def main():
# python version check
if sys.version.split()[0] < "3.6":
logger.error(
"incompatible Python version detected ('{}'). To successfully run sqlmap you'll have to use version >= 3.6 (visit 'https://www.python.org/downloads/')".format(
sys.version.split()[0]))
sys.exit()
# init
root = os.path.dirname(os.path.abspath(__file__))
cmdline = cmd_line_parser().__dict__
init(root, cmdline)
if conf["show_version"]:
exit()
# 启动漏洞扫描器
scanner = threading.Thread(target=start)
scanner.setDaemon(True)
scanner.start()
# 启动从文件加载HTTP请求发送
http_scan = threading.Thread(target=scan)
http_scan.start()
# 启动代理服务器
baseproxy = AsyncMitmProxy(server_addr=conf["server_addr"], https=True)
try:
baseproxy.serve_forever()
except KeyboardInterrupt:
scanner.join(0.1)
threading.Thread(target=baseproxy.shutdown, daemon=True).start()
deinit()
print("\n[*] User quit")
baseproxy.server_close()
def _init_plugins():
# 加载所有插件
_plugins = []
for root, dirs, files in os.walk(PATH['plugins']):
files = filter(lambda x: not x.startswith("__") and x.endswith(".py"),
files)
for _ in files:
if len(INCLUDE_PLUGINS) == 1 and INCLUDE_PLUGINS[0] == 'all':
pass
else:
if "loader.py" not in INCLUDE_PLUGINS:
INCLUDE_PLUGINS.append("loader.py")
if _ not in INCLUDE_PLUGINS:
continue
if _ in EXCLUDE_PLUGINS:
continue
filename = os.path.join(root, _)
mod = load_file_to_module(filename)
try:
mod = mod.W13SCAN()
getattr(mod, 'name', 'unknown plugin')
plugin = os.path.splitext(_)[0]
plugin_type = os.path.split(root)[1]
if getattr(mod, 'type', None) is None:
setattr(mod, 'type', plugin_type)
KB["registered"][plugin] = mod
except AttributeError:
logger.error('Filename:{} not class "{}"'.format(_, 'W13SCAN'))
logger.info('Load plugin:{}'.format(len(KB["registered"])))
def run_threads(num_threads, thread_function, args: tuple = ()):
threads = []
try:
info_msg = "Staring {0} threads".format(num_threads)
logger.info(info_msg)
# Start the threads
for num_threads in range(num_threads):
thread = threading.Thread(target=exception_handled_function,
name=str(num_threads),
args=(thread_function, args))
thread.setDaemon(True)
try:
thread.start()
except Exception as ex:
err_msg = "error occurred while starting new thread ('{0}')".format(
str(ex))
logger.critical(err_msg)
break
threads.append(thread)
# And wait for them to all finish
alive = True
while alive:
alive = False
for thread in threads:
if thread.isAlive():
alive = True
time.sleep(0.1)
except KeyboardInterrupt as ex:
KB['continue'] = False
if num_threads > 1:
logger.info("waiting for threads to finish{0}".format(
" (Ctrl+C was pressed)" if isinstance(ex, KeyboardInterrupt
) else ""))
try:
while threading.activeCount() > 1:
pass
except KeyboardInterrupt:
raise
except Exception as ex:
logger.error("thread {0}: {1}".format(
threading.currentThread().getName(), str(ex)))
traceback.print_exc()
finally:
Share.dataToStdout('\n')
def load_file_to_module(file_path):
if '' not in importlib.machinery.SOURCE_SUFFIXES:
importlib.machinery.SOURCE_SUFFIXES.append('')
try:
module_name = 'plugin_{0}'.format(
get_filename(file_path, with_ext=False))
spec = importlib.util.spec_from_file_location(module_name,
file_path,
loader=PocLoader(
module_name,
file_path))
mod = importlib.util.module_from_spec(spec)
spec.loader.exec_module(mod)
return mod
except ImportError:
error_msg = "load module failed! '{}'".format(file_path)
logger.error(error_msg)
raise