Minor cleanup and one bug fix

lib/controller/checks.py

@@ -739,7 +739,7 @@ def checkSqlInjection(place, parameter, value):
             logger.warn(warnMsg)
 
             msg = "how do you want to proceed? [(S)kip current test/(e)nd detection phase/(n)ext parameter/(c)hange verbosity/(q)uit]"
-            choice = readInput(msg, default='S', checkBatch=False).strip().upper()
+            choice = readInput(msg, default='S', checkBatch=False).upper()
 
             if choice == 'C':
                 choice = None
@@ -747,7 +747,7 @@ def checkSqlInjection(place, parameter, value):
                     if choice:
                         logger.warn("invalid value")
                     msg = "enter new verbosity level: [0-6] "
-                    choice = readInput(msg, default=str(conf.verbose), checkBatch=False).strip()
+                    choice = readInput(msg, default=str(conf.verbose), checkBatch=False)
                 conf.verbose = int(choice)
                 setVerbosity()
                 tests.insert(0, test)
@@ -998,7 +998,7 @@ def heuristicCheckSqlInjection(place, parameter):
 
         if kb.ignoreCasted is None:
             message = "do you want to skip those kind of cases (and save scanning time)? %s " % ("[Y/n]" if conf.multipleTargets else "[y/N]")
-            kb.ignoreCasted = readInput(message, default='Y' if conf.multipleTargets else 'N').upper() != 'N'
+            kb.ignoreCasted = readInput(message, default='Y' if conf.multipleTargets else 'N', boolean=True)
 
     elif result:
         infoMsg += "be injectable"
@@ -1176,7 +1176,7 @@ def checkStability():
         logger.warn(warnMsg)
 
         message = "how do you want to proceed? [(C)ontinue/(s)tring/(r)egex/(q)uit] "
-        choice = readInput(message, default='C').strip().upper()
+        choice = readInput(message, default='C').upper()
 
         if choice == 'Q':
             raise SqlmapUserQuitException
@@ -1306,9 +1306,8 @@ def checkWaf():
         if not conf.identifyWaf:
             message = "do you want sqlmap to try to detect backend "
             message += "WAF/IPS/IDS? [y/N] "
-            output = readInput(message, default="N")
 
-            if output and output[0] in ("Y", "y"):
+            if readInput(message, default='N', boolean=True):
                 conf.identifyWaf = True
 
         if conf.timeout == defaults.timeout:

lib/controller/controller.py

@@ -116,11 +116,11 @@ def _selectInjection():
                 message += "\n"
 
         message += "[q] Quit"
-        select = readInput(message, default="0")
+        choice = readInput(message, default='0').upper()
 
-        if select.isdigit() and int(select) < len(kb.injections) and int(select) >= 0:
-            index = int(select)
-        elif select[0] in ("Q", "q"):
+        if choice.isdigit() and int(choice) < len(kb.injections) and int(choice) >= 0:
+            index = int(choice)
+        elif choice == 'Q':
             raise SqlmapUserQuitException
         else:
             errMsg = "invalid choice"
@@ -184,7 +184,7 @@ def _randomFillBlankFields(value):
     if extractRegexResult(EMPTY_FORM_FIELDS_REGEX, value):
         message = "do you want to fill blank fields with random values? [Y/n] "
 
-        if readInput(message, default="Y", boolean=True):
+        if readInput(message, default='Y', boolean=True):
             for match in re.finditer(EMPTY_FORM_FIELDS_REGEX, retVal):
                 item = match.group("result")
                 if not any(_ in item for _ in IGNORE_PARAMETERS) and not re.search(ASP_NET_CONTROL_REGEX, item):
@@ -306,7 +306,7 @@ def start():
                     message += "against '%s'. Do you want to skip " % conf.hostname
                     message += "further tests involving it? [Y/n]"
 
-                    kb.skipVulnHost = readInput(message, default="Y", boolean=True)
+                    kb.skipVulnHost = readInput(message, default='Y', boolean=True)
 
                 testSqlInj = not kb.skipVulnHost
 
@@ -334,7 +334,7 @@ def start():
                         continue
 
                     message += "\ndo you want to test this form? [Y/n/q] "
-                    choice = readInput(message, default='Y').strip().upper()
+                    choice = readInput(message, default='Y').upper()
 
                     if choice == 'N':
                         continue
@@ -360,7 +360,7 @@ def start():
 
                 else:
                     message += "\ndo you want to test this URL? [Y/n/q]"
-                    choice = readInput(message, default='Y').strip().upper()
+                    choice = readInput(message, default='Y').upper()
 
                     if choice == 'N':
                         dataToStdout(os.linesep)
@@ -640,7 +640,7 @@ def start():
                 logger.warn(warnMsg)
 
                 message = "do you want to skip to the next target in list? [Y/n/q]"
-                choice = readInput(message, default='Y').strip().upper()
+                choice = readInput(message, default='Y').upper()
 
                 if choice == 'N':
                     return False