def run_config(self):
'''run a configuration menu'''
config_keys = self.config.keys()
choice = ''
while choice not in ['done','back','quit','exit',99,'99']:
bbqcore.show_banner()
http_main_menu = bbqcore.CreateMenu(self.menu_text, [])
for ki in xrange(len(config_keys)):
key = config_keys[ki]
print "\t%d) %s" % (ki,key)
if self[key]['value'] is not None:
print "\t Value: %s" % self[key]['value']
print "\n\t99) Go back to the main menu"
print "\n"
self.validate()
#get input
choice = (raw_input(bbqcore.setprompt(self.prompt_text)))
#convert to int
try:
choice = int(choice)
except ValueError:
pass
if choice in range(len(config_keys)):
key = config_keys[choice]
bbqcore.show_banner()
print "Parameter : %s" % key
print "Value : %s" % repr(self[key]['value'])
print "Allowed types: %s" % repr([t.__name__ for t in self[key]['types']])
print "Required : %s" % repr(self[key]['required'])
desc = self[key]['description'].split("\n")
desc = "\n\t\t".join(desc)
print "Description : %s" % desc
self.validate()
print "\nPlease enter a new value for %s.\n" % key
try:
value = raw_input(bbqcore.setprompt(self.prompt_text,config_keys[choice]))
try:
value = eval(value)
except:
pass
self[key]['value'] = value
except KeyboardInterrupt:
pass
if choice in ['exit','quit']:
bbqcore.ExitBBQ(0)
def __init__(self):
try:
requests_config = RequestsConfig()
bbqsql_config = bbqsqlConfig()
results = None
valid = False
# intitial user menu
choice = ""
while choice not in ["99", 99, "quit", "exit"]:
bbqcore.show_banner()
show_main_menu = bbqcore.CreateMenu(text.main_text, text.main_menu)
# special case of list item 99
print "\n 99) Exit the bbqsql injection toolkit\n"
rvalid = requests_config.validate()
bvalid = bbqsql_config.validate()
valid = rvalid and bvalid
if results:
print results
# mainc ore menu
choice = raw_input(bbqcore.setprompt())
if choice == "1":
requests_config.run_config()
if choice == "2":
bbqsql_config.run_config()
if choice == "3":
# Export Config
attack_config = RawConfigParser()
attack_config.add_section("Request Config")
attack_config.add_section("HTTP Config")
for key, val in requests_config.get_config().iteritems():
attack_config.set("Request Config", key, val)
for key, val in bbqsql_config.get_config().iteritems():
attack_config.set("HTTP Config", key, val)
with open("attack.cfg", "wb") as configfile:
attack_config.write(configfile)
if choice == "4":
# somehow populate this VVV tmp_config dict with stuff from file
tmp_req_config = dict()
tmp_http_config = dict()
attack_config = RawConfigParser()
attack_config.read("attack.cfg")
for key, val in attack_config.items("Request Config"):
tmp_req_config[key] = val
for key, val in attack_config.items("HTTP Config"):
tmp_http_config[key] = val
requests_config.set_config(tmp_req_config)
bbqsql_config.set_config(tmp_http_config)
if choice == "5" and valid:
# clear out results
results = None
# combine them into one dictionary
attack_config = {}
attack_config.update(requests_config.get_config())
attack_config.update(bbqsql_config.get_config())
# delete unwanted config params before sending the config along
for key in exclude_parms:
if key in attack_config:
del (attack_config[key])
# launch attack
bbq = bbqsql.BlindSQLi(**attack_config)
results = bbq.run()
# output to a file if thats what they're into
if bbqsql_config["csv_output_file"]["value"] is not None:
f = open(bbqsql_config["csv_output_file"]["value"], "w")
f.write("\n".join(results))
f.close()
# delete stuff
del (bbq)
bbqcore.ExitBBQ(0)
# ## handle keyboard interrupts
except KeyboardInterrupt:
print "\n\n Cath you later " + bbqcore.bcolors.RED + "@" + bbqcore.bcolors.ENDC + " the dinner table."