MORPH
SIGN IN SIGN UP
sqlmapproject / sqlmap UNCLAIMED

Automatic SQL injection and database takeover tool

36950 0 0 Python
Normal View History Raw
Last preparations for DREI
2019-05-08 12:47:52 +02:00
#!/usr/bin/env python
After the storm, a restore..
2008-10-15 15:38:22 +00:00
"""
Bumping copyright year
2024-01-03 23:11:52 +01:00
Copyright (c) 2006-2024 sqlmap developers (https://sqlmap.org/)
Replacing doc/COPYING to LICENSE
2017-10-11 14:50:46 +02:00
See the file 'LICENSE' for copying permission
After the storm, a restore..
2008-10-15 15:38:22 +00:00
"""
Minor fixes
2010-05-30 14:53:13 +00:00
After the storm, a restore..
2008-10-15 15:38:22 +00:00
from lib.core.common import checkFile
Switching to the getSafeExString (where it can be used)
2015-09-10 15:51:33 +02:00
from lib.core.common import getSafeExString
Patch for an Issue #976
2014-11-26 13:38:21 +01:00
from lib.core.common import openFile
minor refactoring
2012-04-03 14:46:09 +00:00
from lib.core.common import unArrayizeValue
Minor bug fixes and code refactoring
2010-05-28 15:57:43 +00:00
from lib.core.common import UnicodeRawConfigParser
Fixes #3622
2019-05-06 00:54:21 +02:00
from lib.core.convert import getUnicode
Proper patch for #1723
2016-02-23 11:46:04 +01:00
from lib.core.data import cmdLineOptions
Minor bug fix
2011-02-02 14:06:40 +00:00
from lib.core.data import conf
After the storm, a restore..
2008-10-15 15:38:22 +00:00
from lib.core.data import logger
Fixes #2357
2017-01-18 10:33:54 +01:00
from lib.core.enums import OPTION_TYPE
Doing some more style updating (capitalization of exception classes; using _ is enough for private members - __ is used in Python specific methods)
2012-12-06 14:14:19 +01:00
from lib.core.exception import SqlmapMissingMandatoryOptionException
from lib.core.exception import SqlmapSyntaxException
After the storm, a restore..
2008-10-15 15:38:22 +00:00
from lib.core.optiondict import optDict
config = None
Fixes #2357
2017-01-18 10:33:54 +01:00
def configFileProxy(section, option, datatype):
After the storm, a restore..
2008-10-15 15:38:22 +00:00
"""
Parse configuration file and save settings into the configuration
advanced dictionary.
"""
if config.has_option(section, option):
Graceful abort in case of an invalid option in configuration file
2014-04-07 20:22:51 +02:00
try:
Fixes #2357
2017-01-18 10:33:54 +01:00
if datatype == OPTION_TYPE.BOOLEAN:
Graceful abort in case of an invalid option in configuration file
2014-04-07 20:22:51 +02:00
value = config.getboolean(section, option) if config.get(section, option) else False
Fixes #2357
2017-01-18 10:33:54 +01:00
elif datatype == OPTION_TYPE.INTEGER:
Graceful abort in case of an invalid option in configuration file
2014-04-07 20:22:51 +02:00
value = config.getint(section, option) if config.get(section, option) else 0
Fixes #2357
2017-01-18 10:33:54 +01:00
elif datatype == OPTION_TYPE.FLOAT:
value = config.getfloat(section, option) if config.get(section, option) else 0.0
Graceful abort in case of an invalid option in configuration file
2014-04-07 20:22:51 +02:00
else:
value = config.get(section, option)
Baby steps (2 to 3 at a time)
2019-01-22 00:40:48 +01:00
except ValueError as ex:
Graceful abort in case of an invalid option in configuration file
2014-04-07 20:22:51 +02:00
errMsg = "error occurred while processing the option "
Minor patch (unicode related)
2014-12-15 13:36:08 +01:00
errMsg += "'%s' in provided configuration file ('%s')" % (option, getUnicode(ex))
Graceful abort in case of an invalid option in configuration file
2014-04-07 20:22:51 +02:00
raise SqlmapSyntaxException(errMsg)
After the storm, a restore..
2008-10-15 15:38:22 +00:00
if value:
conf[option] = value
else:
conf[option] = None
else:
Minor code restyling
2011-04-30 13:20:05 +00:00
debugMsg = "missing requested option '%s' (section " % option
After the storm, a restore..
2008-10-15 15:38:22 +00:00
debugMsg += "'%s') into the configuration file, " % section
debugMsg += "ignoring. Skipping to next."
logger.debug(debugMsg)
def configFileParser(configFile):
"""
Parse configuration file and save settings into the configuration
advanced dictionary.
"""
global config
debugMsg = "parsing configuration file"
logger.debug(debugMsg)
checkFile(configFile)
Patch for an Issue #976
2014-11-26 13:38:21 +01:00
configFP = openFile(configFile, "rb")
fix for a fuzz "bug" reported by daniele.rivetti@yahoo.com
2011-06-03 11:01:26 +00:00
try:
config = UnicodeRawConfigParser()
Proper patch for #5688
2024-04-12 17:32:38 +02:00
if hasattr(config, "read_file"):
config.read_file(configFP)
else:
config.readfp(configFP)
Baby steps (2 to 3 at a time)
2019-01-22 00:40:48 +01:00
except Exception as ex:
Switching to the getSafeExString (where it can be used)
2015-09-10 15:51:33 +02:00
errMsg = "you have provided an invalid and/or unreadable configuration file ('%s')" % getSafeExString(ex)
Replacing old and deprecated raise Exception style (PEP8)
2013-01-03 23:20:55 +01:00
raise SqlmapSyntaxException(errMsg)
After the storm, a restore..
2008-10-15 15:38:22 +00:00
sqlmap 0.6.3-rc4: Minor enhancement to be able to specify the number of seconds before timeout the connection, default is set to 10 seconds. Minor improvement to retry the HTTP request up to three times in case an exception is raised during the connection to the target url. Minor bug fix to correctly catch connection exceptions and notify to the user also if they occur within a thread. Minor code restyling. Updated documentation.
2008-12-04 17:40:03 +00:00
if not config.has_section("Target"):
fix for a fuzz "bug" reported by daniele.rivetti@yahoo.com
2011-06-03 11:01:26 +00:00
errMsg = "missing a mandatory section 'Target' in the configuration file"
Replacing old and deprecated raise Exception style (PEP8)
2013-01-03 23:20:55 +01:00
raise SqlmapMissingMandatoryOptionException(errMsg)
After the storm, a restore..
2008-10-15 15:38:22 +00:00
Proper patch for #1723
2016-02-23 11:46:04 +01:00
mandatory = False
sqlmap 0.6.3-rc4: Minor enhancement to be able to specify the number of seconds before timeout the connection, default is set to 10 seconds. Minor improvement to retry the HTTP request up to three times in case an exception is raised during the connection to the target url. Minor bug fix to correctly catch connection exceptions and notify to the user also if they occur within a thread. Minor code restyling. Updated documentation.
2008-12-04 17:40:03 +00:00
Removing -x as I doubt that anybody uses it
2019-11-04 22:43:28 +01:00
for option in ("direct", "url", "logFile", "bulkFile", "googleDork", "requestFile", "wizard"):
Proper patch for #1723
2016-02-23 11:46:04 +01:00
if config.has_option("Target", option) and config.get("Target", option) or cmdLineOptions.get(option):
mandatory = True
break
if not mandatory:
added -m switch for bulk loading multiple targets
2011-05-11 08:46:40 +00:00
errMsg = "missing a mandatory option in the configuration file "
Removing -x as I doubt that anybody uses it
2019-11-04 22:43:28 +01:00
errMsg += "(direct, url, logFile, bulkFile, googleDork, requestFile or wizard)"
Replacing old and deprecated raise Exception style (PEP8)
2013-01-03 23:20:55 +01:00
raise SqlmapMissingMandatoryOptionException(errMsg)
After the storm, a restore..
2008-10-15 15:38:22 +00:00
for family, optionData in optDict.items():
Minor bug fixes and code refactoring
2010-05-28 15:57:43 +00:00
for option, datatype in optionData.items():
minor refactoring
2012-04-03 14:46:09 +00:00
datatype = unArrayizeValue(datatype)
Fixes #2357
2017-01-18 10:33:54 +01:00
configFileProxy(family, option, datatype)
Reference in New Issue Copy Permalink