def _confsetting():
conf.update(cmdLineOptions)
if not conf.connect_timeout:
conf.connect_timeout = CONNECTION_TIMEOUT
if not conf.timeout:
conf.timeout = NETWORK_TIMEOUT
get_target(conf.taskid)
parser = urlparse.urlsplit(conf.url)
conf.host = parser.netloc
conf.scheme = parser.scheme
conf.domain = "%s://%s%s" % (parser.scheme, parser.netloc, conf.base)
basecachedir = os.path.join(
os.path.dirname(os.path.dirname(os.path.dirname(__file__))), TEMP_NAME)
#---------------------modified by yinzhixin----------------
#源代码没有加目录判断,导致运行报错
if not os.path.exists(basecachedir):
os.mkdir(basecachedir)
#-------------------modified by yinzhixin------------------
conf.requestCache = os.path.join(basecachedir, conf.host.replace(
':',
'_')) #modified by yinzhixin avoid exception when port num in host
#conf.requestCache = os.path.join(basecachedir, conf.host)
conf.site_type = None
print conf
def _confsetting():
conf.update(cmdLineOptions)
if not conf.connect_timeout:
conf.connect_timeout = CONNECTION_TIMEOUT
if not conf.timeout:
conf.timeout = NETWORK_TIMEOUT
get_target(conf.taskid)
parser = urlparse.urlsplit(conf.url)
conf.host = parser.netloc
conf.scheme = parser.scheme
conf.domain = "%s://%s%s" % (parser.scheme, parser.netloc,conf.base)
conf.requestCache = os.path.join(paths.TEMP,conf.host)
conf.site_type = None
print conf
def _confsetting():
conf.update(cmdLineOptions)
if not conf.connect_timeout:
conf.connect_timeout = CONNECTION_TIMEOUT
if not conf.timeout:
conf.timeout = NETWORK_TIMEOUT
get_target(conf.taskid)
parser = urlparse.urlsplit(conf.url)
conf.host = parser.netloc
conf.scheme = parser.scheme
conf.domain = "%s://%s%s" % (parser.scheme, parser.netloc, conf.base)
conf.requestCache = os.path.join(paths.TEMP, conf.host)
conf.site_type = None
print conf
def _confsetting():
conf.update(cmdLineOptions)
if not conf.connect_timeout:
conf.connect_timeout = CONNECTION_TIMEOUT
if not conf.timeout:
conf.timeout = NETWORK_TIMEOUT
get_target(conf.taskid)
parser = urlparse.urlsplit(conf.url)
conf.host = parser.netloc
conf.scheme = parser.scheme
conf.domain = "%s://%s%s" % (parser.scheme, parser.netloc,conf.base)
basecachedir = os.path.join(os.path.dirname(os.path.dirname(os.path.dirname(__file__))), TEMP_NAME)
#---------------------modified by yinzhixin----------------
#源代码没有加目录判断,导致运行报错
if not os.path.exists(basecachedir):
os.mkdir(basecachedir)
#-------------------modified by yinzhixin------------------
conf.requestCache = os.path.join(basecachedir, conf.host.replace(':','_')) #modified by yinzhixin avoid exception when port num in host
#conf.requestCache = os.path.join(basecachedir, conf.host)
conf.site_type = None
print conf
config = {
"url": "",
"p":"id",
"tech":'E',
"dbms":'',
"db":'',
"dbs":[''],
"table":[],
"columns":[],
"getCurrentUser": False,
"getCurrentDb":False,
"getDbs":False,
"getTables":False,
"getColumns":False,
"dumpTable":False,
"proxies":"",
"method":"",
"cookie":"",
"timeout":7,
"delay_time":0,
"time_sec":5,
"data":"",
"tamper":"test",
"flag":"",
"order_sec":"",
"out_log":"log.txt",
"raw":""
}
defaults = AttribDict(_defaults)
conf.update(config)
def main():
autoSqli = autoinjection()
autoSqli.usage()
while True:
try:
parameter = raw_input("[+]Input command:")
except:
sys.exit(0)
if parameter == 'help':
autoSqli.usage()
elif parameter == 'new':
autoSqli.AdminFlush()
autoSqli.BuildTask()
autoSqli.GetTaskList()
elif parameter == 'scan' and autoSqli.taskInfo:
autoSqli.ShowTask()
try:
taskNameString = raw_input("[+]Input taskname:")
if taskNameString == 'all':
taskNameString = '1-%d' % (len(autoSqli.taskidList))
taskNameList = taskNameString.split(",")
autoSqli.multiStart(taskNameList)
except:
print "[!]please Input the vaild taskname!"
autoSqli.GetTaskList()
elif parameter == 'status' and autoSqli.taskInfo:
autoSqli.GetTaskList()
autoSqli.ShowTask()
elif parameter == 'delete' and autoSqli.taskInfo:
autoSqli.ShowTask()
try:
taskName = raw_input("[+]Input taskname:")
taskNameList = taskNameString.split(",")
autoSqli.multiDelete(taskNameList)
except:
print "[!]please Input the vaild taskname!"
autoSqli.GetTaskList()
elif parameter == 'data' and autoSqli.taskInfo:
autoSqli.GetTaskList()
autoSqli.ShowTask()
try:
taskName = raw_input("[+]Input taskname:")
taskId = autoSqli.taskInfo[int(taskName)][0]
taskStatus = autoSqli.taskInfo[int(taskName)][1]
if taskStatus != "terminated":
print "[!]please wait the scan compelete or start-up this task first!"
else:
dataUrl = baseUrl + '/scan/%s/data' % taskId
autoSqli.GetData(dataUrl)
except:
print "[!]please Input the vaild taskname!"
elif parameter == 'set' and autoSqli.taskInfo:
autoSqli.ShowTask()
try:
taskName = raw_input("[+]Input taskname:")
taskOption = raw_input(
"[+]Input option(same as sqlmap command line):")
OptionList = taskOption.split(" ")
optiondict = UpdateDict(cmdLineParser(OptionList).__dict__)
conf.update(optiondict)
taskId = autoSqli.taskInfo[int(taskName)][0]
setOptUrl = baseUrl + '/option/%s/set' % taskId
autoSqli.SetOptions(setOptUrl, conf)
except:
print "[+]please Input the vaild taskname!"
autoSqli.GetTaskList()
elif parameter == 'list' and autoSqli.taskInfo:
autoSqli.ShowTask()
try:
taskName = raw_input("[+]Input taskname:")
taskId = autoSqli.taskInfo[int(taskName)][0]
listOptUrl = baseUrl + '/option/%s/list' % taskId
autoSqli.ListOptions(listOptUrl)
except:
print "[+]please Input the vaild taskname!"
autoSqli.GetTaskList()
elif parameter == 'stop' and autoSqli.taskInfo:
#autoSqli.GetTaskList()
autoSqli.ShowTask()
try:
taskName = raw_input("[+]Input taskname:")
taskId = autoSqli.taskInfo[taskName][0]
taskStatus = autoSqli.taskInfo[taskName][1]
if taskStatus == "not running" or taskStatus == 'terminated':
print "[!]this task has been stoped!"
else:
stopUrl = baseUrl + '/scan/%s/stop' % taskId
autoSqli.StopScan(stopUrl)
except:
print "[+]please Input the vaild taskname!"
autoSqli.GetTaskList()
elif parameter == 'exit':
print "bye!"
sys.exit(0)
elif autoSqli.taskInfo:
print "[!]please input the valid parameter!"
else:
print "[!]please create task first!"
