Introducing --offline switch (to perform session only lookups)

stamparm · stamparm · commit 10f8c6a0b6a4 · 2015-07-10T16:10:24.000+02:00
diff --git a/lib/controller/checks.py b/lib/controller/checks.py
@@ -552,7 +552,7 @@ def genCmpPayload():
 
                         kb.previousMethod = method
 
-                        if conf.dummy:
+                        if conf.dummy or conf.offline:
                             injectable = False
 
                     # If the injection test was successful feed the injection
@@ -1142,7 +1142,7 @@ def checkWaf():
     Reference: http://seclists.org/nmap-dev/2011/q2/att-1005/http-waf-detect.nse
     """
 
-    if any((conf.string, conf.notString, conf.regexp)):
+    if any((conf.string, conf.notString, conf.regexp, conf.dummy, conf.offline)):
         return None
 
     dbmMsg = "heuristically checking if the target is protected by "
@@ -1290,7 +1290,7 @@ def checkNullConnection():
     return kb.nullConnection is not None
 
 def checkConnection(suppressOutput=False):
-    if not any((conf.proxy, conf.tor, conf.dummy)):
+    if not any((conf.proxy, conf.tor, conf.dummy, conf.offline)):
         try:
             debugMsg = "resolving hostname '%s'" % conf.hostname
             logger.debug(debugMsg)
@@ -1303,7 +1303,7 @@ def checkConnection(suppressOutput=False):
             errMsg += "resolving a host name '%s' ('%s')" % (conf.hostname, getUnicode(ex))
             raise SqlmapConnectionException(errMsg)
 
-    if not suppressOutput and not conf.dummy:
+    if not suppressOutput and not conf.dummy and not conf.offline:
         infoMsg = "testing connection to the target URL"
         logger.info(infoMsg)
 
diff --git a/lib/core/optiondict.py b/lib/core/optiondict.py
@@ -217,6 +217,7 @@
                                "disableColoring":   "boolean",
                                "googlePage":        "integer",
                                "mobile":            "boolean",
+                               "offline":           "boolean",
                                "pageRank":          "boolean",
                                "purgeOutput":       "boolean",
                                "smart":             "boolean",
diff --git a/lib/parse/cmdline.py b/lib/parse/cmdline.py
@@ -715,6 +715,10 @@ def cmdLineParser():
                                   action="store_true",
                                   help="Imitate smartphone through HTTP User-Agent header")
 
+        miscellaneous.add_option("--offline", dest="offline",
+                                  action="store_true",
+                                  help="Work in offline mode (only use session data)")
+
         miscellaneous.add_option("--page-rank", dest="pageRank",
                                   action="store_true",
                                   help="Display page rank (PR) for Google dork results")
diff --git a/lib/request/connect.py b/lib/request/connect.py
@@ -212,7 +212,9 @@ def getPage(**kwargs):
         elif conf.cpuThrottle:
             cpuThrottle(conf.cpuThrottle)
 
-        if conf.dummy:
+        if conf.offline:
+            return None, None, None
+        elif conf.dummy:
             return getUnicode(randomStr(int(randomInt()), alphabet=[chr(_) for _ in xrange(256)]), {}, int(randomInt())), None, None
 
         threadData = getCurrentThreadData()
diff --git a/lib/request/inject.py b/lib/request/inject.py
@@ -450,7 +450,7 @@ def getValue(expression, blind=True, union=True, error=True, time=True, fromUser
 
     kb.safeCharEncode = False
 
-    if not kb.testMode and value is None and Backend.getDbms() and conf.dbmsHandler and not conf.noCast and not conf.hexConvert:
+    if not any((kb.testMode, conf.dummy, conf.offline)) and value is None and Backend.getDbms() and conf.dbmsHandler and not conf.noCast and not conf.hexConvert:
         warnMsg = "in case of continuous data retrieval problems you are advised to try "
         warnMsg += "a switch '--no-cast' "
         warnMsg += "or switch '--hex'" if Backend.getIdentifiedDbms() not in (DBMS.ACCESS, DBMS.FIREBIRD) else ""
diff --git a/sqlmap.conf b/sqlmap.conf
@@ -754,6 +754,10 @@ identifyWaf = False
 # Valid: True or False
 mobile = False
 
+# Work in offline mode (only use session data)
+# Valid: True or False
+offline = False
+
 # Display page rank (PR) for Google dork results.
 # Valid: True or False
 pageRank = False
