.responseTimes[kb.responseTimeMode]) + TIME_STDEV_COEFF * deviation
retVal = (threadData.lastQueryDuration >= max(MIN_VALID_DELAYED_RESPONSE, lowerStdLimit))
@@ -3593,7 +3593,7 @@ def initTechnique(technique=None):
else:
warnMsg = "there is no injection data available for technique "
warnMsg += "'%s'" % enumValueToNameLookup(PAYLOAD.TECHNIQUE, technique)
logger.warn(warnMsg)
logger.warning(warnMsg)
except SqlmapDataException:
errMsg = "missing data in old session file(s). "
@@ -3744,7 +3744,7 @@ def showHttpErrorCodes():
if kb.httpErrorCodes:
warnMsg = "HTTP error codes detected during run:\n"
warnMsg += ", ".join("%d (%s) - %d times" % (code, _http_client.responses[code] if code in _http_client.responses else '?', count) for code, count in kb.httpErrorCodes.items())
logger.warn(warnMsg)
logger.warning(warnMsg)
if any((str(_).startswith('4') or str(_).startswith('5')) and _ != _http_client.INTERNAL_SERVER_ERROR and _ != kb.originalCode for _ in kb.httpErrorCodes):
msg = "too many 4xx and/or 5xx HTTP error codes "
msg += "could mean that some kind of protection is involved (e.g. WAF)"
@@ -3972,7 +3972,7 @@ def createGithubIssue(errMsg, excMsg):
if closed:
warnMsg += " and resolved. Please update to the latest "
warnMsg += "development version from official GitHub repository at '%s'" % GIT_PAGE
logger.warn(warnMsg)
logger.warning(warnMsg)
return
except:
pass
@@ -4002,7 +4002,7 @@ def createGithubIssue(errMsg, excMsg):
warnMsg += " ('%s')" % _excMsg
if "Unauthorized" in warnMsg:
warnMsg += ". Please update to the latest revision"
logger.warn(warnMsg)
logger.warning(warnMsg)
def maskSensitiveData(msg):
"""
@@ -4395,7 +4395,7 @@ def expandMnemonics(mnemonics, parser, args):
if not options:
warnMsg = "mnemonic '%s' can't be resolved" % name
logger.warn(warnMsg)
logger.warning(warnMsg)
elif name in options:
found = name
debugMsg = "mnemonic '%s' resolved to %s). " % (name, found)
@@ -4404,7 +4404,7 @@ def expandMnemonics(mnemonics, parser, args):
found = sorted(options.keys(), key=len)[0]
warnMsg = "detected ambiguity (mnemonic '%s' can be resolved to any of: %s). " % (name, ", ".join("'%s'" % key for key in options))
warnMsg += "Resolved to shortest of those ('%s')" % found
logger.warn(warnMsg)
logger.warning(warnMsg)
if found:
found = options[found]
@@ -4810,7 +4810,7 @@ def checkOldOptions(args):
warnMsg = "switch/option '%s' is deprecated" % _
if DEPRECATED_OPTIONS[_]:
warnMsg += " (hint: %s)" % DEPRECATED_OPTIONS[_]
logger.warn(warnMsg)
logger.warning(warnMsg)
def checkSystemEncoding():
"""
@@ -4828,7 +4828,7 @@ def checkSystemEncoding():
logger.critical(errMsg)
warnMsg = "temporary switching to charset 'cp1256'"
logger.warn(warnMsg)
logger.warning(warnMsg)
_reload_module(sys)
sys.setdefaultencoding("cp1256")

8
lib/core/dump.py
View File

@@ -421,7 +421,7 @@ class Dump(object):
tempDir = tempfile.mkdtemp(prefix="sqlmapdb")
warnMsg = "currently unable to use regular dump directory. "
warnMsg += "Using temporary directory '%s' instead" % tempDir
logger.warn(warnMsg)
logger.warning(warnMsg)
dumpDbPath = tempDir
@@ -445,7 +445,7 @@ class Dump(object):
warnMsg = "unable to create dump directory "
warnMsg += "'%s' (%s). " % (dumpDbPath, getSafeExString(ex))
warnMsg += "Using temporary directory '%s' instead" % tempDir
logger.warn(warnMsg)
logger.warning(warnMsg)
dumpDbPath = tempDir
@@ -624,7 +624,7 @@ class Dump(object):
_ = re.sub(r"[^\w]", UNSAFE_DUMP_FILEPATH_REPLACEMENT, normalizeUnicode(unsafeSQLIdentificatorNaming(column)))
filepath = os.path.join(dumpDbPath, "%s-%d.bin" % (_, randomInt(8)))
warnMsg = "writing binary ('%s') content to file '%s' " % (mimetype, filepath)
logger.warn(warnMsg)
logger.warning(warnMsg)
with openFile(filepath, "w+b", None) as f:
_ = safechardecode(value, True)
@@ -672,7 +672,7 @@ class Dump(object):
if not warnFile:
logger.info(msg)
else:
logger.warn(msg)
logger.warning(msg)
def dbColumns(self, dbColumnsDict, colConsider, dbs):
if conf.api:

36
lib/core/option.py
View File

@@ -475,7 +475,7 @@ def _setBulkMultipleTargets():
if not found and not conf.forms and not conf.crawlDepth:
warnMsg = "no usable links found (with GET parameters)"
logger.warn(warnMsg)
logger.warning(warnMsg)
def _findPageForms():
if not conf.forms or conf.crawlDepth:
@@ -523,7 +523,7 @@ def _findPageForms():
if not found:
warnMsg = "no forms found"
logger.warn(warnMsg)
logger.warning(warnMsg)
def _setDBMSAuthentication():
"""
@@ -607,16 +607,16 @@ def _setMetasploit():
warnMsg += "or more of the needed Metasploit executables "
warnMsg += "within msfcli, msfconsole, msfencode and "
warnMsg += "msfpayload do not exist"
logger.warn(warnMsg)
logger.warning(warnMsg)
else:
warnMsg = "you did not provide the local path where Metasploit "
warnMsg += "Framework is installed"
logger.warn(warnMsg)
logger.warning(warnMsg)
if not msfEnvPathExists:
warnMsg = "sqlmap is going to look for Metasploit Framework "
warnMsg += "installation inside the environment path(s)"
logger.warn(warnMsg)
logger.warning(warnMsg)
envPaths = os.environ.get("PATH", "").split(";" if IS_WIN else ":")
@@ -1202,10 +1202,10 @@ def _setHTTPHandlers():
if conf.proxy:
warnMsg += "with HTTP(s) proxy"
logger.warn(warnMsg)
logger.warning(warnMsg)
elif conf.authType:
warnMsg += "with authentication methods"
logger.warn(warnMsg)
logger.warning(warnMsg)
else:
handlers.append(keepAliveHandler)
@@ -1547,7 +1547,7 @@ def _setHTTPTimeout():
if conf.timeout < 3.0:
warnMsg = "the minimum HTTP timeout is 3 seconds, sqlmap "
warnMsg += "will going to reset it"
logger.warn(warnMsg)
logger.warning(warnMsg)
conf.timeout = 3.0
else:
@@ -1586,13 +1586,13 @@ def _createHomeDirectories():
if conf.get("outputDir") and context == "output":
warnMsg = "using '%s' as the %s directory" % (directory, context)
logger.warn(warnMsg)
logger.warning(warnMsg)
except (OSError, IOError) as ex:
tempDir = tempfile.mkdtemp(prefix="sqlmap%s" % context)
warnMsg = "unable to %s %s directory " % ("create" if not os.path.isdir(directory) else "write to the", context)
warnMsg += "'%s' (%s). " % (directory, getUnicode(ex))
warnMsg += "Using temporary directory '%s' instead" % getUnicode(tempDir)
logger.warn(warnMsg)
logger.warning(warnMsg)
paths["SQLMAP_%s_PATH" % context.upper()] = tempDir
@@ -1617,7 +1617,7 @@ def _createTemporaryDirectory():
tempfile.tempdir = conf.tmpDir
warnMsg = "using '%s' as the temporary directory" % conf.tmpDir
logger.warn(warnMsg)
logger.warning(warnMsg)
except (OSError, IOError) as ex:
errMsg = "there has been a problem while accessing "
errMsg += "temporary directory location(s) ('%s')" % getSafeExString(ex)
@@ -1632,7 +1632,7 @@ def _createTemporaryDirectory():
warnMsg += "make sure that there is enough disk space left. If problem persists, "
warnMsg += "try to set environment variable 'TEMP' to a location "
warnMsg += "writeable by the current user"
logger.warn(warnMsg)
logger.warning(warnMsg)
if "sqlmap" not in (tempfile.tempdir or "") or conf.tmpDir and tempfile.tempdir == conf.tmpDir:
try:
@@ -1832,7 +1832,7 @@ def _cleanupOptions():
warnMsg = "increasing default value for "
warnMsg += "option '--time-sec' to %d because " % conf.timeSec
warnMsg += "switch '--tor' was provided"
logger.warn(warnMsg)
logger.warning(warnMsg)
else:
kb.adjustTimeDelay = ADJUST_TIME_DELAY.DISABLE
@@ -2217,7 +2217,7 @@ def _useWizardInterface():
if not conf.crawlDepth and not conf.forms:
warnMsg += "Will search for forms"
conf.forms = True
logger.warn(warnMsg)
logger.warning(warnMsg)
choice = None
@@ -2473,7 +2473,7 @@ def _setTorHttpProxySettings():
warnMsg += "Tor anonymizing network because of "
warnMsg += "known issues with default settings of various 'bundles' "
warnMsg += "(e.g. Vidalia)"
logger.warn(warnMsg)
logger.warning(warnMsg)
def _setTorSocksProxySettings():
infoMsg = "setting Tor SOCKS proxy settings"
@@ -2553,7 +2553,7 @@ def _basicOptionValidation():
if isinstance(conf.limitStart, int) and conf.limitStart > 0 and \
isinstance(conf.limitStop, int) and conf.limitStop < conf.limitStart:
warnMsg = "usage of option '--start' (limitStart) which is bigger than value for --stop (limitStop) option is considered unstable"
logger.warn(warnMsg)
logger.warning(warnMsg)
if isinstance(conf.firstChar, int) and conf.firstChar > 0 and \
isinstance(conf.lastChar, int) and conf.lastChar < conf.firstChar:
@@ -2563,7 +2563,7 @@ def _basicOptionValidation():
if conf.proxyFile and not any((conf.randomAgent, conf.mobile, conf.agent, conf.requestFile)):
warnMsg = "usage of switch '--random-agent' is strongly recommended when "
warnMsg += "using option '--proxy-file'"
logger.warn(warnMsg)
logger.warning(warnMsg)
if conf.textOnly and conf.nullConnection:
errMsg = "switch '--text-only' is incompatible with switch '--null-connection'"
@@ -2671,7 +2671,7 @@ def _basicOptionValidation():
warnMsg = "increasing default value for "
warnMsg += "option '--retries' to %d because " % conf.retries
warnMsg += "option '--retry-on' was provided"
logger.warn(warnMsg)
logger.warning(warnMsg)
if conf.cookieDel and len(conf.cookieDel):

2
lib/core/settings.py
View File

@@ -20,7 +20,7 @@ from thirdparty import six
from thirdparty.six import unichr as _unichr
# sqlmap version (<major>.<minor>.<month>.<monthly commit>)
VERSION = "1.6.6.5"
VERSION = "1.6.6.6"
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)

6
lib/core/shell.py
View File

@@ -79,7 +79,7 @@ def saveHistory(completion=None):
readline.write_history_file(historyPath)
except IOError as ex:
warnMsg = "there was a problem writing the history file '%s' (%s)" % (historyPath, getSafeExString(ex))
logger.warn(warnMsg)
logger.warning(warnMsg)
except KeyboardInterrupt:
pass
@@ -103,12 +103,12 @@ def loadHistory(completion=None):
readline.read_history_file(historyPath)
except IOError as ex:
warnMsg = "there was a problem loading the history file '%s' (%s)" % (historyPath, getSafeExString(ex))
logger.warn(warnMsg)
logger.warning(warnMsg)
except UnicodeError:
if IS_WIN:
warnMsg = "there was a problem loading the history file '%s'. " % historyPath
warnMsg += "More info can be found at 'https://github.com/pyreadline/pyreadline/issues/30'"
logger.warn(warnMsg)
logger.warning(warnMsg)
def autoCompletion(completion=None, os=None, commands=None):
if not readlineAvailable():

16
lib/core/target.py
View File

@@ -106,7 +106,7 @@ def _setRequestParams():
# Perform checks on POST parameters
if conf.method == HTTPMETHOD.POST and conf.data is None:
logger.warn("detected empty POST body")
logger.warning("detected empty POST body")
conf.data = ""
if conf.data is not None:
@@ -247,7 +247,7 @@ def _setRequestParams():
warnMsg += "parameters (e.g. 'http://www.site.com/article.php?id=1') "
warnMsg += "and without providing any POST parameters "
warnMsg += "through option '--data'"
logger.warn(warnMsg)
logger.warning(warnMsg)
message = "do you want to try URI injections "
message += "in the target URL itself? [Y/n/q] "
@@ -283,7 +283,7 @@ def _setRequestParams():
warnMsg = "it seems that you've provided empty parameter value(s) "
warnMsg += "for testing. Please, always use only valid parameter values "
warnMsg += "so sqlmap could be able to run properly"
logger.warn(warnMsg)
logger.warning(warnMsg)
if not kb.processUserMarks:
if place == PLACE.URI:
@@ -582,7 +582,7 @@ def _setResultsFile():
os.close(handle)
conf.resultsFP = openFile(conf.resultsFile, "w+", UNICODE_ENCODING, buffering=0)
warnMsg += "Using temporary file '%s' instead" % conf.resultsFile
logger.warn(warnMsg)
logger.warning(warnMsg)
except IOError as _:
errMsg = "unable to write to the temporary directory ('%s'). " % _
errMsg += "Please make sure that your disk is not full and "
@@ -613,7 +613,7 @@ def _createFilesDir():
warnMsg = "unable to create files directory "
warnMsg += "'%s' (%s). " % (conf.filePath, getUnicode(ex))
warnMsg += "Using temporary directory '%s' instead" % getUnicode(tempDir)
logger.warn(warnMsg)
logger.warning(warnMsg)
conf.filePath = tempDir
@@ -635,7 +635,7 @@ def _createDumpDir():
warnMsg = "unable to create dump directory "
warnMsg += "'%s' (%s). " % (conf.dumpPath, getUnicode(ex))
warnMsg += "Using temporary directory '%s' instead" % getUnicode(tempDir)
logger.warn(warnMsg)
logger.warning(warnMsg)
conf.dumpPath = tempDir
@@ -658,7 +658,7 @@ def _createTargetDirs():
warnMsg = "unable to create output directory "
warnMsg += "'%s' (%s). " % (conf.outputPath, getUnicode(ex))
warnMsg += "Using temporary directory '%s' instead" % getUnicode(tempDir)
logger.warn(warnMsg)
logger.warning(warnMsg)
conf.outputPath = tempDir
@@ -681,7 +681,7 @@ def _createTargetDirs():
raise SqlmapMissingPrivileges(errMsg)
except UnicodeError as ex:
warnMsg = "something went wrong while saving target data ('%s')" % getSafeExString(ex)
logger.warn(warnMsg)
logger.warning(warnMsg)
_createDumpDir()
_createFilesDir()

2
lib/core/threads.py
View File

@@ -154,7 +154,7 @@ def runThreads(numThreads, threadFunction, cleanupFunction=None, forwardExceptio
if numThreads == 1:
warnMsg = "running in a single-thread mode. This could take a while"
logger.warn(warnMsg)
logger.warning(warnMsg)
if numThreads > 1:
if startThreadMsg:

2
lib/core/update.py
View File

@@ -68,7 +68,7 @@ def update():
elif not os.path.exists(os.path.join(paths.SQLMAP_ROOT_PATH, ".git")):
warnMsg = "not a git repository. It is recommended to clone the 'sqlmapproject/sqlmap' repository "
warnMsg += "from GitHub (e.g. 'git clone --depth 1 %s sqlmap')" % GIT_REPOSITORY
logger.warn(warnMsg)
logger.warning(warnMsg)
if VERSION == getLatestRevision():
logger.info("already at the latest revision '%s'" % getRevisionNumber())

2
lib/parse/sitemap.py
View File

@@ -51,6 +51,6 @@ def parseSitemap(url, retVal=None):
abortedFlag = True
warnMsg = "user aborted during sitemap parsing. sqlmap "
warnMsg += "will use partial list"
logger.warn(warnMsg)
logger.warning(warnMsg)
return retVal

12
lib/request/connect.py
View File

@@ -169,7 +169,7 @@ class Connect(object):
if conf.proxyList and threadData.retriesCount >= conf.retries and not kb.locks.handlers.locked():
warnMsg = "changing proxy"
logger.warn(warnMsg)
logger.warning(warnMsg)
conf.proxy = None
threadData.retriesCount = 0
@@ -312,7 +312,7 @@ class Connect(object):
conf.proxy = None
warnMsg = "changing proxy"
logger.warn(warnMsg)
logger.warning(warnMsg)
setHTTPHandlers()
@@ -703,7 +703,7 @@ class Connect(object):
conn.close()
except Exception as ex:
warnMsg = "problem occurred during connection closing ('%s')" % getSafeExString(ex)
logger.warn(warnMsg)
logger.warning(warnMsg)
except SqlmapConnectionException as ex:
if conf.proxyList and not kb.threadException:
@@ -730,7 +730,7 @@ class Connect(object):
except socket.timeout:
warnMsg = "connection timed out while trying "
warnMsg += "to get error page information (%d)" % ex.code
logger.warn(warnMsg)
logger.warning(warnMsg)
return None, None, None
except KeyboardInterrupt:
raise
@@ -927,7 +927,7 @@ class Connect(object):
if conf.retryOn and re.search(conf.retryOn, page, re.I):
if threadData.retriesCount < conf.retries:
warnMsg = "forced retry of the request because of undesired page content"
logger.warn(warnMsg)
logger.warning(warnMsg)
return Connect._retryProxy(**kwargs)
processResponse(page, responseHeaders, code, status)
@@ -1174,7 +1174,7 @@ class Connect(object):
if attempt > 0:
warnMsg = "unable to find anti-CSRF token '%s' at '%s'" % (conf.csrfToken._original, conf.csrfUrl or conf.url)
warnMsg += ". sqlmap is going to retry the request"
logger.warn(warnMsg)
logger.warning(warnMsg)
page, headers, code = Connect.getPage(url=conf.csrfUrl or conf.url, data=conf.data if conf.csrfUrl == conf.url else None, method=conf.csrfMethod or (conf.method if conf.csrfUrl == conf.url else None), cookie=conf.parameters.get(PLACE.COOKIE), direct=True, silent=True, ua=conf.parameters.get(PLACE.USER_AGENT), referer=conf.parameters.get(PLACE.REFERER), host=conf.parameters.get(PLACE.HOST))
page = urldecode(page) # for anti-CSRF tokens with special characters in their name (e.g. 'foo:bar=...')

6
lib/request/inject.py
View File

@@ -270,7 +270,7 @@ def _goInferenceProxy(expression, fromUser=False, batch=False, unpack=True, char
warnMsg += "of entries for the SQL query provided. "
warnMsg += "sqlmap will assume that it returns only "
warnMsg += "one entry"
logger.warn(warnMsg)
logger.warning(warnMsg)
stopLimit = 1
@@ -278,7 +278,7 @@ def _goInferenceProxy(expression, fromUser=False, batch=False, unpack=True, char
if not count:
warnMsg = "the SQL query provided does not "
warnMsg += "return any output"
logger.warn(warnMsg)
logger.warning(warnMsg)
return None
@@ -298,7 +298,7 @@ def _goInferenceProxy(expression, fromUser=False, batch=False, unpack=True, char
except KeyboardInterrupt:
print()
warnMsg = "user aborted during dumping phase"
logger.warn(warnMsg)
logger.warning(warnMsg)
return outputs

2
lib/takeover/abstraction.py
View File

@@ -211,7 +211,7 @@ class Abstraction(Web, UDF, XP_cmdshell):
warnMsg += "were able to extract and crack a DBA "
warnMsg += "password by any mean"
logger.warn(warnMsg)
logger.warning(warnMsg)
if any((conf.osCmd, conf.osShell)) and Backend.isDbms(DBMS.PGSQL) and self.checkCopyExec():
success = True

2
lib/takeover/icmpsh.py
View File

@@ -72,7 +72,7 @@ class ICMPsh(object):
raise SqlmapDataException("local host address is missing")
elif address and not valid:
warnMsg = "invalid local host address"
logger.warn(warnMsg)
logger.warning(warnMsg)
return address

12
lib/takeover/metasploit.py
View File

@@ -206,7 +206,7 @@ class Metasploit(object):
warnMsg = "by default PostgreSQL on Windows runs as "
warnMsg += "postgres user, it is unlikely that the VNC "
warnMsg += "injection will be successful"
logger.warn(warnMsg)
logger.warning(warnMsg)
elif Backend.isDbms(DBMS.MSSQL) and Backend.isVersionWithin(("2005", "2008")):
choose = True
@@ -215,7 +215,7 @@ class Metasploit(object):
warnMsg += "successful because usually Microsoft SQL Server "
warnMsg += "%s runs as Network Service " % Backend.getVersion()
warnMsg += "or the Administrator is not logged in"
logger.warn(warnMsg)
logger.warning(warnMsg)
if choose:
message = "what do you want to do?\n"
@@ -236,23 +236,23 @@ class Metasploit(object):
elif choice == "1":
if Backend.isDbms(DBMS.PGSQL):
logger.warn("beware that the VNC injection might not work")
logger.warning("beware that the VNC injection might not work")
break
elif Backend.isDbms(DBMS.MSSQL) and Backend.isVersionWithin(("2005", "2008")):
break
elif not isDigit(choice):
logger.warn("invalid value, only digits are allowed")
logger.warning("invalid value, only digits are allowed")
elif int(choice) < 1 or int(choice) > 2:
logger.warn("invalid value, it must be 1 or 2")
logger.warning("invalid value, it must be 1 or 2")
if self.connectionStr.startswith("reverse_http") and _payloadStr != "windows/meterpreter":
warnMsg = "Reverse HTTP%s connection is only supported " % ("S" if self.connectionStr.endswith("s") else "")
warnMsg += "with the Meterpreter payload. Falling back to "
warnMsg += "reverse TCP"
logger.warn(warnMsg)
logger.warning(warnMsg)
self.connectionStr = "reverse_tcp"

18
lib/takeover/udf.py
View File

@@ -198,7 +198,7 @@ class UDF(object):
if not self.isDba():
warnMsg = "functionality requested probably does not work because "
warnMsg += "the current session user is not a database administrator"
logger.warn(warnMsg)
logger.warning(warnMsg)
if not conf.shLib:
msg = "what is the local path of the shared library? "
@@ -209,7 +209,7 @@ class UDF(object):
if self.udfLocalFile:
break
else:
logger.warn("you need to specify the local path of the shared library")
logger.warning("you need to specify the local path of the shared library")
else:
self.udfLocalFile = conf.shLib
@@ -249,7 +249,7 @@ class UDF(object):
else:
break
else:
logger.warn("invalid value, only digits are allowed")
logger.warning("invalid value, only digits are allowed")
for x in xrange(0, udfCount):
while True:
@@ -260,7 +260,7 @@ class UDF(object):
self.udfs[udfName] = {}
break
else:
logger.warn("you need to specify the name of the UDF")
logger.warning("you need to specify the name of the UDF")
if Backend.isDbms(DBMS.MYSQL):
defaultType = "string"
@@ -280,7 +280,7 @@ class UDF(object):
break
else:
logger.warn("invalid value, only digits >= 0 are allowed")
logger.warning("invalid value, only digits >= 0 are allowed")
for y in xrange(0, parCount):
msg = "what is the data-type of input parameter "
@@ -290,7 +290,7 @@ class UDF(object):
parType = readInput(msg, default=defaultType).strip()
if parType.isdigit():
logger.warn("you need to specify the data-type of the parameter")
logger.warning("you need to specify the data-type of the parameter")
else:
self.udfs[udfName]["input"].append(parType)
@@ -303,7 +303,7 @@ class UDF(object):
retType = readInput(msg, default=defaultType)
if hasattr(retType, "isdigit") and retType.isdigit():
logger.warn("you need to specify the data-type of the return value")
logger.warning("you need to specify the data-type of the return value")
else:
self.udfs[udfName]["return"] = retType
break
@@ -346,7 +346,7 @@ class UDF(object):
else:
warnMsg = "invalid value, only digits >= 1 and "
warnMsg += "<= %d are allowed" % len(udfList)
logger.warn(warnMsg)
logger.warning(warnMsg)
if not isinstance(choice, int):
break
@@ -370,7 +370,7 @@ class UDF(object):
break
else:
logger.warn("you need to specify the value of the parameter")
logger.warning("you need to specify the value of the parameter")
count += 1

10
lib/takeover/web.py
View File

@@ -137,7 +137,7 @@ class Web(object):
if "File uploaded" not in (page or ""):
warnMsg = "unable to upload the file through the web file "
warnMsg += "stager to '%s'" % directory
logger.warn(warnMsg)
logger.warning(warnMsg)
return False
else:
return True
@@ -202,10 +202,10 @@ class Web(object):
choice = readInput(message, default=str(default))
if not isDigit(choice):
logger.warn("invalid value, only digits are allowed")
logger.warning("invalid value, only digits are allowed")
elif int(choice) < 1 or int(choice) > len(choices):
logger.warn("invalid value, it must be between 1 and %d" % len(choices))
logger.warning("invalid value, it must be between 1 and %d" % len(choices))
else:
self.webPlatform = choices[int(choice) - 1]
@@ -362,7 +362,7 @@ class Web(object):
if "<%" in uplPage or "<?" in uplPage:
warnMsg = "file stager uploaded on '%s', " % directory
warnMsg += "but not dynamically interpreted"
logger.warn(warnMsg)
logger.warning(warnMsg)
continue
elif self.webPlatform == WEB_PLATFORM.ASPX:
@@ -399,7 +399,7 @@ class Web(object):
warnMsg += "was able to upload the file stager or "
warnMsg += "because the DBMS and web server sit on "
warnMsg += "different servers"
logger.warn(warnMsg)
logger.warning(warnMsg)
message = "do you want to try the same method used "
message += "for the file stager? [Y/n] "

4
lib/takeover/xp_cmdshell.py
View File

@@ -270,7 +270,7 @@ class XP_cmdshell(object):
kb.xpCmdshellAvailable = True
else:
logger.warn("xp_cmdshell re-enabling failed")
logger.warning("xp_cmdshell re-enabling failed")
logger.info("creating xp_cmdshell with sp_OACreate")
self._xpCmdshellConfigure(0)
@@ -283,7 +283,7 @@ class XP_cmdshell(object):
else:
warnMsg = "xp_cmdshell creation failed, probably "
warnMsg += "because sp_OACreate is disabled"
logger.warn(warnMsg)
logger.warning(warnMsg)
hashDBWrite(HASHDB_KEYS.KB_XP_CMDSHELL_AVAILABLE, kb.xpCmdshellAvailable)

2
lib/techniques/blind/inference.py
View File

@@ -423,7 +423,7 @@ def bisection(payload, expression, length=None, charsetType=None, firstChar=None
if kb.adjustTimeDelay is not ADJUST_TIME_DELAY.DISABLE:
conf.timeSec += 1
warnMsg = "increasing time delay to %d second%s" % (conf.timeSec, 's' if conf.timeSec > 1 else '')
logger.warn(warnMsg)
logger.warning(warnMsg)
if kb.adjustTimeDelay is ADJUST_TIME_DELAY.YES:
dbgMsg = "turning off time auto-adjustment mechanism"

8
lib/techniques/error/use.py
View File

@@ -167,7 +167,7 @@ def _oneShotErrorUse(expression, field=None, chunkTest=False):
warnMsg = "possible server trimmed output detected "
warnMsg += "(due to its length and/or content): "
warnMsg += safecharencode(trimmed)
logger.warn(warnMsg)
logger.warning(warnMsg)
if not kb.testMode:
check = r"(?P<result>[^<>\n]*?)%s" % kb.chars.stop[:2]
@@ -351,7 +351,7 @@ def errorUse(expression, dump=False):
warnMsg += "of entries for the SQL query provided. "
warnMsg += "sqlmap will assume that it returns only "
warnMsg += "one entry"
logger.warn(warnMsg)
logger.warning(warnMsg)
stopLimit = 1
@@ -359,7 +359,7 @@ def errorUse(expression, dump=False):
if not count:
warnMsg = "the SQL query provided does not "
warnMsg += "return any output"
logger.warn(warnMsg)
logger.warning(warnMsg)
else:
value = [] # for empty tables
return value
@@ -445,7 +445,7 @@ def errorUse(expression, dump=False):
abortedFlag = True
warnMsg = "user aborted during enumeration. sqlmap "
warnMsg += "will display partial output"
logger.warn(warnMsg)
logger.warning(warnMsg)
finally:
threadData.shared.value.extend(_[1] for _ in sorted(threadData.shared.buffered))

4
lib/techniques/union/test.py
View File

@@ -275,7 +275,7 @@ def _unionPosition(comment, place, parameter, prefix, suffix, count, where=PAYLO
content = ("%s%s" % (removeReflectiveValues(page, payload) or "", removeReflectiveValues(listToStrValue(headers.headers if headers else None), payload, True) or "")).lower()
if content.count(phrase) > 0 and content.count(phrase) < LIMITED_ROWS_TEST_NUMBER:
warnMsg = "output with limited number of rows detected. Switching to partial mode"
logger.warn(warnMsg)
logger.warning(warnMsg)
vector = (position, count, comment, prefix, suffix, kb.uChar, where, kb.unionDuplicates, True, kb.tableFrom, kb.unionTemplate)
unionErrorCase = kb.errorIsNone and wasLastResponseDBMSError()
@@ -284,7 +284,7 @@ def _unionPosition(comment, place, parameter, prefix, suffix, count, where=PAYLO
warnMsg = "combined UNION/error-based SQL injection case found on "
warnMsg += "column %d. sqlmap will try to find another " % (position + 1)
warnMsg += "column with better characteristics"
logger.warn(warnMsg)
logger.warning(warnMsg)
else:
break

8
lib/techniques/union/use.py
View File

@@ -167,7 +167,7 @@ def _oneShotUnionUse(expression, unpack=True, limited=False):
warnMsg = "possible server trimmed output detected "
warnMsg += "(probably due to its length and/or content): "
warnMsg += safecharencode(trimmed)
logger.warn(warnMsg)
logger.warning(warnMsg)
elif re.search(r"ORDER BY [^ ]+\Z", expression):
debugMsg = "retrying failed SQL query without the ORDER BY clause"
@@ -304,7 +304,7 @@ def unionUse(expression, unpack=True, dump=False):
warnMsg += "of entries for the SQL query provided. "
warnMsg += "sqlmap will assume that it returns only "
warnMsg += "one entry"
logger.warn(warnMsg)
logger.warning(warnMsg)
stopLimit = 1
@@ -312,7 +312,7 @@ def unionUse(expression, unpack=True, dump=False):
if not count:
warnMsg = "the SQL query provided does not "
warnMsg += "return any output"
logger.warn(warnMsg)
logger.warning(warnMsg)
else:
value = [] # for empty tables
return value
@@ -429,7 +429,7 @@ def unionUse(expression, unpack=True, dump=False):
warnMsg = "user aborted during enumeration. sqlmap "
warnMsg += "will display partial output"
logger.warn(warnMsg)
logger.warning(warnMsg)
finally:
for _ in sorted(threadData.shared.buffered):

16
lib/utils/brute.py
View File

@@ -66,7 +66,7 @@ def tableExists(tableFile, regex=None):
if kb.choices.tableExists is None and not any(_ for _ in kb.injection.data if _ not in (PAYLOAD.TECHNIQUE.TIME, PAYLOAD.TECHNIQUE.STACKED)) and not conf.direct:
warnMsg = "it's not recommended to use '%s' and/or '%s' " % (PAYLOAD.SQLINJECTION[PAYLOAD.TECHNIQUE.TIME], PAYLOAD.SQLINJECTION[PAYLOAD.TECHNIQUE.STACKED])
warnMsg += "for common table existence check"
logger.warn(warnMsg)
logger.warning(warnMsg)
message = "are you sure you want to continue? [y/N] "
kb.choices.tableExists = readInput(message, default='N', boolean=True)
@@ -160,7 +160,7 @@ def tableExists(tableFile, regex=None):
except KeyboardInterrupt:
warnMsg = "user aborted during table existence "
warnMsg += "check. sqlmap will display partial output"
logger.warn(warnMsg)
logger.warning(warnMsg)
clearConsoleLine(True)
dataToStdout("\n")
@@ -169,7 +169,7 @@ def tableExists(tableFile, regex=None):
warnMsg = "no table(s) found"
if conf.db:
warnMsg += " for database '%s'" % conf.db
logger.warn(warnMsg)
logger.warning(warnMsg)
else:
for item in threadData.shared.files:
if conf.db not in kb.data.cachedTables:
@@ -190,7 +190,7 @@ def columnExists(columnFile, regex=None):
if kb.choices.columnExists is None and not any(_ for _ in kb.injection.data if _ not in (PAYLOAD.TECHNIQUE.TIME, PAYLOAD.TECHNIQUE.STACKED)) and not conf.direct:
warnMsg = "it's not recommended to use '%s' and/or '%s' " % (PAYLOAD.SQLINJECTION[PAYLOAD.TECHNIQUE.TIME], PAYLOAD.SQLINJECTION[PAYLOAD.TECHNIQUE.STACKED])
warnMsg += "for common column existence check"
logger.warn(warnMsg)
logger.warning(warnMsg)
message = "are you sure you want to continue? [y/N] "
kb.choices.columnExists = readInput(message, default='N', boolean=True)
@@ -281,7 +281,7 @@ def columnExists(columnFile, regex=None):
except KeyboardInterrupt:
warnMsg = "user aborted during column existence "
warnMsg += "check. sqlmap will display partial output"
logger.warn(warnMsg)
logger.warning(warnMsg)
finally:
kb.bruteMode = False
@@ -290,7 +290,7 @@ def columnExists(columnFile, regex=None):
if not threadData.shared.files:
warnMsg = "no column(s) found"
logger.warn(warnMsg)
logger.warning(warnMsg)
else:
columns = {}
@@ -394,7 +394,7 @@ def fileExists(pathFile):
except KeyboardInterrupt:
warnMsg = "user aborted during file existence "
warnMsg += "check. sqlmap will display partial output"
logger.warn(warnMsg)
logger.warning(warnMsg)
finally:
kb.bruteMode = False
logger.setLevel(popValue())
@@ -404,7 +404,7 @@ def fileExists(pathFile):
if not threadData.shared.files:
warnMsg = "no file(s) found"
logger.warn(warnMsg)
logger.warning(warnMsg)
else:
retVal = threadData.shared.files

6
lib/utils/crawler.py
View File

@@ -162,7 +162,7 @@ def crawl(target, post=None, cookie=None):
except SqlmapConnectionException as ex:
if "page not found" in getSafeExString(ex):
found = False
logger.warn("'sitemap.xml' not found")
logger.warning("'sitemap.xml' not found")
except:
pass
finally:
@@ -198,7 +198,7 @@ def crawl(target, post=None, cookie=None):
except KeyboardInterrupt:
warnMsg = "user aborted during crawling. sqlmap "
warnMsg += "will use partial list"
logger.warn(warnMsg)
logger.warning(warnMsg)
finally:
clearConsoleLine(True)
@@ -208,7 +208,7 @@ def crawl(target, post=None, cookie=None):
warnMsg = "no usable links found (with GET parameters)"
if conf.forms:
warnMsg += " or forms"
logger.warn(warnMsg)
logger.warning(warnMsg)
else:
for url in threadData.shared.value:
kb.targets.add((urldecode(url, kb.pageEncoding), None, None, None, None))

16
lib/utils/deps.py
View File

@@ -26,7 +26,7 @@ def checkDependencies():
warnMsg = "'%s' third-party library must be " % data[1]
warnMsg += "version >= 1.0.2 to work properly. "
warnMsg += "Download from '%s'" % data[2]
logger.warn(warnMsg)
logger.warning(warnMsg)
elif dbmsName == DBMS.MYSQL:
__import__("pymysql")
elif dbmsName in (DBMS.PGSQL, DBMS.CRATEDB):
@@ -62,7 +62,7 @@ def checkDependencies():
warnMsg = "sqlmap requires '%s' third-party library " % data[1]
warnMsg += "in order to directly connect to the DBMS "
warnMsg += "'%s'. Download from '%s'" % (dbmsName, data[2])
logger.warn(warnMsg)
logger.warning(warnMsg)
missing_libraries.add(data[1])
continue
@@ -78,7 +78,7 @@ def checkDependencies():
warnMsg = "sqlmap requires 'python-impacket' third-party library for "
warnMsg += "out-of-band takeover feature. Download from "
warnMsg += "'https://github.com/coresecurity/impacket'"
logger.warn(warnMsg)
logger.warning(warnMsg)
missing_libraries.add('python-impacket')
try:
@@ -89,7 +89,7 @@ def checkDependencies():
warnMsg = "sqlmap requires 'python-ntlm' third-party library "
warnMsg += "if you plan to attack a web application behind NTLM "
warnMsg += "authentication. Download from 'https://github.com/mullender/python-ntlm'"
logger.warn(warnMsg)
logger.warning(warnMsg)
missing_libraries.add('python-ntlm')
try:
@@ -100,7 +100,7 @@ def checkDependencies():
warnMsg = "sqlmap requires 'websocket-client' third-party library "
warnMsg += "if you plan to attack a web application using WebSocket. "
warnMsg += "Download from 'https://pypi.python.org/pypi/websocket-client/'"
logger.warn(warnMsg)
logger.warning(warnMsg)
missing_libraries.add('websocket-client')
try:
@@ -110,7 +110,7 @@ def checkDependencies():
except ImportError:
warnMsg = "sqlmap requires 'tkinter' library "
warnMsg += "if you plan to run a GUI"
logger.warn(warnMsg)
logger.warning(warnMsg)
missing_libraries.add('tkinter')
try:
@@ -120,7 +120,7 @@ def checkDependencies():
except ImportError:
warnMsg = "sqlmap requires 'tkinter.ttk' library "
warnMsg += "if you plan to run a GUI"
logger.warn(warnMsg)
logger.warning(warnMsg)
missing_libraries.add('tkinter.ttk')
if IS_WIN:
@@ -134,7 +134,7 @@ def checkDependencies():
warnMsg += "completion and history support features in the SQL "
warnMsg += "shell and OS shell. Download from "
warnMsg += "'https://pypi.org/project/pyreadline/'"
logger.warn(warnMsg)
logger.warning(warnMsg)
missing_libraries.add('python-pyreadline')
if len(missing_libraries) == 0:

12
lib/utils/hash.py
View File

@@ -701,7 +701,7 @@ def attackDumpedTable():
_ = ','.join(binary_fields)
warnMsg = "potential binary fields detected ('%s'). In case of any problems you are " % _
warnMsg += "advised to rerun table dump with '--fresh-queries --binary-fields=\"%s\"'" % _
logger.warn(warnMsg)
logger.warning(warnMsg)
for i in xrange(count):
if not found and i > HASH_RECOGNITION_QUIT_THRESHOLD:
@@ -1064,7 +1064,7 @@ def dictionaryAttack(attack_dict):
item = [(user, hash_), {"salt": hash_[4:12], "count": 1 << ITOA64.index(hash_[3]), "prefix": hash_[:3]}]
else:
warnMsg = "invalid hash '%s'" % hash_
logger.warn(warnMsg)
logger.warning(warnMsg)
if item and hash_ not in keys:
resumed = hashDBRetrieve(hash_)
@@ -1197,7 +1197,7 @@ def dictionaryAttack(attack_dict):
print()
processException = True
warnMsg = "user aborted during dictionary-based attack phase (Ctrl+C was pressed)"
logger.warn(warnMsg)
logger.warning(warnMsg)
finally:
_finalize(retVal, results, processes, attack_info)
@@ -1272,7 +1272,7 @@ def dictionaryAttack(attack_dict):
print()
processException = True
warnMsg = "user aborted during dictionary-based attack phase (Ctrl+C was pressed)"
logger.warn(warnMsg)
logger.warning(warnMsg)
for process in processes:
try:
@@ -1290,11 +1290,11 @@ def dictionaryAttack(attack_dict):
if foundHash and len(hash_regexes) == 0:
warnMsg = "unknown hash format"
logger.warn(warnMsg)
logger.warning(warnMsg)
if len(results) == 0:
warnMsg = "no clear password(s) found"
logger.warn(warnMsg)
logger.warning(warnMsg)
return results

4
lib/utils/hashdb.py
View File

@@ -116,7 +116,7 @@ class HashDB(object):
retVal = None
warnMsg = "error occurred while unserializing value for session key '%s'. " % key
warnMsg += "If the problem persists please rerun with '--flush-session'"
logger.warn(warnMsg)
logger.warning(warnMsg)
return retVal
@@ -163,7 +163,7 @@ class HashDB(object):
if retries == 0:
warnMsg = "there has been a problem while writing to "
warnMsg += "the session file ('%s')" % getSafeExString(ex)
logger.warn(warnMsg)
logger.warning(warnMsg)
if retries >= HASHDB_FLUSH_RETRIES:
return

6
lib/utils/pivotdumptable.py
View File

@@ -88,7 +88,7 @@ def pivotDumpTable(table, colList, count=None, blind=True, alias=None):
if not validPivotValue:
warnMsg = "column '%s' not " % conf.pivotColumn
warnMsg += "found in table '%s'" % table
logger.warn(warnMsg)
logger.warning(warnMsg)
if not validPivotValue:
for column in colList:
@@ -120,7 +120,7 @@ def pivotDumpTable(table, colList, count=None, blind=True, alias=None):
if not validPivotValue:
warnMsg = "no proper pivot column provided (with unique values)."
warnMsg += " It won't be possible to retrieve all rows"
logger.warn(warnMsg)
logger.warning(warnMsg)
pivotValue = " "
breakRetrieval = False
@@ -177,7 +177,7 @@ def pivotDumpTable(table, colList, count=None, blind=True, alias=None):
warnMsg = "user aborted during enumeration. sqlmap "
warnMsg += "will display partial output"
logger.warn(warnMsg)
logger.warning(warnMsg)
except SqlmapConnectionException as ex:
errMsg = "connection exception detected ('%s'). sqlmap " % getSafeExString(ex)

2
lib/utils/purge.py
View File

@@ -26,7 +26,7 @@ def purge(directory):
if not os.path.isdir(directory):
warnMsg = "skipping purging of directory '%s' as it does not exist" % directory
logger.warn(warnMsg)
logger.warning(warnMsg)
return
infoMsg = "purging content of directory '%s'..." % directory

2
lib/utils/search.py
View File

@@ -196,7 +196,7 @@ def search(dork):
logger.critical(getSafeExString(ex))
warnMsg = "changing proxy"
logger.warn(warnMsg)
logger.warning(warnMsg)
conf.proxy = None