def main(): """ REST-JSON API main function """ # Set default logging level to debug logger.setLevel(logging.DEBUG) # Initialize paths setPaths(modulePath()) # Parse command line options apiparser = optparse.OptionParser() apiparser.add_option("-s", "--server", help="Act as a REST-JSON API server", default=RESTAPI_DEFAULT_PORT, action="store_true") apiparser.add_option("-c", "--client", help="Act as a REST-JSON API client", default=RESTAPI_DEFAULT_PORT, action="store_true") apiparser.add_option("-H", "--host", help="Host of the REST-JSON API server (default \"%s\")" % RESTAPI_DEFAULT_ADDRESS, default=RESTAPI_DEFAULT_ADDRESS, action="store") apiparser.add_option("-p", "--port", help="Port of the the REST-JSON API server (default %d)" % RESTAPI_DEFAULT_PORT, default=RESTAPI_DEFAULT_PORT, type="int", action="store") apiparser.add_option("--adapter", help="Server (bottle) adapter to use (default \"%s\")" % RESTAPI_DEFAULT_ADAPTER, default=RESTAPI_DEFAULT_ADAPTER, action="store") (args, _) = apiparser.parse_args() # Start the client or the server if args.server is True: server(args.host, args.port, adapter=args.adapter) elif args.client is True: client(args.host, args.port) else: apiparser.print_help()
def main(): """ REST-JSON API main function """ # Set default logging level to debug logger.setLevel(logging.DEBUG) # Initialize path variable paths.SQLMAP_ROOT_PATH = modulePath() setPaths() # Parse command line options apiparser = optparse.OptionParser() apiparser.add_option("-s", "--server", help="Act as a REST-JSON API server", default=RESTAPI_DEFAULT_PORT, action="store_true") apiparser.add_option("-c", "--client", help="Act as a REST-JSON API client", default=RESTAPI_DEFAULT_PORT, action="store_true") apiparser.add_option("-H", "--host", help="Host of the REST-JSON API server", default=RESTAPI_DEFAULT_ADDRESS, action="store") apiparser.add_option("-p", "--port", help="Port of the the REST-JSON API server", default=RESTAPI_DEFAULT_PORT, type="int", action="store") (args, _) = apiparser.parse_args() # Start the client or the server if args.server is True: server(args.host, args.port) elif args.client is True: client(args.host, args.port) else: apiparser.print_help()
def main(): """ REST-JSON API main function """ # Set default logging level to debug logger.setLevel(logging.DEBUG) # Initialize path variable paths.SQLMAP_ROOT_PATH = modulePath() setPaths() # Parse command line options apiparser = optparse.OptionParser() apiparser.add_option("-s", "--server", help="Act as a REST-JSON API server", default=RESTAPI_DEFAULT_PORT, action="store_true") apiparser.add_option("-c", "--client", help="Act as a REST-JSON API client", default=RESTAPI_DEFAULT_PORT, action="store_true") apiparser.add_option("-H", "--host", help="Host of the REST-JSON API server", default=RESTAPI_DEFAULT_ADDRESS, action="store") apiparser.add_option("-p", "--port", help="Port of the the REST-JSON API server", default=RESTAPI_DEFAULT_PORT, type="int", action="store") apiparser.add_option("--adapter", help="Server (bottle) adapter to use (default %s)" % RESTAPI_DEFAULT_ADAPTER, default=RESTAPI_DEFAULT_ADAPTER, action="store") (args, _) = apiparser.parse_args() # Start the client or the server if args.server is True: server(args.host, args.port, adapter=args.adapter) elif args.client is True: client(args.host, args.port) else: apiparser.print_help()
def main(): """ REST-JSON API main function """ # Set default logging level to debug logger.setLevel(logging.DEBUG) # Initialize paths setPaths(modulePath()) # Parse command line options apiparser = optparse.OptionParser() apiparser.add_option("-s", "--server", help="Run as a REST-JSON API server", default=RESTAPI_DEFAULT_PORT, action="store_true") apiparser.add_option("-c", "--client", help="Run as a REST-JSON API client", default=RESTAPI_DEFAULT_PORT, action="store_true") apiparser.add_option("-H", "--host", help="Host of the REST-JSON API server (default \"%s\")" % RESTAPI_DEFAULT_ADDRESS, default=RESTAPI_DEFAULT_ADDRESS, action="store") apiparser.add_option("-p", "--port", help="Port of the the REST-JSON API server (default %d)" % RESTAPI_DEFAULT_PORT, default=RESTAPI_DEFAULT_PORT, type="int", action="store") apiparser.add_option("--adapter", help="Server (bottle) adapter to use (default \"%s\")" % RESTAPI_DEFAULT_ADAPTER, default=RESTAPI_DEFAULT_ADAPTER, action="store") apiparser.add_option("--username", help="Basic authentication username (optional)", action="store") apiparser.add_option("--password", help="Basic authentication password (optional)", action="store") (args, _) = apiparser.parse_args() # Start the client or the server if args.server is True: server(args.host, args.port, adapter=args.adapter, username=args.username, password=args.password) elif args.client is True: client(args.host, args.port, username=args.username, password=args.password) else: apiparser.print_help()
def main(): """ REST-JSON API 主函数 """ # 将默认日志记录级别设置为debug logger.setLevel(logging.DEBUG) # 初始化路径 setPaths(modulePath()) # 解析命令行选项 apiparser = optparse.OptionParser() apiparser.add_option("-s", "--server", help=u"作为REST-JSON API服务器", default=RESTAPI_DEFAULT_PORT, action="store_true") apiparser.add_option("-c", "--client", help=u"作为REST-JSON API客户端", default=RESTAPI_DEFAULT_PORT, action="store_true") apiparser.add_option("-H", "--host", help="REST-JSON API服务器主机地址(默认为 \"%s\")" % RESTAPI_DEFAULT_ADDRESS, default=RESTAPI_DEFAULT_ADDRESS, action="store") apiparser.add_option("-p", "--port", help="REST-JSON服务器端口(默认为 %d)" % RESTAPI_DEFAULT_PORT, default=RESTAPI_DEFAULT_PORT, type="int", action="store") apiparser.add_option("--adapter", help="要使用的服务器适配器(默认为 \"%s\")" % RESTAPI_DEFAULT_ADAPTER, default=RESTAPI_DEFAULT_ADAPTER, action="store") (args, _) = apiparser.parse_args() """ adapter(适配器)定义为将一个类的接口变换成客户端所期待的一种接口, 从而使原本因接口不匹配而无法在一起工作的两个类能够在一起工作。 """ # 启动客户端或服务器 if args.server is True: server(args.host, args.port, adapter=args.adapter) elif args.client is True: client(args.host, args.port) else: apiparser.print_help()
def main(): """ REST-JSON API main function """ # Set default logging level to debug logger.setLevel(logging.DEBUG) # Initialize paths setPaths(modulePath()) server(RESTAPI_DEFAULT_ADDRESS, RESTAPI_DEFAULT_PORT, adapter=RESTAPI_DEFAULT_ADAPTER)
def __init__(self, target, data, log, tree=None, dumps=None): self.target = target self.data = data self.log = log self.tree = tree self.dumps = dumps self.css = '' for t in TAG_LIST: TAG[t] = gen_tag(t) css = sqlmap.modulePath() + '/wxsqlm/css/style.css' with open(css, 'r') as inp: self.css = inp.read()
def __init__(self, target, data, log, tree=None, dumps=None): self.target = target self.data = data self.log = log self.tree = tree self.dumps = dumps self.css = '' for t in TAG_LIST: TAG[t] = gen_tag(t) css = sqlmap.modulePath()+'/wxsqlm/css/style.css' with open(css, 'r') as inp: self.css = inp.read()
def box_tampers(self, panel): box = wx.StaticBox(panel, -1, 'Tampers') sizer = wx.StaticBoxSizer(box) tampers = os.listdir(sqlmap.modulePath()+'/tamper') tampers.insert(0, '') try: tampers.remove('__init__.py') except ValueError: pass self.tamper = wx.ListBox(panel, -1, (0, 0), (0, 0), tampers, wx.LB_EXTENDED) sizer.Add(self.tamper, 1, wx.EXPAND) return sizer
def box_tampers(self, panel): box = wx.StaticBox(panel, -1, 'Tampers') sizer = wx.StaticBoxSizer(box) tampers = os.listdir(sqlmap.modulePath() + '/tamper') tampers.insert(0, '') try: tampers.remove('__init__.py') except ValueError: pass self.tamper = wx.ListBox(panel, -1, (0, 0), (0, 0), tampers, wx.LB_EXTENDED) sizer.Add(self.tamper, 1, wx.EXPAND) return sizer
def test_paths_setPaths(self): self.assertEqual({}, paths) paths.SQLMAP_ROOT_PATH = modulePath() # self.assertEqual({'SQLMAP_ROOT_PATH': u'/home/k/Develop/sqlmap'}, paths) setPaths() self.maxDiff = None # self.assertDictContainsSubset({'COMMON_COLUMNS': u'/home/k/Develop/sqlmap/txt/common-columns.txt', # 'COMMON_OUTPUTS': u'/home/k/Develop/sqlmap/txt/common-outputs.txt', # 'COMMON_TABLES': u'/home/k/Develop/sqlmap/txt/common-tables.txt', # 'ERRORS_XML': u'/home/k/Develop/sqlmap/xml/errors.xml', # 'GENERIC_XML': u'/home/k/Develop/sqlmap/xml/banner/generic.xml', # 'INJECTIONS_XML': u'/home/k/Develop/sqlmap/xml/injections.xml', # 'LIVE_TESTS_XML': u'/home/k/Develop/sqlmap/xml/livetests.xml', # 'MSSQL_XML': u'/home/k/Develop/sqlmap/xml/banner/mssql.xml', # 'MYSQL_XML': u'/home/k/Develop/sqlmap/xml/banner/mysql.xml', # 'ORACLE_XML': u'/home/k/Develop/sqlmap/xml/banner/oracle.xml', # 'OS_SHELL_HISTORY': '/home/k/.sqlmap/os.hst', # 'PAYLOADS_XML': u'/home/k/Develop/sqlmap/xml/payloads.xml', # 'PGSQL_XML': u'/home/k/Develop/sqlmap/xml/banner/postgresql.xml', # 'QUERIES_XML': u'/home/k/Develop/sqlmap/xml/queries.xml', # 'SMALL_DICT': u'/home/k/Develop/sqlmap/txt/smalldict.txt', # #'SQLMAP_CONFIG': u'/home/k/Develop/sqlmap/sqlmap-dieD.conf', # 'SQLMAP_DUMP_PATH': u'/home/k/.sqlmap/output/%s/dump', # 'SQLMAP_EXTRAS_PATH': u'/home/k/Develop/sqlmap/extra', # 'SQLMAP_FILES_PATH': u'/home/k/.sqlmap/output/%s/files', # 'SQLMAP_OUTPUT_PATH': u'/home/k/.sqlmap/output', # 'SQLMAP_PROCS_PATH': u'/home/k/Develop/sqlmap/procs', # 'SQLMAP_ROOT_PATH': u'/home/k/Develop/sqlmap', # 'SQLMAP_SHELL_HISTORY': '/home/k/.sqlmap/sqlmap.hst', # 'SQLMAP_SHELL_PATH': u'/home/k/Develop/sqlmap/shell', # 'SQLMAP_TAMPER_PATH': u'/home/k/Develop/sqlmap/tamper', # 'SQLMAP_TXT_PATH': u'/home/k/Develop/sqlmap/txt', # 'SQLMAP_UDF_PATH': u'/home/k/Develop/sqlmap/udf', # 'SQLMAP_WAF_PATH': u'/home/k/Develop/sqlmap/waf', # 'SQLMAP_XML_BANNER_PATH': u'/home/k/Develop/sqlmap/xml/banner', # 'SQLMAP_XML_PATH': u'/home/k/Develop/sqlmap/xml', # 'SQL_KEYWORDS': u'/home/k/Develop/sqlmap/txt/keywords.txt', # 'SQL_SHELL_HISTORY': '/home/k/.sqlmap/sql.hst', # 'USER_AGENTS': u'/home/k/Develop/sqlmap/txt/user-agents.txt', # 'WORDLIST': u'/home/k/Develop/sqlmap/txt/wordlist.zip'}, paths) #self.assertEqual(u'/home/k/Develop/sqlmap/sqlmap-YplE.conf', paths.SQLMAP_CONFIG) import os profileOutputFile = os.path.join(paths.SQLMAP_OUTPUT_PATH, "sqlmap_profile.raw") # self.assertEqual(u'/home/k/.sqlmap/output/sqlmap_profile.raw', profileOutputFile) paths.SQLMAP_FILES_PATH = os.path.join(paths.SQLMAP_OUTPUT_PATH, "%s", "files")
def __init__(self, window): wx.AboutDialogInfo.__init__(self) self.Name = 'wxSqlmap' self.Version = '0.1' self.Copyright = 'Copyright 2013 Mehmet Öztürk' self.Description = wordwrap(self.Name + ' is a graphical user interface for ' 'the penetration testing tool sqlmap.\n\n' 'The Developer assumes no liability and is not ' 'responsible for any misuse or damage caused by this program.\n\n' 'Please read the disclaimer of sqlmap. ', 350, wx.ClientDC(window)) self.Developers = ['Mehmet Öztürk'] with open(sqlmap.modulePath()+'/wxsqlm/gpl.txt', 'r') as r: licenseText = r.read() self.Licence = wordwrap(licenseText, 500, wx.ClientDC(window))
from lib.core.data import logger from lib.utils.api import client from lib.utils.api import server RESTAPI_SERVER_HOST = "127.0.0.1" RESTAPI_SERVER_PORT = 8775 if __name__ == "__main__": """ REST-JSON API main function """ # Set default logging level to debug logger.setLevel(logging.DEBUG) # Initialize path variable paths.SQLMAP_ROOT_PATH = modulePath() setPaths() # Parse command line options apiparser = optparse.OptionParser() apiparser.add_option("-s", "--server", help="Act as a REST-JSON API server", default=RESTAPI_SERVER_PORT, action="store_true") apiparser.add_option("-c", "--client", help="Act as a REST-JSON API client", default=RESTAPI_SERVER_PORT, action="store_true") apiparser.add_option("-H",
""" cf = ConfigParser.ConfigParser() cf.read(config_file) global master_host, master_port, token, slave_port master_host = cf.get("Master", "host") master_port = cf.get("Master", "port") token = cf.get("Slave", "token") if cf.has_option("Slave", "token") else 'xxxxxxxx' slave_port = cf.get("Slave", "port") if cf.has_option("Slave", "port") else '23333' if __name__ == '__main__': # 初始化路径 setPaths(modulePath()) parser = argparse.ArgumentParser(description=u"ArgusScan Slave") parser.add_argument("--config_file", "-c", default="setting.ini", help=u"Specify config file") parser.add_argument("--port", "-p", help=u"Specify port to listen") args = parser.parse_args() load_config(args.config_file) slave_port = args.port if args.port is not None else slave_port logger.info(u"ArgusScan Slave is running.") # 启动节点 start_slave_node(port=slave_port)
from lib.core.data import logger from lib.utils.api import client from lib.utils.api import server RESTAPI_SERVER_HOST = "127.0.0.1" RESTAPI_SERVER_PORT = 8775 if __name__ == "__main__": """ REST-JSON API main function """ # Set default logging level to debug logger.setLevel(logging.DEBUG) # Initialize path variable paths.SQLMAP_ROOT_PATH = modulePath() setPaths() # Parse command line options apiparser = optparse.OptionParser() apiparser.add_option("-s", "--server", help="Act as a REST-JSON API server", default=RESTAPI_SERVER_PORT, action="store_true") apiparser.add_option("-c", "--client", help="Act as a REST-JSON API client", default=RESTAPI_SERVER_PORT, action="store_true") apiparser.add_option("-H", "--host", help="Host of the REST-JSON API server", default=RESTAPI_SERVER_HOST, action="store") apiparser.add_option("-p", "--port", help="Port of the the REST-JSON API server", default=RESTAPI_SERVER_PORT, type="int", action="store") (args, _) = apiparser.parse_args() # Start the client or the server if args.server is True: server(args.host, args.port) elif args.client is True: client(args.host, args.port)
import requests import re import urlparse import getopt import json import sys import os from sqlmap import modulePath from lib.parse.cmdline import cmdLineParser from lib.core.common import getUnicode from lib.core.data import conf from lib.core.data import newoptiondict baseUrl = 'http://127.0.0.1:8775' absDirectory = os.path.join(modulePath(), 'txt\\urllist.txt') def UpdateDict(optiondict): for key, value in optiondict.items(): if value != None: newoptiondict[key] = value return newoptiondict class autoinjection(): def __init__(self): #self.taskInfo is a dictionary looks like {taskname:[taskId,taskStatus]} self.taskInfo = dict() self.taskidList = [] #self.GetTaskList() self.urlList = []
def get_conf(): with open(sqlmap.modulePath() + '/wxsqlm/config.json', 'r') as r: conf = json.loads(r.read()) return conf
def get_conf(): with open(sqlmap.modulePath()+'/wxsqlm/config.json', 'r') as r: conf = json.loads(r.read()) return conf