Blame: lib/core/convert.py - sqlmapproject/sqlmap

Automatic SQL injection and database takeover tool

0 0 3 Python

reverted a previous commit as not all distributions create a link file /usr/bin/python2 to the Python interpreter 2013-02-14 11:32:17 +00:00			`#!/usr/bin/env python`
After the storm, a restore.. 2008-10-15 15:38:22 +00:00
			`"""`
updated copyright 2014-01-13 17:24:49 +00:00			`Copyright (c) 2006-2014 sqlmap developers (http://sqlmap.org/)`
sorry, cosmetics 2010-10-14 23:18:29 +00:00			`See the file 'doc/COPYING' for copying permission`
After the storm, a restore.. 2008-10-15 15:38:22 +00:00			`"""`

preparing to handle logging calls by a separate file descriptor when sqlmap is executed by the REST API - issue #297 2013-01-09 22:08:50 +00:00			`import json`
Added resume functionality to -d and fixed logging with -d 2010-04-12 09:35:20 +00:00			`import pickle`
Avoiding md5/sha1 deprecated warning in Python >=2.6 2010-02-23 08:54:33 +00:00			`import sys`
After the storm, a restore.. 2008-10-15 15:38:22 +00:00
Fix for an Issue #129 2012-07-31 11:03:44 +02:00			`from lib.core.settings import IS_WIN`
further update regarding last commit 2011-03-03 10:39:04 +00:00			`from lib.core.settings import UNICODE_ENCODING`
Major enhancement to directly connect to the dbms without passing via a sql injection: adapted code accordingly - see #158. This feature relies on python third-party libraries to be able to connect to the database. For the moment it has been implemented for MySQL (with python-mysqldb module) and PostgreSQL (with python-psycopg2 module). Minor layout adjustments. 2010-03-26 23:23:25 +00:00
code review of modules in lib/core directory 2011-01-15 12:13:45 +00:00			`def base64decode(value):`
Update for an Issue #352 2013-03-11 14:58:05 +01:00			`"""`
			`Decodes string value from Base64 to plain format`

			`>>> base64decode('Zm9vYmFy')`
			`'foobar'`
			`"""`

code review of modules in lib/core directory 2011-01-15 12:13:45 +00:00			`return value.decode("base64")`
After the storm, a restore.. 2008-10-15 15:38:22 +00:00
code review of modules in lib/core directory 2011-01-15 12:13:45 +00:00			`def base64encode(value):`
Update for an Issue #352 2013-03-11 14:58:05 +01:00			`"""`
			`Encodes string value from plain to Base64 format`

			`>>> base64encode('foobar')`
			`'Zm9vYmFy'`
			`"""`

code review of modules in lib/core directory 2011-01-15 12:13:45 +00:00			`return value.encode("base64")[:-1].replace("\n", "")`
Added resume functionality to -d and fixed logging with -d 2010-04-12 09:35:20 +00:00
code review of modules in lib/core directory 2011-01-15 12:13:45 +00:00			`def base64pickle(value):`
Update for an Issue #352 2013-03-11 14:58:05 +01:00			`"""`
			`Serializes (with pickle) and encodes to Base64 format supplied (binary) value`

			`>>> base64pickle('foobar')`
			`'gAJVBmZvb2JhcnEALg=='`
			`"""`

Patch for an Issue #260 2012-11-26 11:16:59 +01:00			`retVal = None`
			`try:`
			`retVal = base64encode(pickle.dumps(value, pickle.HIGHEST_PROTOCOL))`
			`except:`
			`warnMsg = "problem occurred while serializing "`
			`warnMsg += "instance of a type '%s'" % type(value)`
			`singleTimeWarnMessage(warnMsg)`

			`retVal = base64encode(pickle.dumps(str(value), pickle.HIGHEST_PROTOCOL))`
			`return retVal`
Added resume functionality to -d and fixed logging with -d 2010-04-12 09:35:20 +00:00
code review of modules in lib/core directory 2011-01-15 12:13:45 +00:00			`def base64unpickle(value):`
Update for an Issue #352 2013-03-11 14:58:05 +01:00			`"""`
Minor language fix 2013-03-26 14:11:17 +01:00			`Decodes value from Base64 to plain format and deserializes (with pickle) its content`
Update for an Issue #352 2013-03-11 14:58:05 +01:00
			`>>> base64unpickle('gAJVBmZvb2JhcnEALg==')`
			`'foobar'`
			`"""`

code review of modules in lib/core directory 2011-01-15 12:13:45 +00:00			`return pickle.loads(base64decode(value))`
After the storm, a restore.. 2008-10-15 15:38:22 +00:00
code review of modules in lib/core directory 2011-01-15 12:13:45 +00:00			`def hexdecode(value):`
Update for an Issue #352 2013-03-11 14:58:05 +01:00			`"""`
			`Decodes string value from hex to plain format`

			`>>> hexdecode('666f6f626172')`
			`'foobar'`
			`"""`

code review of modules in lib/core directory 2011-01-15 12:13:45 +00:00			`value = value.lower()`
some more refactoring 2011-12-21 19:40:42 +00:00			`return (value[2:] if value.startswith("0x") else value).decode("hex")`
removed all trailing spaces from blank lines 2010-11-03 10:08:27 +00:00
code review of modules in lib/core directory 2011-01-15 12:13:45 +00:00			`def hexencode(value):`
Update for an Issue #352 2013-03-11 14:58:05 +01:00			`"""`
			`Encodes string value from plain to hex format`

			`>>> hexencode('foobar')`
			`'666f6f626172'`
			`"""`

Update for an Issue #225 2012-10-30 00:59:31 +01:00			`return utf8encode(value).encode("hex")`
After the storm, a restore.. 2008-10-15 15:38:22 +00:00
minor refactoring 2011-04-29 15:22:32 +00:00			`def unicodeencode(value, encoding=None):`
			`"""`
Update for an Issue #352 2013-03-11 14:58:05 +01:00			`Returns 8-bit string representation of the supplied unicode value`
minor refactoring 2011-04-29 15:22:32 +00:00
Update for an Issue #352 2013-03-11 14:58:05 +01:00			`>>> unicodeencode(u'foobar')`
			`'foobar'`
minor refactoring 2011-04-29 15:22:32 +00:00			`"""`

			`retVal = value`
			`if isinstance(value, unicode):`
			`try:`
			`retVal = value.encode(encoding or UNICODE_ENCODING)`
			`except UnicodeEncodeError:`
removing xmlcharrefreplace error handler as it seems that it wasn't such a good idea at the end 2011-05-15 21:43:38 +00:00			`retVal = value.encode(UNICODE_ENCODING, "replace")`
minor refactoring 2011-04-29 15:22:32 +00:00			`return retVal`

code review of modules in lib/core directory 2011-01-15 12:13:45 +00:00			`def utf8encode(value):`
Update for an Issue #352 2013-03-11 14:58:05 +01:00			`"""`
			`Returns 8-bit string representation of the supplied UTF-8 value`

			`>>> utf8encode(u'foobar')`
			`'foobar'`
			`"""`

minor refactoring 2011-04-29 15:22:32 +00:00			`return unicodeencode(value, "utf-8")`
Minor bug fix to correctly deal with unicode queries with -d 2010-05-28 11:32:10 +00:00
code review of modules in lib/core directory 2011-01-15 12:13:45 +00:00			`def utf8decode(value):`
Update for an Issue #352 2013-03-11 14:58:05 +01:00			`"""`
			`Returns UTF-8 representation of the supplied 8-bit string representation`
fix for a google bug reported by Brandon E. 2010-10-01 08:03:39 +00:00
Update for an Issue #352 2013-03-11 14:58:05 +01:00			`>>> utf8decode('foobar')`
			`u'foobar'`
			`"""`

			`return value.decode("utf-8")`
fix for a google bug reported by Brandon E. 2010-10-01 08:03:39 +00:00
code review of modules in lib/core directory 2011-01-15 12:13:45 +00:00			`def htmlunescape(value):`
Update for an Issue #352 2013-03-11 14:58:05 +01:00			`"""`
			`Returns (basic conversion) HTML unescaped value`

			`>>> htmlunescape('a<b')`
			`'a<b'`
			`"""`

minor refactoring 2011-12-21 14:25:39 +00:00			`retVal = value`
			`if value and isinstance(value, basestring):`
Minor style update 2012-07-23 15:06:49 +02:00			`codes = (('<', '<'), ('>', '>'), ('"', '"'), (' ', ' '), ('&', '&'))`
			`retVal = reduce(lambda x, y: x.replace(y[0], y[1]), codes, retVal)`
improved htmlunescape (great for localized html escape codes) 2011-04-14 21:36:13 +00:00			`return retVal`
Fix for an Issue #129 2012-07-31 11:03:44 +02:00
			`def singleTimeWarnMessage(message): # Cross-linked function`
Minor patch 2013-08-12 14:25:51 +02:00			`raise NotImplementedError`
Fix for an Issue #129 2012-07-31 11:03:44 +02:00
			`def stdoutencode(data):`
			`retVal = None`

			`try:`
			`# Reference: http://bugs.python.org/issue1602`
			`if IS_WIN:`
Minor patch 2013-04-06 01:48:23 +02:00			`output = data.encode("ascii", "replace")`
Fix for an Issue #129 2012-07-31 11:03:44 +02:00
			`if output != data:`
			`warnMsg = "cannot properly display Unicode characters "`
			`warnMsg += "inside Windows OS command prompt "`
			`warnMsg += "(http://bugs.python.org/issue1602). All "`
			`warnMsg += "unhandled occurances will result in "`
			`warnMsg += "replacement with '?' character. Please, find "`
			`warnMsg += "proper character representation inside "`
			`warnMsg += "corresponding output files. "`
			`singleTimeWarnMessage(warnMsg)`

			`retVal = output`
			`else:`
			`retVal = data.encode(sys.stdout.encoding)`
			`except:`
			`retVal = data.encode(UNICODE_ENCODING)`

			`return retVal`
preparing to handle logging calls by a separate file descriptor when sqlmap is executed by the REST API - issue #297 2013-01-09 22:08:50 +00:00
			`def jsonize(data):`
Update for an Issue #352 2013-03-11 14:58:05 +01:00			`"""`
			`Returns JSON serialized data`

			`>>> jsonize({'foo':'bar'})`
			`'{\\n "foo": "bar"\\n}'`
			`"""`

preparing to handle logging calls by a separate file descriptor when sqlmap is executed by the REST API - issue #297 2013-01-09 22:08:50 +00:00			`return json.dumps(data, sort_keys=False, indent=4)`
major enhancement, code refactoring for issue #297 2013-01-29 01:39:27 +00:00
			`def dejsonize(data):`
Update for an Issue #352 2013-03-11 14:58:05 +01:00			`"""`
			`Returns JSON deserialized data`

			`>>> dejsonize('{\\n "foo": "bar"\\n}')`
			`{u'foo': u'bar'}`
			`"""`

major enhancement, code refactoring for issue #297 2013-01-29 01:39:27 +00:00			`return json.loads(data)`