Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 2129935

Browse files
bdamelebdamele
committed
Split character for tamper scripts (--tamper option) is now comma, not semi-colon.
Minor enhancement
1 parent 2dae934 commit 2129935

5 files changed

Lines changed: 47 additions & 36 deletions

File tree

lib/controller/controller.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -167,7 +167,7 @@ def start():
167167
if not checkConnection() or not checkString() or not checkRegexp():
168168
continue
169169

170-
if conf.useNullConnection:
170+
if conf.nullConnection:
171171
checkNullConnection()
172172

173173
if not conf.dropSetCookie and conf.cj:

lib/core/option.py

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -536,7 +536,7 @@ def __setTamperingFunctions():
536536
"""
537537

538538
if conf.tamper:
539-
for tfile in conf.tamper.split(';'):
539+
for tfile in conf.tamper.split(','):
540540
found = False
541541

542542
if not tfile:
@@ -980,8 +980,8 @@ def __cleanupOptions():
980980
conf.multipleTargets = True
981981

982982
if conf.optimize:
983-
conf.useCommonPrediction = conf.keepAlive = True
984-
conf.useNullConnection = not conf.textOnly
983+
conf.commonPrediction = conf.keepAlive = True
984+
conf.nullConnection = not conf.textOnly
985985

986986
def __setConfAttributes():
987987
"""
@@ -1207,11 +1207,11 @@ def __basicOptionValidation():
12071207
errMsg = "value for --threshold (thold) option must be in range [0,1]"
12081208
raise sqlmapSyntaxException, errMsg
12091209

1210-
if conf.textOnly and conf.useNullConnection:
1210+
if conf.textOnly and conf.nullConnection:
12111211
errMsg = "switch --text-only is incompatible with switch --null-connection"
12121212
raise sqlmapSyntaxException, errMsg
12131213

1214-
if conf.data and conf.useNullConnection:
1214+
if conf.data and conf.nullConnection:
12151215
errMsg = "switch --data is incompatible with switch --null-connection"
12161216
raise sqlmapSyntaxException, errMsg
12171217

lib/core/optiondict.py

Lines changed: 16 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -27,18 +27,16 @@
2727
"cookie": "string",
2828
"cookieUrlencode": "boolean",
2929
"dropSetCookie": "boolean",
30-
"referer": "string",
3130
"agent": "string",
3231
"userAgentsFile": "string",
32+
"referer": "string",
3333
"headers": "string",
3434
"aType": "string",
3535
"aCred": "string",
3636
"aCert": "string",
37-
"keepAlive": "boolean",
3837
"proxy": "string",
3938
"pCred": "string",
4039
"ignoreProxy": "boolean",
41-
"threads": "integer",
4240
"delay": "float",
4341
"timeout": "float",
4442
"retries": "integer",
@@ -47,6 +45,14 @@
4745
"saFreq": "integer"
4846
},
4947

48+
"Optimization": {
49+
"optimize": "boolean",
50+
"commonPrediction": "boolean",
51+
"keepAlive": "boolean",
52+
"nullConnection": "boolean",
53+
"threads": "integer"
54+
},
55+
5056
"Injection": {
5157
"testParameter": "string",
5258
"dbms": "string",
@@ -58,6 +64,8 @@
5864
"eString": "string",
5965
"eRegexp": "string",
6066
"thold": "float",
67+
"textOnly": "boolean",
68+
"tamper": "string"
6169
},
6270

6371
"Techniques": {
@@ -88,17 +96,19 @@
8896
"dumpTable": "boolean",
8997
"dumpAll": "boolean",
9098
"search": "boolean",
91-
"user": "string",
9299
"db": "string",
93100
"tbl": "string",
94101
"col": "string",
102+
"user": "string",
95103
"excludeSysDbs": "boolean",
96104
"limitStart": "integer",
97105
"limitStop": "integer",
98106
"firstChar": "integer",
99107
"lastChar": "integer",
100108
"query": "string",
101-
"sqlShell": "boolean"
109+
"sqlShell": "boolean",
110+
"cExists": "boolean",
111+
"tableFile": "string"
102112
},
103113

104114
"User-defined function": {
@@ -137,6 +147,7 @@
137147
"xmlFile": "string",
138148
"sessionFile": "string",
139149
"flushSession": "boolean",
150+
"forms": "boolean",
140151
"eta": "boolean",
141152
"googlePage": "integer",
142153
"updateAll": "boolean",

lib/parse/cmdline.py

Lines changed: 23 additions & 23 deletions
Original file line numberDiff line numberDiff line change
@@ -128,6 +128,28 @@ def cmdLineParser():
128128
request.add_option("--safe-freq", dest="saFreq", type="int", default=0,
129129
help="Test requests between two visits to a given safe url")
130130

131+
# Optimization options
132+
optimization = OptionGroup(parser, "Optimization", "These "
133+
"options can be used to optimize the "
134+
"performance of sqlmap.")
135+
136+
optimization.add_option("-o", dest="optimize",
137+
action="store_true", default=False,
138+
help="Use all optimization options")
139+
140+
optimization.add_option("--common-prediction", dest="commonPrediction", action="store_true",
141+
default=False, help="Use 'Good samaritan' feature")
142+
143+
optimization.add_option("--keep-alive", dest="keepAlive", action="store_true",
144+
default=False, help="Use persistent HTTP(s) connections")
145+
146+
optimization.add_option("--null-connection", dest="nullConnection", action="store_true",
147+
default=False, help="Retrieve page length without actual HTTP response body")
148+
149+
optimization.add_option("--threads", dest="threads", type="int", default=1,
150+
help="Maximum number of concurrent HTTP "
151+
"requests (default 1)")
152+
131153
# Injection options
132154
injection = OptionGroup(parser, "Injection", "These options can be "
133155
"used to specify which parameters to test "
@@ -415,28 +437,6 @@ def cmdLineParser():
415437
windows.add_option("--reg-type", dest="regType",
416438
help="Windows registry key value type")
417439

418-
# Optimization options
419-
optimization = OptionGroup(parser, "Optimization", "These "
420-
"options can be used to optimize the "
421-
"performance of sqlmap.")
422-
423-
optimization.add_option("-o", dest="optimize",
424-
action="store_true", default=False,
425-
help="Use all optimization options")
426-
427-
optimization.add_option("--common-prediction", dest="useCommonPrediction", action="store_true",
428-
default=False, help="Use 'Good samaritan' feature")
429-
430-
optimization.add_option("--keep-alive", dest="keepAlive", action="store_true",
431-
default=False, help="Use persistent HTTP(s) connections")
432-
433-
optimization.add_option("--null-connection", dest="useNullConnection", action="store_true",
434-
default=False, help="Retrieve page length without actual HTTP response body")
435-
436-
optimization.add_option("--threads", dest="threads", type="int", default=1,
437-
help="Maximum number of concurrent HTTP "
438-
"requests (default 1)")
439-
440440
# Miscellaneous options
441441
miscellaneous = OptionGroup(parser, "Miscellaneous")
442442

@@ -499,6 +499,7 @@ def cmdLineParser():
499499

500500
parser.add_option_group(target)
501501
parser.add_option_group(request)
502+
parser.add_option_group(optimization)
502503
parser.add_option_group(injection)
503504
parser.add_option_group(techniques)
504505
parser.add_option_group(fingerprint)
@@ -507,7 +508,6 @@ def cmdLineParser():
507508
parser.add_option_group(filesystem)
508509
parser.add_option_group(takeover)
509510
parser.add_option_group(windows)
510-
parser.add_option_group(optimization)
511511
parser.add_option_group(miscellaneous)
512512

513513
args = []

lib/techniques/blind/inference.py

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -45,7 +45,7 @@ def bisection(payload, expression, length=None, charsetType=None, firstChar=None
4545

4646
# Set kb.partRun in case "common prediction" feature (a.k.a. "good
4747
# samaritan") is used
48-
kb.partRun = getPartRun() if conf.useCommonPrediction else None
48+
kb.partRun = getPartRun() if conf.commonPrediction else None
4949

5050
if "LENGTH(" in expression or "LEN(" in expression:
5151
firstChar = 0
@@ -427,7 +427,7 @@ def downloadThread():
427427
# Common prediction feature (a.k.a. "good samaritan")
428428
# NOTE: to be used only when multi-threading is not set for
429429
# the moment
430-
if conf.useCommonPrediction and len(finalValue) > 0 and kb.partRun is not None:
430+
if conf.commonPrediction and len(finalValue) > 0 and kb.partRun is not None:
431431
val = None
432432
commonValue, commonPattern, commonCharset, otherCharset = goGoodSamaritan(finalValue, asciiTbl)
433433

0 commit comments

Comments
 (0)