Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 22c3fe4

Browse files
stamparmstamparm
committed
some refactoring
1 parent dda979a commit 22c3fe4

7 files changed

Lines changed: 37 additions & 58 deletions

File tree

lib/controller/controller.py

Lines changed: 7 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -31,14 +31,13 @@
3131
from lib.core.common import parseTargetUrl
3232
from lib.core.common import randomStr
3333
from lib.core.common import readInput
34-
from lib.core.common import serializeObject
3534
from lib.core.common import showHttpErrorCodes
36-
from lib.core.common import unserializeObject
3735
from lib.core.convert import urlencode
3836
from lib.core.convert import urldecode
3937
from lib.core.data import conf
4038
from lib.core.data import kb
4139
from lib.core.data import logger
40+
from lib.core.enums import HASHDB_KEYS
4241
from lib.core.enums import HTTPHEADER
4342
from lib.core.enums import HTTPMETHOD
4443
from lib.core.enums import PAYLOAD
@@ -177,14 +176,12 @@ def __saveToSessionFile():
177176
setInjection(inj)
178177

179178
def __saveToHashDB():
180-
key = "kb.absFilePaths"
181-
value = unserializeObject(conf.hashDB.retrieve(key)) or set()
182-
value.update(kb.absFilePaths)
183-
conf.hashDB.write(key, serializeObject(value))
184-
185-
key = "kb.chars"
186-
if not conf.hashDB.retrieve(key):
187-
conf.hashDB.write(key, serializeObject(kb.chars))
179+
_ = conf.hashDB.retrieve(HASHDB_KEYS.KB_ABS_FILE_PATHS, True) or set()
180+
_.update(kb.absFilePaths)
181+
conf.hashDB.write(HASHDB_KEYS.KB_ABS_FILE_PATHS, _, True)
182+
183+
if not conf.hashDB.retrieve(HASHDB_KEYS.KB_CHARS):
184+
conf.hashDB.write(HASHDB_KEYS.KB_CHARS, kb.chars, True)
188185

189186
def __saveToResultsFile():
190187
if not conf.resultsFP:

lib/core/enums.py

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -121,6 +121,12 @@ class EXPECTED:
121121
BOOL = "bool"
122122
INT = "int"
123123

124+
class HASHDB_KEYS:
125+
KB_ABS_FILE_PATHS = "KB_ABS_FILE_PATHS"
126+
KB_CHARS = "KB_CHARS"
127+
KB_BRUTE_TABLES = "KB_BRUTE_TABLES"
128+
KB_BRUTE_COLUMNS = "KB_BRUTE_COLUMNS"
129+
124130
class REDIRECTION:
125131
FOLLOW = "1"
126132
ORIGINAL = "2"

lib/core/session.py

Lines changed: 0 additions & 31 deletions
Original file line numberDiff line numberDiff line change
@@ -274,37 +274,6 @@ def resumeConfKb(expression, url, value):
274274
elif conf.freshQueries:
275275
pass
276276

277-
elif expression == "TABLE_EXISTS" and url == conf.url:
278-
table = unSafeFormatString(value[:-1])
279-
split = '..' if Backend.getIdentifiedDbms() in (DBMS.MSSQL, DBMS.SYBASE) else '.'
280-
281-
if split in table:
282-
db, table = table.split(split)
283-
else:
284-
db = "%s%s" % (Backend.getIdentifiedDbms(), METADB_SUFFIX)
285-
286-
infoMsg = "resuming brute forced table name "
287-
infoMsg += "'%s' from session file" % table
288-
logger.info(infoMsg)
289-
290-
kb.brute.tables.append((db, table))
291-
292-
elif expression == "COLUMN_EXISTS" and url == conf.url:
293-
table, column = unSafeFormatString(value[:-1]).split('|')
294-
colName, colType = column.split(' ')
295-
split = '..' if Backend.getIdentifiedDbms() in (DBMS.MSSQL, DBMS.SYBASE) else '.'
296-
297-
if split in table:
298-
db, table = table.split(split)
299-
else:
300-
db = "%s%s" % (Backend.getIdentifiedDbms(), METADB_SUFFIX)
301-
302-
infoMsg = "resuming brute forced column name "
303-
infoMsg += "'%s' for table '%s' from session file" % (colName, table)
304-
logger.info(infoMsg)
305-
306-
kb.brute.columns.append((db, table, colName, colType))
307-
308277
elif expression == "xp_cmdshell availability" and url == conf.url:
309278
kb.xpCmdshellAvailable = True if unSafeFormatString(value[:-1]).lower() == "true" else False
310279
infoMsg = "resuming xp_cmdshell availability"

lib/core/target.py

Lines changed: 5 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -17,14 +17,14 @@
1717
from lib.core.common import intersect
1818
from lib.core.common import paramToDict
1919
from lib.core.common import readInput
20-
from lib.core.common import unserializeObject
2120
from lib.core.convert import urldecode
2221
from lib.core.data import cmdLineOptions
2322
from lib.core.data import conf
2423
from lib.core.data import kb
2524
from lib.core.data import logger
2625
from lib.core.data import paths
2726
from lib.core.dump import dumper
27+
from lib.core.enums import HASHDB_KEYS
2828
from lib.core.enums import HTTPMETHOD
2929
from lib.core.enums import PLACE
3030
from lib.core.exception import sqlmapFilePathException
@@ -209,8 +209,10 @@ def __resumeHashDBValues():
209209
Resume stored data values from HashDB
210210
"""
211211

212-
kb.absFilePaths = unserializeObject(conf.hashDB.retrieve("kb.absFilePaths")) or kb.absFilePaths
213-
kb.chars = unserializeObject(conf.hashDB.retrieve("kb.chars")) or kb.chars
212+
kb.absFilePaths = conf.hashDB.retrieve(HASHDB_KEYS.KB_ABS_FILE_PATHS, True) or kb.absFilePaths
213+
kb.chars = conf.hashDB.retrieve(HASHDB_KEYS.KB_CHARS, True) or kb.chars
214+
kb.brute.tables = conf.hashDB.retrieve(HASHDB_KEYS.KB_BRUTE_TABLES, True) or kb.brute.tables
215+
kb.brute.columns = conf.hashDB.retrieve(HASHDB_KEYS.KB_BRUTE_COLUMNS, True) or kb.brute.columns
214216

215217
def __setOutputResume():
216218
"""

lib/techniques/brute/use.py

Lines changed: 13 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -11,7 +11,6 @@
1111
import time
1212

1313
from lib.core.common import clearConsoleLine
14-
from lib.core.common import dataToSessionFile
1514
from lib.core.common import dataToStdout
1615
from lib.core.common import filterListValue
1716
from lib.core.common import getFileItems
@@ -28,6 +27,7 @@
2827
from lib.core.data import kb
2928
from lib.core.data import logger
3029
from lib.core.enums import DBMS
30+
from lib.core.enums import HASHDB_KEYS
3131
from lib.core.exception import sqlmapDataException
3232
from lib.core.exception import sqlmapMissingMandatoryOptionException
3333
from lib.core.exception import sqlmapThreadException
@@ -103,10 +103,6 @@ def tableExistsThread():
103103
threadData.shared.outputs.append(table)
104104
threadData.shared.unique.add(table.lower())
105105

106-
dataToSessionFile("[%s][%s][%s][TABLE_EXISTS][%s]\n" % (conf.url,\
107-
kb.injection.place, safeFormatString(conf.parameters[kb.injection.place]),\
108-
safeFormatString(fullTableName)))
109-
110106
if conf.verbose in (1, 2):
111107
clearConsoleLine(True)
112108
infoMsg = "[%s] [INFO] retrieved: %s\r\n" % (time.strftime("%X"), table)
@@ -139,6 +135,12 @@ def tableExistsThread():
139135
else:
140136
kb.data.cachedTables[conf.db].append(item)
141137

138+
for _ in map(lambda x: (conf.db, x), threadData.shared.outputs):
139+
if _ not in kb.brute.tables:
140+
kb.brute.tables.append(_)
141+
142+
conf.hashDB.write(HASHDB_KEYS.KB_BRUTE_TABLES, kb.brute.tables, True)
143+
142144
return kb.data.cachedTables
143145

144146
def columnExists(columnFile, regex=None):
@@ -230,10 +232,12 @@ def columnExistsThread():
230232
else:
231233
columns[column] = 'non-numeric'
232234

233-
dataToSessionFile("[%s][%s][%s][COLUMN_EXISTS][%s|%s %s]\n" % (conf.url, kb.injection.place,\
234-
safeFormatString(conf.parameters[kb.injection.place]), safeFormatString(table),\
235-
safeFormatString(column), safeFormatString(columns[column])))
236-
237235
kb.data.cachedColumns[conf.db] = {conf.tbl: columns}
238236

237+
for _ in map(lambda x: (conf.db, conf.tbl, x[0], x[1]), columns.items()):
238+
if _ not in kb.brute.columns:
239+
kb.brute.columns.append(_)
240+
241+
conf.hashDB.write(HASHDB_KEYS.KB_BRUTE_COLUMNS, kb.brute.columns, True)
242+
239243
return kb.data.cachedColumns

lib/techniques/error/use.py

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -15,7 +15,6 @@
1515
from lib.core.common import Backend
1616
from lib.core.common import BigArray
1717
from lib.core.common import calculateDeltaSeconds
18-
from lib.core.common import dataToSessionFile
1918
from lib.core.common import dataToStdout
2019
from lib.core.common import extractRegexResult
2120
from lib.core.common import getUnicode

lib/utils/hashdb.py

Lines changed: 6 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -11,6 +11,8 @@
1111
import sqlite3
1212
import threading
1313

14+
from lib.core.common import serializeObject
15+
from lib.core.common import unserializeObject
1416
from lib.core.data import conf
1517
from lib.core.settings import HASHDB_FLUSH_THRESHOLD
1618
from lib.core.settings import UNICODE_ENCODING
@@ -51,7 +53,7 @@ def hashKey(key):
5153
retVal = int(hashlib.md5(key).hexdigest()[:8], 16)
5254
return retVal
5355

54-
def retrieve(self, key):
56+
def retrieve(self, key, unserialize=False):
5557
retVal = None
5658
if key:
5759
hash_ = HashDB.hashKey(key)
@@ -66,13 +68,13 @@ def retrieve(self, key):
6668
raise
6769
else:
6870
break
69-
return retVal
71+
return retVal if not unserialize else unserializeObject(retVal)
7072

71-
def write(self, key, value):
73+
def write(self, key, value, serialize=False):
7274
if key:
7375
hash_ = HashDB.hashKey(key)
7476
self._cache_lock.acquire()
75-
self._write_cache[hash_] = value
77+
self._write_cache[hash_] = value if not serialize else serializeObject(value)
7678
self._cache_lock.release()
7779

7880
if getCurrentThreadName() in ('0', 'MainThread'):

0 commit comments

Comments
 (0)