Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 1bb061f

Browse files
bdamelebdamele
committed
improvements to --live-test
1 parent b3d9f1a commit 1bb061f

1 file changed

Lines changed: 25 additions & 23 deletions

File tree

lib/core/testing.py

Lines changed: 25 additions & 23 deletions
Original file line numberDiff line numberDiff line change
@@ -172,26 +172,34 @@ def liveTest():
172172
cleanCase()
173173
else:
174174
errMsg = "test failed "
175-
if failedTraceBack:
176-
errMsg += "(got a traceback) "
177-
traceback_fd = codecs.open("%s%straceback" % (paths.SQLMAP_OUTPUT_PATH, os.sep), "wb", UNICODE_ENCODING)
178-
traceback_fd.write(failedTraceBack)
179-
traceback_fd.close()
175+
180176
if failedItem:
181-
errMsg += "at parsing item: %s " % failedItem
177+
errMsg += "at parsing item \"%s\" " % failedItem
178+
179+
errMsg += "- scan folder: %s " % paths.SQLMAP_OUTPUT_PATH
180+
errMsg += "- traceback: %s" % bool(failedTraceBack)
181+
182+
if result is False:
183+
errMsg += " - SQL injection not detected"
184+
185+
logger.error(errMsg)
186+
182187
if failedParseOn:
183-
console_output_fd = codecs.open("%s%sconsole_output" % (paths.SQLMAP_OUTPUT_PATH, os.sep), "wb", UNICODE_ENCODING)
188+
console_output_fd = codecs.open(os.path.join(paths.SQLMAP_OUTPUT_PATH, "console_output"), "wb", UNICODE_ENCODING)
184189
console_output_fd.write(failedParseOn)
185190
console_output_fd.close()
186191

187-
errMsg += "- scan folder is %s" % paths.SQLMAP_OUTPUT_PATH
188-
logger.error(errMsg)
192+
if failedTraceBack:
193+
traceback_fd = codecs.open(os.path.join(paths.SQLMAP_OUTPUT_PATH, "traceback"), "wb", UNICODE_ENCODING)
194+
traceback_fd.write(failedTraceBack)
195+
traceback_fd.close()
196+
189197
beep()
190198

191199
if conf.stopFail is True:
192200
return retVal
193201

194-
retVal &= result
202+
retVal &= bool(result)
195203

196204
dataToStdout("\n")
197205

@@ -242,7 +250,6 @@ def runCase(switches=None, parse=None):
242250
unhandled_exception = None
243251
result = False
244252
console = ""
245-
tback = None
246253

247254
try:
248255
result = start()
@@ -258,15 +265,12 @@ def runCase(switches=None, parse=None):
258265
LOGGER_HANDLER.stream = sys.stdout = sys.__stdout__
259266

260267
if unhandled_exception:
261-
logger.error("unhandled exception occurred")
262-
tback = traceback.format_exc()
263-
retVal = False
268+
failedTraceBack = "unhandled exception: %s" % str(traceback.format_exc())
269+
retVal = None
264270
elif handled_exception:
265-
logger.error("handled exception occurred")
266-
tback = traceback.format_exc()
267-
retVal = False
268-
elif result is False: # if None, ignore
269-
logger.error("the test did not identify the SQL injection")
271+
failedTraceBack = "handled exception: %s" % str(traceback.format_exc())
272+
retVal = None
273+
elif result is False: # this means no SQL injection has been detected - if None, ignore
270274
retVal = False
271275

272276
console = getUnicode(console, system=True)
@@ -280,12 +284,12 @@ def runCase(switches=None, parse=None):
280284

281285
if item.startswith("r'") and item.endswith("'"):
282286
if not re.search(item[2:-1], parse_on, re.DOTALL):
283-
retVal = False
287+
retVal = None
284288
failedItem = item
285289
break
286290

287291
elif item not in parse_on:
288-
retVal = False
292+
retVal = None
289293
failedItem = item
290294
break
291295

@@ -294,8 +298,6 @@ def runCase(switches=None, parse=None):
294298

295299
elif retVal is False:
296300
failedParseOn = console
297-
if tback:
298-
failedTraceBack = tback
299301

300302
return retVal
301303

0 commit comments

Comments
 (0)