Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 132a72c

Browse files
stamparmstamparm
committed
Minor update of logging messages
1 parent 8735a49 commit 132a72c

4 files changed

Lines changed: 27 additions & 32 deletions

File tree

lib/controller/checks.py

Lines changed: 15 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -7,6 +7,7 @@
77

88
import copy
99
import httplib
10+
import logging
1011
import os
1112
import random
1213
import re
@@ -629,11 +630,12 @@ def genCmpPayload():
629630
Backend.forceDbms(kb.dbmsFilter[0])
630631
elif not Backend.getIdentifiedDbms():
631632
if kb.heuristicDbms is None:
632-
warnMsg = "using unescaped version of the test "
633-
warnMsg += "because of zero knowledge of the "
634-
warnMsg += "back-end DBMS. You can try to "
635-
warnMsg += "explicitly set it with option '--dbms'"
636-
singleTimeWarnMessage(warnMsg)
633+
if kb.heuristicTest == HEURISTIC_TEST.POSITIVE or injection.data:
634+
warnMsg = "using unescaped version of the test "
635+
warnMsg += "because of zero knowledge of the "
636+
warnMsg += "back-end DBMS. You can try to "
637+
warnMsg += "explicitly set it with option '--dbms'"
638+
singleTimeWarnMessage(warnMsg)
637639
else:
638640
Backend.forceDbms(kb.heuristicDbms)
639641

@@ -1143,16 +1145,16 @@ def checkDynamicContent(firstPage, secondPage):
11431145
count += 1
11441146

11451147
if count > conf.retries:
1146-
warnMsg = "target URL is too dynamic. "
1148+
warnMsg = "target URL content appears to be too dynamic. "
11471149
warnMsg += "Switching to '--text-only' "
11481150
logger.warn(warnMsg)
11491151

11501152
conf.textOnly = True
11511153
return
11521154

1153-
warnMsg = "target URL is heavily dynamic"
1154-
warnMsg += ". sqlmap is going to retry the request"
1155-
logger.critical(warnMsg)
1155+
warnMsg = "target URL content appears to be heavily dynamic. "
1156+
warnMsg += "sqlmap is going to retry the request(s)"
1157+
singleTimeLogMessage(warnMsg, logging.CRITICAL)
11561158

11571159
secondPage, _, _ = Request.queryPage(content=True)
11581160
findDynamicContent(firstPage, secondPage)
@@ -1168,7 +1170,7 @@ def checkStability():
11681170
like for instance string matching (--string).
11691171
"""
11701172

1171-
infoMsg = "testing if the target URL is stable"
1173+
infoMsg = "testing if the target URL content is stable"
11721174
logger.info(infoMsg)
11731175

11741176
firstPage = kb.originalPage # set inside checkConnection()
@@ -1186,7 +1188,7 @@ def checkStability():
11861188

11871189
if kb.pageStable:
11881190
if firstPage:
1189-
infoMsg = "target URL is stable"
1191+
infoMsg = "target URL content is stable"
11901192
logger.info(infoMsg)
11911193
else:
11921194
errMsg = "there was an error checking the stability of page "
@@ -1196,12 +1198,11 @@ def checkStability():
11961198
logger.error(errMsg)
11971199

11981200
else:
1199-
warnMsg = "target URL is not stable. sqlmap will base the page "
1201+
warnMsg = "target URL content is not stable. sqlmap will base the page "
12001202
warnMsg += "comparison on a sequence matcher. If no dynamic nor "
12011203
warnMsg += "injectable parameters are detected, or in case of "
12021204
warnMsg += "junk results, refer to user's manual paragraph "
1203-
warnMsg += "'Page comparison' and provide a string or regular "
1204-
warnMsg += "expression to match on"
1205+
warnMsg += "'Page comparison'"
12051206
logger.warn(warnMsg)
12061207

12071208
message = "how do you want to proceed? [(C)ontinue/(s)tring/(r)egex/(q)uit] "

lib/controller/controller.py

Lines changed: 8 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -583,11 +583,11 @@ def start():
583583
errMsg += "(e.g. GET parameter 'id' in 'www.site.com/index.php?id=1')"
584584
raise SqlmapNoneDataException(errMsg)
585585
else:
586-
errMsg = "all tested parameters appear to be not injectable."
586+
errMsg = "all tested parameters do not appear to be injectable."
587587

588588
if conf.level < 5 or conf.risk < 3:
589-
errMsg += " Try to increase '--level'/'--risk' values "
590-
errMsg += "to perform more tests."
589+
errMsg += " Try to increase values for '--level'/'--risk' options "
590+
errMsg += "if you wish to perform more tests."
591591

592592
if isinstance(conf.tech, list) and len(conf.tech) < 5:
593593
errMsg += " Rerun without providing the option '--technique'."
@@ -610,15 +610,9 @@ def start():
610610

611611
if kb.heuristicTest == HEURISTIC_TEST.POSITIVE:
612612
errMsg += " As heuristic test turned out positive you are "
613-
errMsg += "strongly advised to continue on with the tests. "
614-
errMsg += "Please, consider usage of tampering scripts as "
615-
errMsg += "your target might filter the queries."
616-
617-
if not conf.string and not conf.notString and not conf.regexp:
618-
errMsg += " Also, you can try to rerun by providing "
619-
errMsg += "either a valid value for option '--string' "
620-
errMsg += "(or '--regexp')."
621-
elif conf.string:
613+
errMsg += "strongly advised to continue on with the tests."
614+
615+
if conf.string:
622616
errMsg += " Also, you can try to rerun by providing a "
623617
errMsg += "valid value for option '--string' as perhaps the string you "
624618
errMsg += "have chosen does not match "
@@ -631,8 +625,8 @@ def start():
631625

632626
if not conf.tamper:
633627
errMsg += " If you suspect that there is some kind of protection mechanism "
634-
errMsg += "involved (e.g. WAF) maybe you could retry "
635-
errMsg += "with an option '--tamper' (e.g. '--tamper=space2comment')"
628+
errMsg += "involved (e.g. WAF) maybe you could try to use "
629+
errMsg += "option '--tamper' (e.g. '--tamper=space2comment')"
636630

637631
raise SqlmapNotVulnerableException(errMsg.rstrip('.'))
638632
else:

lib/core/settings.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -19,7 +19,7 @@
1919
from lib.core.enums import OS
2020

2121
# sqlmap version (<major>.<minor>.<month>.<monthly commit>)
22-
VERSION = "1.1.11.35"
22+
VERSION = "1.1.11.36"
2323
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
2424
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
2525
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)

txt/checksum.md5

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -21,8 +21,8 @@ f96467fc5cd1d87f52dd7966c8ae6e79 extra/shutils/regressiontest.py
2121
5fb9aaf874daa47ea2b672a22740e56b extra/sqlharvest/__init__.py
2222
1fc7772edce5a01c31f3932b2fc4c1c6 extra/sqlharvest/sqlharvest.py
2323
21bf2b3a7a22b8cd5d96a6457a1b4997 lib/controller/action.py
24-
7683a078a1766a3ef60fc44701d76ad1 lib/controller/checks.py
25-
7d31b88dab81774316c99e6a8c9b5082 lib/controller/controller.py
24+
52192122202908c89bc84b8563d63280 lib/controller/checks.py
25+
2db2666dba713c710d248a62b2c1c1fe lib/controller/controller.py
2626
d2cdb9e832e18a81e936ca3348144b16 lib/controller/handler.py
2727
5fb9aaf874daa47ea2b672a22740e56b lib/controller/__init__.py
2828
fd69e56ce20a5a49ce10a7a745022378 lib/core/agent.py
@@ -46,7 +46,7 @@ e1c000db9be27f973569b1a430629037 lib/core/option.py
4646
760d9df2a27ded29109b390ab202e72d lib/core/replication.py
4747
a2466b62e67f8b31736bac4dac590e51 lib/core/revision.py
4848
02d4762140a72fd44668d3dab5eabda9 lib/core/session.py
49-
a8384d71c6ec22df3c2fc67bf660aee8 lib/core/settings.py
49+
e89b14c4721391f547a76476221beaa8 lib/core/settings.py
5050
35bffbad762eb9e03db9e93b1c991103 lib/core/shell.py
5151
a59ec28371ae067a6fdd8f810edbee3d lib/core/subprocessng.py
5252
d5a04d672a18f78deb2839c3745ff83c lib/core/target.py

0 commit comments

Comments
 (0)