def recv_info(self, info): if not info.has_url_params and not info.has_post_params: return # Result info results = [] # Get user args user_args = shlex.split(Config.plugin_args["args"]) with tempdir() as output_dir: # Basic command line args = [ "-u", info.url, "--batch", "--output-dir", output_dir ] # Add the user args args.extend(user_args) # # GET Parameters injection # if info.has_url_params: args.extend([ "-p", ",".join([x for x in info.url_params if x not in WEB_SERVERS_VARS]), ]) r = self.make_injection(info.url, args) if r: results.extend(self.parse_sqlmap_results(info, output_dir)) # # POST Parameters injection # if info.has_post_params: args.extend([ "--data", "&".join(["%s=%s" % (k, v) for k, v in info.post_params.iteritems() if k not in WEB_SERVERS_VARS]) ]) r = self.make_injection(info.url, args) if r: results.extend(self.parse_sqlmap_results(info, output_dir)) if results: Logger.log("Found %s SQL injection vulnerabilities." % len(results)) else: Logger.log("No SQL injection vulnerabilities found.") return results
def run(self, info): if not info.has_url_params and not info.has_post_params: return # Result info results = [] # Get user args user_args = shlex.split(Config.plugin_args["args"]) with tempdir() as output_dir: # Basic command line args = [ "-u", info.url, "--batch", "--output-dir", output_dir ] # Add the user args args.extend(user_args) # # GET Parameters injection # if info.has_url_params: args.extend([ "-p", ",".join([x for x in info.url_params if x not in WEB_SERVERS_VARS]), ]) r = self.make_injection(info.url, args) if r: results.extend(self.parse_sqlmap_results(info, output_dir)) # # POST Parameters injection # if info.has_post_params: args.extend([ "--data", "&".join(["%s=%s" % (k, v) for k, v in info.post_params.iteritems() if k not in WEB_SERVERS_VARS]) ]) r = self.make_injection(info.url, args) if r: results.extend(self.parse_sqlmap_results(info, output_dir)) if results: Logger.log("Found %s SQL injection vulnerabilities." % len(results)) else: Logger.log("No SQL injection vulnerabilities found.") return results
def recv_info(self, info): Logger.log(info) if not isinstance(info, Url): return if not info.has_url_params and not info.has_post_params: Logger.log("URL '%s' has not parameters" % info.url) return # Get sqlmap script executable sqlmap_script = self.get_sqlmap() results = [] with tempdir() as output_dir: # Basic command line args = [ "-u", info.url, "-b", "--batch", "--output-dir", output_dir, "-u", info.url, ] # # GET Parameters injection # if info.has_url_params: args = [ "-p", ",".join(info.url_params), ] r = self.make_injection(info.url, sqlmap_script, args) # Parse and return the results. if r: results.extend(self.parse_sqlmap_results(info, output_dir)) # # POST Parameters injection # if info.has_post_params: args = [ "--data", "&".join([ "%s=%s" % (k, v) for k, v in info.post_params.iteritems()]) ] r = self.make_injection(info.url, sqlmap_script, args) # Parse and return the results. if r: results.extend(self.parse_sqlmap_results(info, output_dir)) if results: Logger.log("Found %s SQL injection vulns." % len(results)) else: Logger.log("No SQL injection vulns found.") return results