Skip to content

Fixed imports and other code #284

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
levigross wants to merge 1 commit into from
Closed

Fixed imports and other code #284

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
*.py[cod]
output/
.sqlmap_history
.idea/
2 changes: 0 additions & 2 deletions lib/__init__.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,5 +4,3 @@
Copyright (c) 2006-2012 sqlmap developers (http://sqlmap.org/)
See the file 'doc/COPYING' for copying permission
"""

pass
63 changes: 15 additions & 48 deletions lib/controller/checks.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,54 +13,21 @@
import time

from lib.core.agent import agent
from lib.core.common import arrayizeValue
from lib.core.common import Backend
from lib.core.common import beep
from lib.core.common import extractRegexResult
from lib.core.common import extractTextTagContent
from lib.core.common import findDynamicContent
from lib.core.common import Format
from lib.core.common import getComparePageRatio
from lib.core.common import getLastRequestHTTPError
from lib.core.common import getSortedInjectionTests
from lib.core.common import getUnicode
from lib.core.common import intersect
from lib.core.common import listToStrValue
from lib.core.common import parseFilePaths
from lib.core.common import popValue
from lib.core.common import pushValue
from lib.core.common import randomInt
from lib.core.common import randomStr
from lib.core.common import readInput
from lib.core.common import showStaticWords
from lib.core.common import singleTimeLogMessage
from lib.core.common import singleTimeWarnMessage
from lib.core.common import wasLastRequestDBMSError
from lib.core.common import wasLastRequestHTTPError
from lib.core.data import conf
from lib.core.data import kb
from lib.core.data import logger
from lib.core.data import queries
from lib.core.datatype import AttribDict
from lib.core.datatype import InjectionDict
from lib.core.enums import HEURISTIC_TEST
from lib.core.enums import HTTPHEADER
from lib.core.enums import HTTPMETHOD
from lib.core.enums import NULLCONNECTION
from lib.core.enums import PAYLOAD
from lib.core.enums import PLACE
from lib.core.exception import sqlmapConnectionException
from lib.core.exception import sqlmapNoneDataException
from lib.core.exception import sqlmapSilentQuitException
from lib.core.exception import sqlmapUserQuitException
from lib.core.settings import CONSTANT_RATIO
from lib.core.settings import FORMAT_EXCEPTION_STRINGS
from lib.core.settings import HEURISTIC_CHECK_ALPHABET
from lib.core.settings import SUHOSHIN_MAX_VALUE_LENGTH
from lib.core.settings import UNKNOWN_DBMS_VERSION
from lib.core.settings import LOWER_RATIO_BOUND
from lib.core.settings import UPPER_RATIO_BOUND
from lib.core.settings import IDS_WAF_CHECK_PAYLOAD
from lib.core.common import arrayizeValue, Backend, beep, extractRegexResult, extractTextTagContent, \
findDynamicContent, Format, getLastRequestHTTPError, getSortedInjectionTests, getUnicode, intersect, \
listToStrValue, parseFilePaths, popValue, pushValue, randomInt, randomStr, readInput, showStaticWords, \
singleTimeLogMessage, singleTimeWarnMessage, wasLastRequestDBMSError, wasLastRequestHTTPError

from lib.core.data import conf, kb, logger

from lib.core.datatype import AttribDict, InjectionDict
from lib.core.enums import HEURISTIC_TEST, HTTPHEADER, HTTPMETHOD, NULLCONNECTION, PAYLOAD, PLACE

from lib.core.exception import sqlmapConnectionException, sqlmapNoneDataException, sqlmapSilentQuitException ,\
sqlmapUserQuitException
from lib.core.settings import UPPER_RATIO_BOUND, FORMAT_EXCEPTION_STRINGS, HEURISTIC_CHECK_ALPHABET, \
SUHOSHIN_MAX_VALUE_LENGTH, UNKNOWN_DBMS_VERSION, LOWER_RATIO_BOUND, IDS_WAF_CHECK_PAYLOAD

from lib.core.threads import getCurrentThreadData
from lib.request.connect import Connect as Request
from lib.request.inject import checkBooleanExpression
Expand Down
62 changes: 14 additions & 48 deletions lib/controller/controller.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,55 +9,21 @@
import re

from lib.controller.action import action
from lib.controller.checks import checkSqlInjection
from lib.controller.checks import checkDynParam
from lib.controller.checks import checkStability
from lib.controller.checks import checkString
from lib.controller.checks import checkRegexp
from lib.controller.checks import checkConnection
from lib.controller.checks import checkNullConnection
from lib.controller.checks import checkWaf
from lib.controller.checks import heuristicCheckSqlInjection
from lib.controller.checks import checkSqlInjection, checkDynParam, checkStability, checkString, checkRegexp, \
checkConnection, checkNullConnection, checkWaf, heuristicCheckSqlInjection
from lib.core.agent import agent
from lib.core.common import extractRegexResult
from lib.core.common import getFilteredPageContent
from lib.core.common import getPublicTypeMembers
from lib.core.common import getUnicode
from lib.core.common import hashDBRetrieve
from lib.core.common import hashDBWrite
from lib.core.common import intersect
from lib.core.common import parseTargetUrl
from lib.core.common import randomStr
from lib.core.common import readInput
from lib.core.common import showHttpErrorCodes
from lib.core.common import urlencode
from lib.core.common import urldecode
from lib.core.data import conf
from lib.core.data import kb
from lib.core.data import logger
from lib.core.enums import HASHDB_KEYS
from lib.core.enums import HEURISTIC_TEST
from lib.core.enums import HTTPHEADER
from lib.core.enums import HTTPMETHOD
from lib.core.enums import PAYLOAD
from lib.core.enums import PLACE
from lib.core.exception import exceptionsTuple
from lib.core.exception import sqlmapNoneDataException
from lib.core.exception import sqlmapNotVulnerableException
from lib.core.exception import sqlmapSilentQuitException
from lib.core.exception import sqlmapValueException
from lib.core.exception import sqlmapUserQuitException
from lib.core.settings import ASP_NET_CONTROL_REGEX
from lib.core.settings import DEFAULT_COOKIE_DELIMITER
from lib.core.settings import DEFAULT_GET_POST_DELIMITER
from lib.core.settings import EMPTY_FORM_FIELDS_REGEX
from lib.core.settings import IGNORE_PARAMETERS
from lib.core.settings import LOW_TEXT_PERCENT
from lib.core.settings import HOST_ALIASES
from lib.core.settings import REFERER_ALIASES
from lib.core.settings import USER_AGENT_ALIASES
from lib.core.target import initTargetEnv
from lib.core.target import setupTargetEnv
from lib.core.common import extractRegexResult, getFilteredPageContent, getPublicTypeMembers, getUnicode,\
hashDBRetrieve, hashDBWrite, intersect, parseTargetUrl, randomStr, readInput, showHttpErrorCodes, urlencode, \
urldecode

from lib.core.data import conf, kb, logger
from lib.core.enums import HASHDB_KEYS, HEURISTIC_TEST, HTTPMETHOD, PAYLOAD, PLACE
from lib.core.exception import exceptionsTuple, sqlmapNoneDataException, sqlmapNotVulnerableException,\
sqlmapSilentQuitException, sqlmapValueException, sqlmapUserQuitException
from lib.core.settings import ASP_NET_CONTROL_REGEX, DEFAULT_GET_POST_DELIMITER, EMPTY_FORM_FIELDS_REGEX,\
IGNORE_PARAMETERS, LOW_TEXT_PERCENT, HOST_ALIASES, REFERER_ALIASES, USER_AGENT_ALIASES
from lib.core.target import initTargetEnv, setupTargetEnv

from thirdparty.pagerank.pagerank import get_pagerank

def __selectInjection():
Expand Down
15 changes: 3 additions & 12 deletions lib/controller/handler.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,18 +6,9 @@
"""

from lib.core.common import Backend
from lib.core.data import conf
from lib.core.data import logger
from lib.core.settings import MSSQL_ALIASES
from lib.core.settings import MYSQL_ALIASES
from lib.core.settings import ORACLE_ALIASES
from lib.core.settings import PGSQL_ALIASES
from lib.core.settings import SQLITE_ALIASES
from lib.core.settings import ACCESS_ALIASES
from lib.core.settings import FIREBIRD_ALIASES
from lib.core.settings import MAXDB_ALIASES
from lib.core.settings import SYBASE_ALIASES
from lib.core.settings import DB2_ALIASES
from lib.core.data import conf, logger
from lib.core.settings import MSSQL_ALIASES, MYSQL_ALIASES, ORACLE_ALIASES, PGSQL_ALIASES, SQLITE_ALIASES,\
ACCESS_ALIASES, FIREBIRD_ALIASES, MAXDB_ALIASES, SYBASE_ALIASES, DB2_ALIASES

from plugins.dbms.mssqlserver import MSSQLServerMap
from plugins.dbms.mssqlserver.connector import Connector as MSSQLServerConn
Expand Down
1 change: 0 additions & 1 deletion lib/core/__init__.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,4 +5,3 @@
See the file 'doc/COPYING' for copying permission
"""

pass
28 changes: 5 additions & 23 deletions lib/core/agent.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,31 +7,13 @@

import re

from xml.etree import ElementTree as ET

from lib.core.common import Backend
from lib.core.common import extractRegexResult
from lib.core.common import getSQLSnippet
from lib.core.common import isDBMSVersionAtLeast
from lib.core.common import isNumber
from lib.core.common import isTechniqueAvailable
from lib.core.common import randomInt
from lib.core.common import randomStr
from lib.core.common import singleTimeWarnMessage
from lib.core.data import conf
from lib.core.data import kb
from lib.core.data import queries
from lib.core.common import Backend, extractRegexResult, getSQLSnippet, isDBMSVersionAtLeast, isNumber, \
isTechniqueAvailable, randomInt, randomStr, singleTimeWarnMessage
from lib.core.data import conf, kb, queries
from lib.core.dicts import FROM_DUMMY_TABLE
from lib.core.dicts import SQL_STATEMENTS
from lib.core.enums import DBMS
from lib.core.enums import PAYLOAD
from lib.core.enums import PLACE
from lib.core.enums import POST_HINT
from lib.core.enums import DBMS, PAYLOAD, PLACE, POST_HINT
from lib.core.exception import sqlmapNoneDataException
from lib.core.settings import ASTERISK_MARKER
from lib.core.settings import CUSTOM_INJECTION_MARK_CHAR
from lib.core.settings import GENERIC_SQL_COMMENT
from lib.core.settings import PAYLOAD_DELIMITER
from lib.core.settings import ASTERISK_MARKER, CUSTOM_INJECTION_MARK_CHAR, GENERIC_SQL_COMMENT ,PAYLOAD_DELIMITER
from lib.core.unescaper import unescaper

class Agent:
Expand Down
116 changes: 26 additions & 90 deletions lib/core/common.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,6 @@
import logging
import ntpath
import os
import pickle
import posixpath
import random
import re
Expand All @@ -27,113 +26,50 @@
import urllib
import urlparse
import unicodedata

from ConfigParser import DEFAULTSECT
from ConfigParser import RawConfigParser
from StringIO import StringIO
from ConfigParser import DEFAULTSECT, RawConfigParser
from difflib import SequenceMatcher
from math import sqrt
from optparse import OptionValueError
from subprocess import PIPE
from subprocess import Popen as execute
from tempfile import mkstemp
from xml.etree import ElementTree as ET
from xml.dom import minidom
from xml.sax import parse

try:
from cStringIO import StringIO
except ImportError:
from StringIO import StringIO



from extra.cloak.cloak import decloak
from extra.safe2bin.safe2bin import safecharencode
from lib.core.bigarray import BigArray
from lib.core.data import conf
from lib.core.data import kb
from lib.core.data import logger
from lib.core.data import paths
from lib.core.convert import base64pickle
from lib.core.convert import base64unpickle
from lib.core.convert import htmlunescape
from lib.core.convert import stdoutencode
from lib.core.convert import unicodeencode
from lib.core.convert import utf8encode
from lib.core.data import conf, kb, logger, paths
from lib.core.convert import base64pickle, base64unpickle, htmlunescape, stdoutencode, unicodeencode, utf8encode
from lib.core.decorators import cachedmethod
from lib.core.dicts import DBMS_DICT
from lib.core.dicts import DEPRECATED_HINTS
from lib.core.dicts import SQL_STATEMENTS
from lib.core.enums import ADJUST_TIME_DELAY
from lib.core.enums import CHARSET_TYPE
from lib.core.enums import DBMS
from lib.core.enums import EXPECTED
from lib.core.enums import HEURISTIC_TEST
from lib.core.enums import HTTPHEADER
from lib.core.enums import HTTPMETHOD
from lib.core.enums import OS
from lib.core.enums import PLACE
from lib.core.enums import PAYLOAD
from lib.core.enums import REFLECTIVE_COUNTER
from lib.core.enums import SORT_ORDER
from lib.core.exception import sqlmapDataException
from lib.core.exception import sqlmapFilePathException
from lib.core.exception import sqlmapGenericException
from lib.core.exception import sqlmapNoneDataException
from lib.core.exception import sqlmapMissingDependence
from lib.core.exception import sqlmapSilentQuitException
from lib.core.exception import sqlmapSyntaxException
from lib.core.exception import sqlmapUserQuitException
from lib.core.log import FORMATTER
from lib.core.enums import ADJUST_TIME_DELAY, CHARSET_TYPE, DBMS, EXPECTED, HEURISTIC_TEST, HTTPHEADER, HTTPMETHOD, \
OS, PLACE, PAYLOAD, REFLECTIVE_COUNTER, SORT_ORDER
from lib.core.exception import sqlmapDataException, sqlmapFilePathException, sqlmapGenericException, \
sqlmapNoneDataException, sqlmapMissingDependence, sqlmapSilentQuitException, sqlmapSyntaxException, \
sqlmapUserQuitException
from lib.core.log import LOGGER_HANDLER
from lib.core.optiondict import optDict
from lib.core.settings import BOLD_PATTERNS
from lib.core.settings import CUSTOM_INJECTION_MARK_CHAR
from lib.core.settings import DBMS_DIRECTORY_DICT
from lib.core.settings import DEFAULT_COOKIE_DELIMITER
from lib.core.settings import DEFAULT_GET_POST_DELIMITER
from lib.core.settings import DEFAULT_MSSQL_SCHEMA
from lib.core.settings import DEPRECATED_OPTIONS
from lib.core.settings import DESCRIPTION
from lib.core.settings import DUMMY_SQL_INJECTION_CHARS
from lib.core.settings import DUMMY_USER_INJECTION
from lib.core.settings import DYNAMICITY_MARK_LENGTH
from lib.core.settings import ERROR_PARSING_REGEXES
from lib.core.settings import FORM_SEARCH_REGEX
from lib.core.settings import GENERIC_DOC_ROOT_DIRECTORY_NAMES
from lib.core.settings import HASHDB_MILESTONE_VALUE
from lib.core.settings import HOST_ALIASES
from lib.core.settings import INFERENCE_UNKNOWN_CHAR
from lib.core.settings import ISSUES_PAGE
from lib.core.settings import IS_WIN
from lib.core.settings import LARGE_OUTPUT_THRESHOLD
from lib.core.settings import MIN_TIME_RESPONSES
from lib.core.settings import ML
from lib.core.settings import NULL
from lib.core.settings import PARAMETER_AMP_MARKER
from lib.core.settings import PARAMETER_SEMICOLON_MARKER
from lib.core.settings import PARTIAL_VALUE_MARKER
from lib.core.settings import PAYLOAD_DELIMITER
from lib.core.settings import PLATFORM
from lib.core.settings import PRINTABLE_CHAR_REGEX
from lib.core.settings import PYVERSION
from lib.core.settings import REFERER_ALIASES
from lib.core.settings import REFLECTED_BORDER_REGEX
from lib.core.settings import REFLECTED_MAX_REGEX_PARTS
from lib.core.settings import REFLECTED_REPLACEMENT_REGEX
from lib.core.settings import REFLECTED_VALUE_MARKER
from lib.core.settings import REFLECTIVE_MISS_THRESHOLD
from lib.core.settings import REVISION
from lib.core.settings import SENSITIVE_DATA_REGEX
from lib.core.settings import SITE
from lib.core.settings import SUPPORTED_DBMS
from lib.core.settings import TEXT_TAG_REGEX
from lib.core.settings import TIME_STDEV_COEFF
from lib.core.settings import UNICODE_ENCODING
from lib.core.settings import UNKNOWN_DBMS_VERSION
from lib.core.settings import URI_QUESTION_MARKER
from lib.core.settings import URLENCODE_CHAR_LIMIT
from lib.core.settings import URLENCODE_FAILSAFE_CHARS
from lib.core.settings import USER_AGENT_ALIASES
from lib.core.settings import VERSION
from lib.core.settings import VERSION_STRING
from lib.core.settings import BOLD_PATTERNS, CUSTOM_INJECTION_MARK_CHAR, DBMS_DIRECTORY_DICT,\
DEFAULT_COOKIE_DELIMITER,DEFAULT_GET_POST_DELIMITER, DEFAULT_MSSQL_SCHEMA, DEPRECATED_OPTIONS, DESCRIPTION, \
DUMMY_SQL_INJECTION_CHARS, DUMMY_USER_INJECTION, DYNAMICITY_MARK_LENGTH, ERROR_PARSING_REGEXES, \
FORM_SEARCH_REGEX, GENERIC_DOC_ROOT_DIRECTORY_NAMES, HASHDB_MILESTONE_VALUE, HOST_ALIASES,\
INFERENCE_UNKNOWN_CHAR, ISSUES_PAGE, IS_WIN, LARGE_OUTPUT_THRESHOLD, MIN_TIME_RESPONSES, ML, \
NULL, PARAMETER_AMP_MARKER, PARAMETER_SEMICOLON_MARKER, PARTIAL_VALUE_MARKER, PAYLOAD_DELIMITER,\
PLATFORM, PRINTABLE_CHAR_REGEX, PYVERSION, REFERER_ALIASES, REFLECTED_BORDER_REGEX, REFLECTED_MAX_REGEX_PARTS, \
REFLECTED_REPLACEMENT_REGEX, REFLECTED_VALUE_MARKER, REFLECTIVE_MISS_THRESHOLD, REVISION, SENSITIVE_DATA_REGEX, \
SITE, SUPPORTED_DBMS, TEXT_TAG_REGEX, TIME_STDEV_COEFF, UNICODE_ENCODING, UNKNOWN_DBMS_VERSION, \
URI_QUESTION_MARKER, URLENCODE_CHAR_LIMIT, URLENCODE_FAILSAFE_CHARS, USER_AGENT_ALIASES, VERSION, VERSION_STRING
from lib.core.threads import getCurrentThreadData
from thirdparty.clientform.clientform import ParseResponse
from thirdparty.clientform.clientform import ParseError
from thirdparty.clientform.clientform import ParseResponse, ParseError
from thirdparty.magic import magic
from thirdparty.odict.odict import OrderedDict
from thirdparty.termcolor.termcolor import colored
Expand Down
Loading