Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 736b2e7

Browse files
bdamelebdamele
committed
Minor adjustments to the operating system fingerprint.
1 parent 727664a commit 736b2e7

6 files changed

Lines changed: 59 additions & 43 deletions

File tree

lib/core/common.py

Lines changed: 25 additions & 25 deletions
Original file line numberDiff line numberDiff line change
@@ -130,32 +130,34 @@ def formatDBMSfp(versions=None):
130130
return "%s %s" % (kb.dbms, " and ".join([version for version in versions]))
131131

132132

133-
def __formatFingerprintString(values, chain="or"):
133+
def __formatFingerprintString(values, chain=" or "):
134134
string = "|".join([v for v in values])
135-
return string.replace("|", " %s " % chain)
135+
return string.replace("|", chain)
136136

137137

138138
def formatFingerprint(target, info):
139139
"""
140140
This function format the back-end operating system fingerprint value
141141
and return its values formatted as a human readable string.
142142
143-
Examples of info dictionary:
143+
Example of info (kb.headersFp) dictionary:
144144
145145
{
146-
"distrib": set(["2000"]),
147-
"dbmsVersion": "8.00.194",
148-
"dbmsRelease": "2000",
149-
"dbmsServicePack": "0",
150-
"type": set(["Windows"])
146+
'distrib': set(['Ubuntu']),
147+
'type': set(['Linux']),
148+
'technology': set(['PHP 5.2.6', 'Apache 2.2.9']),
149+
'release': set(['8.10'])
151150
}
152151
152+
Example of info (kb.bannerFp) dictionary:
153+
153154
{
154-
"distrib": set(["Ubuntu"]),
155-
"release": set(["8.10"]),
156-
"codename": set(["Intrepid"]),
157-
"version": "5.0.67",
158-
"type": set(["Linux"])
155+
'sp': set(['Service Pack 4']),
156+
'dbmsVersion': '8.00.194',
157+
'dbmsServicePack': '0',
158+
'distrib': set(['2000']),
159+
'dbmsRelease': '2000',
160+
'type': set(['Windows'])
159161
}
160162
161163
@return: detected back-end operating system based upon fingerprint
@@ -165,25 +167,23 @@ def formatFingerprint(target, info):
165167

166168
infoStr = ""
167169

168-
if not info or "type" not in info:
169-
return infoStr
170-
else:
170+
if info and "type" in info:
171171
infoStr += "%s operating system: %s" % (target, __formatFingerprintString(info["type"]))
172172

173-
if "distrib" in info:
174-
infoStr += " %s" % __formatFingerprintString(info["distrib"])
173+
if "distrib" in info:
174+
infoStr += " %s" % __formatFingerprintString(info["distrib"])
175175

176-
if "release" in info:
177-
infoStr += " %s" % __formatFingerprintString(info["release"])
176+
if "release" in info:
177+
infoStr += " %s" % __formatFingerprintString(info["release"])
178178

179-
if "sp" in info:
180-
infoStr += " %s" % __formatFingerprintString(info["sp"])
179+
if "sp" in info:
180+
infoStr += " %s" % __formatFingerprintString(info["sp"])
181181

182-
if "codename" in info:
183-
infoStr += " (%s)" % __formatFingerprintString(info["codename"])
182+
if "codename" in info:
183+
infoStr += " (%s)" % __formatFingerprintString(info["codename"])
184184

185185
if "technology" in info:
186-
infoStr += "\nweb application technology: %s" % __formatFingerprintString(info["technology"], "and")
186+
infoStr += "\nweb application technology: %s" % __formatFingerprintString(info["technology"], ", ")
187187

188188
return infoStr
189189

lib/parse/handler.py

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -60,7 +60,8 @@ def __feedInfo(self, key, value):
6060
if key not in self.__info.keys():
6161
self.__info[key] = set()
6262

63-
self.__info[key].add(value)
63+
for v in value.split("|"):
64+
self.__info[key].add(v)
6465

6566

6667
def startElement(self, name, attrs):

sqlmap.conf

Lines changed: 18 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,22 @@
22

33
# Target URL.
44
# Example: http://192.168.1.121/sqlmap/mysql/get_int.php?id=1&cat=2
5-
url =
5+
# PHP and MySQL (local)
6+
#url = http://127.0.0.1/sqlmap/mysql/get_int.php?id=1
7+
# PHP and Oracle (local)
8+
#url = http://127.0.0.1/sqlmap/oracle/get_int.php?id=1
9+
# PHP and PostgreSQL (local)
10+
#url = http://127.0.0.1/sqlmap/pgsql/get_int.php?id=1
11+
# PHP and Microsoft SQL Server (remote)
12+
#url = http://127.0.0.1/sqlmap/mssql/get_int.php?id=1
13+
# PHP and MySQL (remote on Windows)
14+
#url = http://127.0.0.1/sqlmap/mysql/win_get_int.php?id=1
15+
# ASP and Microsoft SQL Server (local)
16+
#url = http://192.168.192.10/sqlmap/get_str.asp?name=luther
17+
# ASP and MySQL (local)
18+
#url = http://192.168.192.10/sqlmap/get_int.asp?id=1
19+
# ASP.NET and MySQL (local)
20+
#url = http://192.168.192.10/sqlmap/get_int.aspx?id=1
621

722
# Rather than providing a target url, let Google return target
823
# hosts as result of your Google dork expression. For a list of Google
@@ -34,10 +49,10 @@ referer =
3449
# HTTP User-Agent header. Useful to fake the HTTP User-Agent header value
3550
# at each HTTP request
3651
# sqlmap will also test for SQL injection on the HTTP User-Agent value.
37-
agent = sqlmap/0.6.1 (http://sqlmap.sourceforge.net)
52+
agent =
3853

3954
# Load a random HTTP User-Agent header from file
40-
# Example: txt/user-agents.txt
55+
# Example: ./txt/user-agents.txt
4156
userAgentsFile =
4257

4358
# HTTP Authentication type. Useful only if the target url requires

xml/banner/generic.xml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -56,7 +56,7 @@
5656
</regexp>
5757

5858
<regexp value="Debian">
59-
<info type="Linux" distrib="Debian or Ubuntu"/>
59+
<info type="Linux" distrib="Debian|Ubuntu"/>
6060
</regexp>
6161

6262
<regexp value="Fedora">

xml/banner/server.xml

Lines changed: 9 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -22,7 +22,7 @@
2222
</regexp>
2323

2424
<regexp value="Apache/2.0.52 \(CentOS\)">
25-
<info type="Linux" distrib="CentOS" release="4.3 or 4.4"/>
25+
<info type="Linux" distrib="CentOS" release="4.3|4.4"/>
2626
</regexp>
2727

2828
<regexp value="Apache/2.0.46 \(CentOS\)">
@@ -77,7 +77,7 @@
7777
</regexp>
7878

7979
<regexp value="Apache/2.2.6 \(Fedora\)">
80-
<info type="Linux" distrib="Fedora" release="6 or 7" updated="True"/>
80+
<info type="Linux" distrib="Fedora" release="6|7" updated="True"/>
8181
</regexp>
8282

8383
<!-- Apache: Red Hat -->
@@ -116,11 +116,11 @@
116116
</regexp>
117117

118118
<regexp value="Apache/1.3.27 \(Unix\) \(Red-Hat/Linux\)">
119-
<info type="Linux" distrib="Red Hat" release="7.1 or 7.2 or 7.3" updated="True"/>
119+
<info type="Linux" distrib="Red Hat" release="7.1|7.2|7.3" updated="True"/>
120120
</regexp>
121121

122122
<regexp value="Apache/2.0.40 \(Red Hat Linux\)">
123-
<info type="Linux" distrib="Red Hat" release="8.0 or 9"/>
123+
<info type="Linux" distrib="Red Hat" release="8.0|9"/>
124124
</regexp>
125125

126126
<regexp value="Apache/1.3.22 \(Unix\) \(Red-Hat/Linux\)">
@@ -197,7 +197,7 @@
197197
</regexp>
198198

199199
<regexp value="Apache/2.0.55 \(Ubuntu\)">
200-
<info type="Linux" distrib="Ubuntu" release="6.06 or 6.10"/>
200+
<info type="Linux" distrib="Ubuntu" release="6.06|6.10"/>
201201
</regexp>
202202

203203
<regexp value="Apache/2.2.3 \(Ubuntu\)">
@@ -224,7 +224,7 @@
224224
</regexp>
225225

226226
<regexp value="Apache/1.3.9 \(Unix\)\s+\(NetRevolution Advanced Server/Linux-Mandrake\)">
227-
<info type="Linux" distrib="Mandrake" release="6.1 or 7.0"/>
227+
<info type="Linux" distrib="Mandrake" release="6.1|7.0"/>
228228
</regexp>
229229

230230
<regexp value="Apache-AdvancedExtranetServer/1.3.12 \(NetRevolution/Linux-Mandrake\)">
@@ -264,7 +264,7 @@
264264
</regexp>
265265

266266
<regexp value="Apache-AdvancedExtranetServer/2.0.47 \(Mandrake Linux/">
267-
<info type="Linux" distrib="Mandrake" release="9.1 or 9.2"/>
267+
<info type="Linux" distrib="Mandrake" release="9.1|9.2"/>
268268
</regexp>
269269

270270
<regexp value="Apache-AdvancedExtranetServer/1.3.29 \(Mandrake Linux/">
@@ -280,7 +280,7 @@
280280
</regexp>
281281

282282
<regexp value="Apache-AdvancedExtranetServer/2.0.50 \(Mandrake Linux/">
283-
<info type="Linux" distrib="Mandrake" release="10.0 or 10.1"/>
283+
<info type="Linux" distrib="Mandrake" release="10.0|10.1"/>
284284
</regexp>
285285

286286
<regexp value="Apache-AdvancedExtranetServer/2.0.53 \(Mandriva Linux/">
@@ -308,7 +308,7 @@
308308

309309
<regexp value="Apache/1.3.12 \(Unix\) \(SuSE/Linux\)">
310310
<info technology="operating-system.type" type="str" value="Linux"/>
311-
<info type="Linux" distrib="SuSE" release="6.4 or 7.0"/>
311+
<info type="Linux" distrib="SuSE" release="6.4|7.0"/>
312312
</regexp>
313313

314314
<regexp value="Apache/1.3.17 \(Unix\) \(SuSE/Linux\)">

xml/banner/x-powered-by.xml

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -9,15 +9,15 @@
99
<info technology="JSP" tech_version="1"/>
1010
</regexp>
1111

12-
<regexp value="ASP">
13-
<info technology="ASP" type="Windows" distrib="2000|XP|2003|2008|Vista"/>
12+
<regexp value="ASP[\/]*$">
13+
<info technology="ASP" type="Windows"/>
1414
</regexp>
1515

1616
<regexp value="ASP\.NET">
17-
<info technology="ASP.NET" type="Windows" distrib="2000|XP|2003|2008|Vista"/>
17+
<info technology="ASP.NET" type="Windows"/>
1818
</regexp>
1919

20-
<regexp value="(JBoss|Servlet|Tomcat)[\-\_\/\ ]([\d\.]+)">
20+
<regexp value="(JBoss|Servlet|Tomcat)[\-\_\/\ ]*([\d\.]+)">
2121
<info technology="Tomcat" tech_version="2"/>
2222
</regexp>
2323
</root>

0 commit comments

Comments
 (0)