def __setGoogleDorking(): """ This function checks if the way to request testable hosts is through Google dorking then requests to Google the search parameter, parses the results and save the testable hosts into the knowledge base. """ if not conf.googleDork: return global keepAliveHandler global proxyHandler debugMsg = "initializing Google dorking requests" logger.debug(debugMsg) logMsg = "first request to Google to get the session cookie" logger.info(logMsg) handlers = [ proxyHandler ] # Reference: http://www.w3.org/Protocols/rfc2616/rfc2616-sec8.html if conf.keepAlive: if conf.proxy: warnMsg = "persistent HTTP(s) connections, Keep-Alive, has " warnMsg += "been disabled because of it's incompatibility " warnMsg += "with HTTP(s) proxy" logger.warn(warnMsg) else: handlers.append(keepAliveHandler) googleObj = Google(handlers) googleObj.getCookie() matches = googleObj.search(conf.googleDork) if not matches: errMsg = "unable to find results for your " errMsg += "Google dork expression" raise sqlmapGenericException, errMsg googleObj.getTargetUrls() if kb.targetUrls: logMsg = "sqlmap got %d results for your " % len(matches) logMsg += "Google dork expression, " if len(matches) == len(kb.targetUrls): logMsg += "all " else: logMsg += "%d " % len(kb.targetUrls) logMsg += "of them are testable targets" logger.info(logMsg) else: errMsg = "sqlmap got %d results " % len(matches) errMsg += "for your Google dork expression, but none of them " errMsg += "have GET parameters to test for SQL injection" raise sqlmapGenericException, errMsg
def __setGoogleDorking(): """ This function checks if the way to request testable hosts is through Google dorking then requests to Google the search parameter, parses the results and save the testable hosts into the knowledge base. """ global proxyHandler if not conf.googleDork: return debugMsg = "initializing Google dorking requests" logger.debug(debugMsg) logMsg = "first request to Google to get the session cookie" logger.info(logMsg) googleObj = Google(proxyHandler) googleObj.getCookie() matches = googleObj.search(conf.googleDork) if not matches: errMsg = "unable to find results for your " errMsg += "Google dork expression" raise sqlmapGenericException, errMsg googleObj.getTargetUrls() if kb.targetUrls: logMsg = "sqlmap got %d results for your " % len(matches) logMsg += "Google dork expression, " if len(matches) == len(kb.targetUrls): logMsg += "all " else: logMsg += "%d " % len(kb.targetUrls) logMsg += "of them are testable targets" logger.info(logMsg) else: errMsg = "sqlmap got %d results " % len(matches) errMsg += "for your Google dork expression, but none of them " errMsg += "have GET parameters to test for SQL injection" raise sqlmapGenericException, errMsg