Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit ec44e88

Browse files
stamparmstamparm
committed
lots of refactoring regarding removal of already obsolete session file mechanism
1 parent 1e67b4f commit ec44e88

9 files changed

Lines changed: 137 additions & 400 deletions

File tree

lib/core/common.py

Lines changed: 0 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -738,13 +738,6 @@ def dataToStdout(data, forceOutput=False):
738738
logging._releaseLock()
739739
setFormatterPrependFlag(len(data) == 1 and data not in ('\n', '\r') or len(data) > 2 and data[0] == '\r' and data[-1] != '\n')
740740

741-
def dataToSessionFile(data):
742-
if not conf.sessionFile or kb.suppressSession:
743-
return
744-
745-
conf.sessionFP.write(data)
746-
conf.sessionFP.flush()
747-
748741
def dataToTrafficFile(data):
749742
if not conf.trafficFile:
750743
return

lib/core/enums.py

Lines changed: 7 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -143,14 +143,16 @@ class EXPECTED:
143143
INT = "int"
144144

145145
class HASHDB_KEYS:
146+
DBMS = "DBMS"
147+
CONF_TMP_PATH = "CONF_TMP_PATH"
146148
KB_ABS_FILE_PATHS = "KB_ABS_FILE_PATHS"
147-
KB_CHARS = "KB_CHARS"
148-
KB_BRUTE_TABLES = "KB_BRUTE_TABLES"
149149
KB_BRUTE_COLUMNS = "KB_BRUTE_COLUMNS"
150-
CONF_TMP_PATH = "CONF_TMP_PATH"
151-
KB_XP_CMDSHELL_AVAILABLE = "KB_XP_CMDSHELL_AVAILABLE"
152-
KB_INJECTIONS = "KB_INJECTIONS"
150+
KB_BRUTE_TABLES = "KB_BRUTE_TABLES"
151+
KB_CHARS = "KB_CHARS"
153152
KB_DYNAMIC_MARKINGS = "KB_DYNAMIC_MARKINGS"
153+
KB_INJECTIONS = "KB_INJECTIONS"
154+
KB_XP_CMDSHELL_AVAILABLE = "KB_XP_CMDSHELL_AVAILABLE"
155+
OS = "OS"
154156

155157
class REDIRECTION:
156158
YES = "Y"

lib/core/option.py

Lines changed: 0 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1497,13 +1497,11 @@ def __setKnowledgeBaseAttributes(flushAll=True):
14971497
kb.reflectiveMechanism = True
14981498
kb.reflectiveCounters = {REFLECTIVE_COUNTER.MISS:0, REFLECTIVE_COUNTER.HIT:0}
14991499
kb.responseTimes = []
1500-
kb.resumedQueries = {}
15011500
kb.resumeValues = True
15021501
kb.safeCharEncode = False
15031502
kb.singleLogFlags = set()
15041503
kb.skipOthersDbms = None
15051504
kb.stickyFlag = False
1506-
kb.suppressSession = False
15071505
kb.suppressResumeInfo = False
15081506
kb.technique = None
15091507
kb.testMode = False

lib/core/session.py

Lines changed: 8 additions & 108 deletions
Original file line numberDiff line numberDiff line change
@@ -11,7 +11,7 @@
1111

1212
from lib.core.common import Backend
1313
from lib.core.common import Format
14-
from lib.core.common import dataToSessionFile
14+
from lib.core.common import hashDBWrite
1515
from lib.core.common import intersect
1616
from lib.core.common import readInput
1717
from lib.core.common import singleTimeWarnMessage
@@ -20,42 +20,25 @@
2020
from lib.core.data import conf
2121
from lib.core.data import kb
2222
from lib.core.data import logger
23+
from lib.core.enums import HASHDB_KEYS
2324
from lib.core.enums import OS
2425
from lib.core.settings import SUPPORTED_DBMS
2526
from lib.core.settings import UNKNOWN_DBMS_VERSION
2627

27-
def safeFormatString(value):
28-
retVal = value
29-
if retVal:
30-
retVal = retVal.replace("[", "__LEFT_SQUARE_BRACKET__").replace("]", "__RIGHT_SQUARE_BRACKET__")
31-
return retVal
32-
33-
def unSafeFormatString(value):
34-
retVal = value
35-
if retVal:
36-
retVal = retVal.replace("__LEFT_SQUARE_BRACKET__", "[").replace("__RIGHT_SQUARE_BRACKET__", "]")
37-
return retVal
38-
3928
def setDbms(dbms):
4029
"""
4130
@param dbms: database management system to be set into the knowledge
4231
base as fingerprint.
4332
@type dbms: C{str}
4433
"""
45-
condition = (
46-
not kb.resumedQueries
47-
or ( kb.resumedQueries.has_key(conf.url) and
48-
not kb.resumedQueries[conf.url].has_key("DBMS") )
49-
)
5034

51-
if condition:
52-
dataToSessionFile("[%s][%s][%s][DBMS][%s]\n" % (conf.url, kb.injection.place, safeFormatString(conf.parameters[kb.injection.place]), safeFormatString(dbms)))
35+
hashDBWrite(HASHDB_KEYS.DBMS, dbms)
5336

54-
firstRegExp = "(%s)" % ("|".join([alias for alias in SUPPORTED_DBMS]))
55-
dbmsRegExp = re.search("^%s" % firstRegExp, dbms, re.I)
37+
_ = "(%s)" % ("|".join([alias for alias in SUPPORTED_DBMS]))
38+
_ = re.search("^%s" % _, dbms, re.I)
5639

57-
if dbmsRegExp:
58-
dbms = dbmsRegExp.group(1)
40+
if _:
41+
dbms = _.group(1)
5942

6043
Backend.setDbms(dbms)
6144

@@ -76,11 +59,6 @@ def setOs():
7659
"""
7760

7861
infoMsg = ""
79-
condition = (
80-
not kb.resumedQueries
81-
or ( kb.resumedQueries.has_key(conf.url) and
82-
not kb.resumedQueries[conf.url].has_key("OS") )
83-
)
8462

8563
if not kb.bannerFp:
8664
return
@@ -105,82 +83,4 @@ def setOs():
10583
if infoMsg:
10684
logger.info(infoMsg)
10785

108-
if condition:
109-
dataToSessionFile("[%s][%s][%s][OS][%s]\n" % (conf.url, kb.injection.place, safeFormatString(conf.parameters[kb.injection.place]), Backend.getOs()))
110-
111-
def resumeConfKb(expression, url, value):
112-
if expression == "Dynamic markings" and url == conf.url:
113-
kb.dynamicMarkings = base64unpickle(value[:-1])
114-
infoMsg = "resuming dynamic markings from session file"
115-
logger.info(infoMsg)
116-
117-
elif expression == "DBMS" and url == conf.url:
118-
dbms = unSafeFormatString(value[:-1])
119-
dbms = dbms.lower()
120-
dbmsVersion = [UNKNOWN_DBMS_VERSION]
121-
122-
firstRegExp = "(%s)" % ("|".join([alias for alias in SUPPORTED_DBMS]))
123-
dbmsRegExp = re.search("%s ([\d\.]+)" % firstRegExp, dbms)
124-
125-
if dbmsRegExp:
126-
dbms = dbmsRegExp.group(1)
127-
dbmsVersion = [ dbmsRegExp.group(2) ]
128-
129-
if conf.dbms and conf.dbms.lower() != dbms:
130-
message = "you provided '%s' as back-end DBMS, " % conf.dbms
131-
message += "but from a past scan information on the target URL "
132-
message += "sqlmap assumes the back-end DBMS is %s. " % dbms
133-
message += "Do you really want to force the back-end "
134-
message += "DBMS value? [y/N] "
135-
test = readInput(message, default="N")
136-
137-
if not test or test[0] in ("n", "N"):
138-
conf.dbms = None
139-
Backend.setDbms(dbms)
140-
Backend.setVersionList(dbmsVersion)
141-
else:
142-
infoMsg = "resuming back-end DBMS '%s' " % dbms
143-
infoMsg += "from session file"
144-
logger.info(infoMsg)
145-
146-
Backend.setDbms(dbms)
147-
Backend.setVersionList(dbmsVersion)
148-
149-
elif expression == "OS" and url == conf.url:
150-
os = unSafeFormatString(value[:-1])
151-
152-
if os and os != 'None':
153-
infoMsg = "resuming back-end DBMS operating system '%s' " % os
154-
infoMsg += "from session file"
155-
logger.info(infoMsg)
156-
157-
if conf.os and conf.os.lower() != os.lower():
158-
message = "you provided '%s' as back-end DBMS operating " % conf.os
159-
message += "system, but from a past scan information on the "
160-
message += "target URL sqlmap assumes the back-end DBMS "
161-
message += "operating system is %s. " % os
162-
message += "Do you really want to force the back-end DBMS "
163-
message += "OS value? [y/N] "
164-
test = readInput(message, default="N")
165-
166-
if not test or test[0] in ("n", "N"):
167-
conf.os = os
168-
else:
169-
conf.os = os
170-
171-
Backend.setOs(conf.os)
172-
173-
elif expression == "Remote temp path" and url == conf.url and conf.tmpPath is None:
174-
conf.tmpPath = unSafeFormatString(value[:-1])
175-
176-
infoMsg = "resuming remote absolute path of temporary "
177-
infoMsg += "files directory '%s' from session file" % conf.tmpPath
178-
logger.info(infoMsg)
179-
180-
elif conf.freshQueries:
181-
pass
182-
183-
elif expression == "xp_cmdshell availability" and url == conf.url:
184-
kb.xpCmdshellAvailable = True if unSafeFormatString(value[:-1]).lower() == "true" else False
185-
infoMsg = "resuming xp_cmdshell availability"
186-
logger.info(infoMsg)
86+
hashDBWrite(HASHDB_KEYS.OS, Backend.getOs())

lib/core/target.py

Lines changed: 61 additions & 61 deletions
Original file line numberDiff line numberDiff line change
@@ -14,7 +14,7 @@
1414
import tempfile
1515
import time
1616

17-
from lib.core.common import dataToSessionFile
17+
from lib.core.common import Backend
1818
from lib.core.common import hashDBRetrieve
1919
from lib.core.common import intersect
2020
from lib.core.common import paramToDict
@@ -37,14 +37,15 @@
3737
from lib.core.option import authHandler
3838
from lib.core.option import __setDBMS
3939
from lib.core.option import __setKnowledgeBaseAttributes
40-
from lib.core.session import resumeConfKb
4140
from lib.core.settings import CUSTOM_INJECTION_MARK_CHAR
4241
from lib.core.settings import HOST_ALIASES
4342
from lib.core.settings import REFERER_ALIASES
4443
from lib.core.settings import RESULTS_FILE_FORMAT
4544
from lib.core.settings import SOAP_REGEX
45+
from lib.core.settings import SUPPORTED_DBMS
4646
from lib.core.settings import UNENCODED_ORIGINAL_VALUE
4747
from lib.core.settings import UNICODE_ENCODING
48+
from lib.core.settings import UNKNOWN_DBMS_VERSION
4849
from lib.core.settings import URI_INJECTABLE_REGEX
4950
from lib.core.settings import USER_AGENT_ALIASES
5051
from lib.utils.hashdb import HashDB
@@ -243,78 +244,79 @@ def __resumeHashDBValues():
243244
if injection not in kb.injections:
244245
kb.injections.append(injection)
245246

246-
def __setOutputResume():
247+
__resumeDBMS()
248+
__resumeOS()
249+
250+
def __resumeDBMS():
247251
"""
248-
Check and set the output text file and the resume functionality.
252+
Resume stored DBMS information from HashDB
249253
"""
250254

251-
if not conf.sessionFile:
252-
conf.sessionFile = "%s%ssession" % (conf.outputPath, os.sep)
253-
254-
logger.info("using '%s' as a session file" % conf.sessionFile)
255-
256-
if os.path.exists(conf.sessionFile):
257-
if not conf.flushSession:
258-
try:
259-
readSessionFP = codecs.open(conf.sessionFile, "r", UNICODE_ENCODING, 'replace')
260-
__url_cache = set()
261-
__expression_cache = {}
255+
value = hashDBRetrieve(HASHDB_KEYS.DBMS)
262256

263-
for line in readSessionFP.readlines(): # xreadlines doesn't return unicode strings when codec.open() is used
264-
if line.count("][") == 4:
265-
line = line.split("][")
266-
267-
if len(line) != 5:
268-
continue
257+
if not value:
258+
return
269259

270-
url, _, _, expression, value = line
260+
dbms = value.lower()
261+
dbmsVersion = [UNKNOWN_DBMS_VERSION]
262+
_ = "(%s)" % ("|".join([alias for alias in SUPPORTED_DBMS]))
263+
_ = re.search("%s ([\d\.]+)" % _, dbms, re.I)
264+
265+
if _:
266+
dbms = _.group(1).lower()
267+
dbmsVersion = [_.group(2)]
268+
269+
if conf.dbms:
270+
if conf.dbms.lower() != dbms:
271+
message = "you provided '%s' as back-end DBMS, " % conf.dbms
272+
message += "but from a past scan information on the target URL "
273+
message += "sqlmap assumes the back-end DBMS is %s. " % dbms
274+
message += "Do you really want to force the back-end "
275+
message += "DBMS value? [y/N] "
276+
test = readInput(message, default="N")
277+
278+
if not test or test[0] in ("n", "N"):
279+
conf.dbms = None
280+
Backend.setDbms(dbms)
281+
Backend.setVersionList(dbmsVersion)
282+
else:
283+
infoMsg = "resuming back-end DBMS '%s' " % dbms
284+
logger.info(infoMsg)
271285

272-
if not value:
273-
continue
286+
Backend.setDbms(dbms)
287+
Backend.setVersionList(dbmsVersion)
274288

275-
if url[0] == "[":
276-
url = url[1:]
289+
def __resumeOS():
290+
"""
291+
Resume stored OS information from HashDB
292+
"""
277293

278-
value = value.rstrip('\r\n') # Strips both chars independently
294+
value = hashDBRetrieve(HASHDB_KEYS.OS)
279295

280-
if url not in ( conf.url, conf.hostname ):
281-
continue
296+
if not value:
297+
return
282298

283-
if url not in __url_cache:
284-
kb.resumedQueries[url] = {}
285-
kb.resumedQueries[url][expression] = value
286-
__url_cache.add(url)
287-
__expression_cache[url] = set(expression)
299+
os = value
288300

289-
resumeConfKb(expression, url, value)
301+
if os and os != 'None':
302+
infoMsg = "resuming back-end DBMS operating system '%s' " % os
303+
logger.info(infoMsg)
290304

291-
if expression not in __expression_cache[url]:
292-
kb.resumedQueries[url][expression] = value
293-
__expression_cache[url].add(value)
294-
elif len(value) >= len(kb.resumedQueries[url][expression]):
295-
kb.resumedQueries[url][expression] = value
305+
if conf.os and conf.os.lower() != os.lower():
306+
message = "you provided '%s' as back-end DBMS operating " % conf.os
307+
message += "system, but from a past scan information on the "
308+
message += "target URL sqlmap assumes the back-end DBMS "
309+
message += "operating system is %s. " % os
310+
message += "Do you really want to force the back-end DBMS "
311+
message += "OS value? [y/N] "
312+
test = readInput(message, default="N")
296313

297-
if kb.injection.place is not None and kb.injection.parameter is not None:
298-
kb.injections.append(kb.injection)
299-
except IOError, msg:
300-
errMsg = "unable to properly open the session file (%s)" % msg
301-
raise sqlmapFilePathException, errMsg
302-
else:
303-
readSessionFP.close()
314+
if not test or test[0] in ("n", "N"):
315+
conf.os = os
304316
else:
305-
try:
306-
os.remove(conf.sessionFile)
307-
logger.info("flushing session file")
308-
except OSError, msg:
309-
errMsg = "unable to flush the session file (%s)" % msg
310-
raise sqlmapFilePathException, errMsg
317+
conf.os = os
311318

312-
try:
313-
conf.sessionFP = codecs.open(conf.sessionFile, "a", UNICODE_ENCODING)
314-
dataToSessionFile("\n[%s]\n" % time.strftime("%X %x"))
315-
except IOError:
316-
errMsg = "unable to write on the session file specified"
317-
raise sqlmapFilePathException, errMsg
319+
Backend.setOs(conf.os)
318320

319321
def __setResultsFile():
320322
"""
@@ -435,7 +437,6 @@ def initTargetEnv():
435437

436438
conf.paramDict = {}
437439
conf.parameters = {}
438-
conf.sessionFile = None
439440
conf.hashDBFile = None
440441

441442
__setKnowledgeBaseAttributes(False)
@@ -445,7 +446,6 @@ def initTargetEnv():
445446
def setupTargetEnv():
446447
__createTargetDirs()
447448
__setRequestParams()
448-
__setOutputResume()
449449
__setHashDB()
450450
__resumeHashDBValues()
451451
__setResultsFile()

0 commit comments

Comments
 (0)