code refactoring and some fixes

2025-12-06 20:51:31 +00:00 · 2010-12-18 09:51:34 +00:00
parent a067e805fa
commit fe67d3827c
10 changed files with 53 additions and 50 deletions
--- a/lib/core/common.py
+++ b/lib/core/common.py
@@ -48,6 +48,7 @@ from lib.core.convert import htmlunescape
 from lib.core.convert import urlencode
 from lib.core.enums import DBMS
 from lib.core.enums import PLACE
+from lib.core.enums import PAYLOAD
 from lib.core.exception import sqlmapFilePathException
 from lib.core.exception import sqlmapGenericException
 from lib.core.exception import sqlmapNoneDataException
@@ -1652,6 +1653,9 @@ def logHTTPTraffic(requestLogMsg, responseLogMsg):

    kb.locks.reqLock.release()

+def getPageTemplate(payload, place):
+    pass
+
 def getPublicTypeMembers(type_, onlyValues=False):
    """
    Useful for getting members from types (e.g. in enums)
@@ -1667,6 +1671,16 @@ def getPublicTypeMembers(type_, onlyValues=False):

    return retVal

+def enumValueToNameLookup(type_, value_):
+    retVal = None
+
+    for name, value in getPublicTypeMembers(type_):
+        if value == value_:
+            retVal = name
+            break
+
+    return retVal
+
 def extractRegexResult(regex, content, flags=0):
    retVal = None

@@ -1758,3 +1772,12 @@ def getTechniqueData(technique=None):

 def isTechniqueAvailable(technique=None):
    return getTechniqueData(technique) is not None
+
+def initTechnique(technique=None):
+    data = getTechniqueData(technique)
+    if data:
+        kb.pageTemplate = getPageTemplate(data.templatePayload, kb.injection.place)
+        kb.matchRatio = data.matchRatio
+    else:
+        warnMsg = "there is no injection data available for technique '%s'" % enumValueToNameLookup(PAYLOAD.TECHNIQUE, technique)
+        logger.warn(warnMsg)
--- a/lib/core/option.py
+++ b/lib/core/option.py
@@ -1091,7 +1091,6 @@ def __setConfAttributes():
    conf.httpHeaders      = []
    conf.hostname         = None
    conf.loggedToOut      = None
-    conf.matchRatio       = None
    conf.multipleTargets  = False
    conf.outputPath       = None
    conf.paramDict        = {}
@@ -1169,6 +1168,7 @@ def __setKnowledgeBaseAttributes():
    kb.locks.reqLock   = threading.Lock()
    kb.locks.seqLock   = None

+    kb.matchRatio      = None
    kb.nullConnection  = None
    kb.pageTemplate    = None
    kb.pageTemplates   = advancedDict()
@@ -1181,7 +1181,6 @@ def __setKnowledgeBaseAttributes():
    kb.osSP            = None

    kb.pageStable      = None
-    kb.paramMatchRatio = {}
    kb.partRun         = None
    kb.proxyAuthHeader = None
    kb.queryCounter    = 0
--- a/lib/core/session.py
+++ b/lib/core/session.py
@@ -65,17 +65,6 @@ def setRegexp():
    if condition:
        dataToSessionFile("[%s][None][None][Regular expression][%s]\n" % (conf.url, safeFormatString(conf.regexp)))

-def setMatchRatio():
-    condition = (
-                  isinstance(conf.matchRatio, (int, float))
-                  and ( not kb.resumedQueries
-                  or ( kb.resumedQueries.has_key(conf.url) and not
-                  kb.resumedQueries[conf.url].has_key("Match ratio") ) )
-                )
-
-    if condition:
-        dataToSessionFile("[%s][%s][%s][Match ratio][%s]\n" % (conf.url, kb.injection.place, safeFormatString(conf.parameters[kb.injection.place]), conf.matchRatio))
-
 def setInjection(inj):
    """
    Save information retrieved about injection place and parameter in the
@@ -336,17 +325,6 @@ def resumeConfKb(expression, url, value):
            if not test or test[0] in ("y", "Y"):
                conf.regexp = regexp

-    elif expression == "Match ratio" and url == conf.url and conf.matchRatio is None:
-        matchRatio = value[:-1]
-
-        logMsg = "resuming match ratio '%s' from session file" % matchRatio
-        logger.info(logMsg)
-
-        try:
-            conf.matchRatio = round(float(matchRatio), 3)
-        except ValueError:
-            pass
-
    elif expression == "Injection data" and url == conf.url:
        injection = base64unpickle(value[:-1])
        logMsg = "resuming injection data from session file"
--- a/lib/core/settings.py
+++ b/lib/core/settings.py
@@ -21,7 +21,7 @@ VERSION_STRING     = "sqlmap/%s" % VERSION
 DESCRIPTION        = "automatic SQL injection and database takeover tool"
 SITE               = "http://sqlmap.sourceforge.net"

-# minimum distance of ratio from conf.matchRatio to result in True
+# minimum distance of ratio from kb.matchRatio to result in True
 DIFF_TOLERANCE     = 0.05
 CONSTANT_RATIO     = 0.9