def _init_tampers(self):
self.tampers = {}
# use \x0 as delimeter
# sqlmap --list-tamper | grep '^\*' | sed 's;^\* \(.*\.py\) - ;\1\x0;' > tamper/tamper_list
with open('tamper/tamper_list') as tamper_file:
for i in tamper_file:
(name, describe) = i.rstrip().split('\x00')
self.tampers[cb(name)] = label.new(describe)
def _build_target_notebook(self, target_nb):
target_nb.add_events(d.EventMask.SCROLL_MASK
| d.EventMask.SMOOTH_SCROLL_MASK)
target_nb.connect('scroll-event', self.scroll_page)
# 目标url
name_store = g.ListStore(int, str)
name_store.append([1, "http://www.site.com/vuln.php?id=1"])
_url_area = Box()
m._url_combobox.set_model(name_store)
m._url_combobox.set_entry_text_column(1)
_url_area.pack_start(m._url_combobox, True, True, 0)
_burp_area = Box()
m._burp_logfile_chooser.connect('clicked',
self._handlers.set_file_entry_text,
[m._burp_logfile])
_burp_area.pack_start(m._burp_logfile, True, True, 0)
_burp_area.pack_start(m._burp_logfile_chooser, False, True, 0)
_request_area = Box()
m._request_file_chooser.connect('clicked',
self._handlers.set_file_entry_text,
[m._request_file])
_request_area.pack_start(m._request_file, True, True, 0)
_request_area.pack_start(m._request_file_chooser, False, True, 0)
_bulkfile_area = Box()
m._bulkfile_chooser.connect('clicked',
self._handlers.set_file_entry_text,
[m._bulkfile])
_bulkfile_area.pack_start(m._bulkfile, True, True, 0)
_bulkfile_area.pack_start(m._bulkfile_chooser, False, True, 0)
_configfile_area = Box()
m._configfile_chooser.connect('clicked',
self._handlers.set_file_entry_text,
[m._configfile])
_configfile_area.pack_start(m._configfile, True, True, 0)
_configfile_area.pack_start(m._configfile_chooser, False, True, 0)
_sitemap_url_area = Box()
_sitemap_url_area.pack_start(m._sitemap_url, True, True, 0)
_google_dork_area = Box()
_google_dork_area.pack_start(m._google_dork, True, True, 0)
target_nb.append_page(_url_area, label.new('目标url'))
target_nb.append_page(_burp_area, label.new('burp日志'))
target_nb.append_page(_request_area, label.new('HTTP请求'))
target_nb.append_page(_bulkfile_area, label.new('BULKFILE'))
target_nb.append_page(_configfile_area, label.new('ini文件'))
target_nb.append_page(_sitemap_url_area, label.new('xml_url'))
target_nb.append_page(_google_dork_area, label.new('GOOGLEDORK'))
def _build_page1_enumeration_limit(self, m):
f = Frame.new('limit(dump时的限制)')
_boxes = [Box() for _ in range(2)]
_boxes[0].pack_start(m._limit_area_start_ckbtn, False, True, 5)
_boxes[0].pack_start(m._limit_area_start_entry, False, True, 0)
_boxes[0].pack_start(label.new('行'), False, True, 5)
_boxes[1].pack_start(m._limit_area_stop_ckbtn, False, True, 5)
_boxes[1].pack_start(m._limit_area_stop_entry, False, True, 0)
_boxes[1].pack_start(label.new('行'), False, True, 5)
_limit_area_opts = Box(orientation=VERTICAL)
for _ in _boxes:
_limit_area_opts.pack_start(_, False, True, 10)
f.add(_limit_area_opts)
return f
def build_page6(self):
box = Box(orientation=VERTICAL, spacing=6)
box.set_border_width(10)
_boxes = [Box() for _ in range(3)]
_lang = label.new('language:')
_tooltip = label.new('tooltips:')
_boxes[0].pack_start(_lang, False, True, 10)
_boxes[0].pack_start(m._page6_lang_en_radio, False, True, 10)
_boxes[0].pack_start(m._page6_lang_zh_radio, False, True, 10)
_boxes[0].pack_start(
label.new(m._('Take effects after restarting GUI.')), False, True,
10)
_boxes[1].pack_start(_tooltip, False, True, 10)
_boxes[1].pack_start(m._page6_tooltips_en_radio, False, True, 10)
_boxes[1].pack_start(m._page6_tooltips_zh_radio, False, True, 10)
_version = '0.3.5.2'
_timestamp = '2021-01-29 04:04:35'
_url_self = 'https://github.com/needle-wang/sqlmap-gtk'
_url_tutorial = 'https://python-gtk-3-tutorial.readthedocs.io/en/latest'
_url_api = 'https://lazka.github.io/pgi-docs/Gtk-3.0/'
_url_idea = 'https://github.com/kxcode'
_about_str = f'''
1. <a href="{_url_self}" title = "{_url_self}">Website</a> VERSION: {_version}
{_timestamp}
required: python3.6+, gtk+3.20 above, python3-gi,
requests, sqlmap\n
2. use PyGObject(python3-gi + Gtk+3) to recode sqm.py
3. thanks to the idea from sqm, author: <a href="{_url_idea}" title="{_url_idea}">KINGX</a>. sqm UI with python2 + tkinter\n
4. Python GTK+3 Tutorial: <a href="{_url_tutorial}">{_url_tutorial}</a>
5. PyGObject-GTK 3.0 API: <a href="{_url_api}">{_url_api}</a>
'''
_ = label.new(_about_str)
_.set_use_markup(True)
# _.set_selectable(True)
_boxes[2].pack_start(_, False, True, 0)
box.pack_start(_boxes[0], False, True, 0)
box.pack_start(_boxes[1], False, True, 0)
box.pack_start(_boxes[2], False, True, 80)
return box
def _build_page1_enumeration_blind(self, m):
f = Frame.new('盲注选项')
_boxes = [Box() for _ in range(3)]
_boxes[0].pack_start(m._blind_area_first_ckbtn, False, True, 5)
_boxes[0].pack_start(m._blind_area_first_entry, False, True, 0)
_boxes[0].pack_start(label.new('个字符'), False, True, 5)
_boxes[1].pack_start(m._blind_area_last_ckbtn, False, True, 5)
_boxes[1].pack_start(m._blind_area_last_entry, False, True, 0)
_boxes[1].pack_start(label.new('个字符'), False, True, 5)
_boxes[2].pack_start(label.new('只适用于盲注,\n因为报错,union注入要求列数相同'), False,
True, 5)
_blind_area_opts = Box(orientation=VERTICAL)
for _ in _boxes:
_blind_area_opts.pack_start(_, False, True, 10)
f.add(_blind_area_opts)
return f
def __init__(self):
super().__init__(title='sqlmap-gtk')
self.connect('key_press_event', self.on_window_key_press_event)
self.set_icon_from_file("sqlmap_gtk.ico")
self._handlers = Handler(self, m)
# g.Box默认的orientation是HORIZONTAL
_main_box = Box(orientation=VERTICAL)
self._target_notebook = g.Notebook()
self._build_target_notebook(self._target_notebook)
_main_box.pack_start(self._target_notebook, False, True, 0)
self.main_notebook = g.Notebook()
self.main_notebook.add_events(d.EventMask.SCROLL_MASK
| d.EventMask.SMOOTH_SCROLL_MASK)
self.main_notebook.connect('scroll-event', self.scroll_page)
page1 = self._build_page1()
page2 = self._build_page2()
page3 = self._build_page3()
page4 = self._build_page4()
page5 = self._build_page5()
page6 = self._build_page6()
self.main_notebook.append_page(page1,
label.new_with_mnemonic('选项区(_1)'))
self.main_notebook.append_page(page2,
label.new_with_mnemonic('输出区(_2)'))
self.main_notebook.append_page(page3,
label.new_with_mnemonic('日志区(_3)'))
self.main_notebook.append_page(page4,
label.new_with_mnemonic('API区(_4)'))
self.main_notebook.append_page(page5,
label.new_with_mnemonic('帮助(_H)'))
self.main_notebook.append_page(page6, label.new('关于'))
_main_box.pack_start(self.main_notebook, True, True, 0)
self.add(_main_box)
# 初始化完后, 必须要有焦点, 不然按任何键都会报错, 直到操作一次UI:
# gtk_widget_event: assertion 'WIDGET_REALIZED_FOR_EVENT (widget, event)' failed`
# 获取焦点
# m._url_combobox.get_child().grab_focus()
self.set_focus(m._url_combobox.get_child())
# 添加tooltips, placeholders等
INIT_MESG(m)
# 读取 上次所有选项
self.session = Session(m)
self.session.load_from_tmp()
def __init__(self):
super().__init__(title='sqlmap-gtk')
self.connect('key_press_event', self.on_quit_by_key)
self.set_icon_from_file("static/title.ico")
self.clipboard = g.Clipboard.get(d.SELECTION_CLIPBOARD)
self._handlers = Handler(self, m)
_main_box = Box(orientation=VERTICAL)
self._target_notebook = g.Notebook()
self.build_target_notebook(self._target_notebook)
_main_box.pack_start(self._target_notebook, False, True, 0)
self.main_notebook = g.Notebook()
self.main_notebook.add_events(d.EventMask.SCROLL_MASK
| d.EventMask.SMOOTH_SCROLL_MASK)
self.main_notebook.connect('scroll-event', self.scroll_page)
page1 = self.build_page1()
page2 = self.build_page2()
page3 = self.build_page3()
page4 = self.build_page4()
page5 = self.build_page5()
page6 = self.build_page6()
_ = m._
self.main_notebook.append_page(
page1, label.new_with_mnemonic(_('OPTIONS(_1)')))
self.main_notebook.append_page(
page2, label.new_with_mnemonic(_('EXECUTION(_2)')))
self.main_notebook.append_page(page3,
label.new_with_mnemonic(_('LOG(_3)')))
self.main_notebook.append_page(
page4, label.new_with_mnemonic(_('SQLMAPAPI(_4)')))
self.main_notebook.append_page(page5,
label.new_with_mnemonic(_('HELP(_H)')))
self.main_notebook.append_page(page6, label.new(_('ABOUT')))
_main_box.pack_start(self.main_notebook, True, True, 0)
self.add(_main_box)
# 初始化完后, 必须要有焦点, 不然按任何键都会报错, 直到操作一次UI:
# gtk_widget_event: assertion 'WIDGET_REALIZED_FOR_EVENT (widget, event)' failed`
# m._url_combobox.get_child().grab_focus()
self.set_focus(m._url_combobox.get_child())
# add tooltips, placeholders
INIT_MESG(m)
self.session = Session(m)
self.session.load_from_tmp()
def build_page1_enumeration_brute_force(self, m):
_f = Frame.new(m._('Brute force'))
_brute_force_area_opts = Box(orientation=VERTICAL)
_row1 = Box()
_row1.pack_start(label.new(m._('check existence of:')), False, True, 10)
_row1.pack_start(m._brute_force_area_common_tables_ckbtn, False, True, 0)
_row1.pack_start(m._brute_force_area_common_columns_ckbtn, False, True, 5)
_row1.pack_start(m._brute_force_area_common_files_ckbtn, False, True, 0)
_brute_force_area_opts.pack_start(_row1, False, True, 5)
_f.add(_brute_force_area_opts)
return _f
def _build_page6(self):
box = Box()
_about_str = '''
1. VERSION: 0.3.4.2
2019年10月10日 08:06:05
required: python3.5+, python3-gi, sqlmap
作者: needle wang ( [email protected] )
https://github.com/needle-wang/sqlmap-gtk\n
2. 使用PyGObject(Gtk+3: python3-gi)重写sqm.py\n
3. Gtk+3教程: https://python-gtk-3-tutorial.readthedocs.io/en/latest\n
4. Gtk+3 API: https://lazka.github.io/pgi-docs/Gtk-3.0/\n\n
5. 感谢sqm带来的灵感, 其作者: KINGX ( https://github.com/kxcode ), sqm UI 使用的是python2 + tkinter
'''
box.pack_start(label.new(_about_str), True, False, 0)
return box
def build_page1_setting(self, m):
box = Box(orientation=VERTICAL)
_row0 = Box()
_sqlmap_path_label = label.new(m._('sqlmap path:'))
m._sqlmap_path_entry.set_text('sqlmap')
m._sqlmap_path_chooser.connect(
'clicked',
self._handlers.set_file_entry_text,
[m._sqlmap_path_entry]
)
_row0.pack_start(_sqlmap_path_label, False, True, 5)
_row0.pack_start(m._sqlmap_path_entry, True, True, 5)
_row0.pack_start(m._sqlmap_path_chooser, False, True, 5)
_row1 = Box()
_inject_area = self.build_page1_setting_inject(self.m)
_detection_area = self.build_page1_setting_detection(self.m)
_tech_area = self.build_page1_setting_tech(self.m)
_row1.pack_start(_inject_area, False, True, 5)
_row1.pack_start(_detection_area, True, True, 5)
_row1.pack_start(_tech_area, False, True, 5)
_row2 = Box()
# _tamper_area = self._build_page1_setting_tamper(self.m)
_optimize_area = self.build_page1_setting_optimize(self.m)
_offen_area = self.build_page1_setting_offen(self.m)
_hidden_area = self.build_page1_setting_hidden(self.m)
# _row2.pack_start(_tamper_area, False, True, 5)
_row2.pack_start(_optimize_area, False, True, 5)
_row2.pack_start(_offen_area, False, True, 5)
_row2.pack_start(_hidden_area, False, True, 5)
box.pack_start(_row0, False, True, 5)
box.pack_start(_row1, False, True, 0)
box.pack_start(_row2, False, True, 5)
scrolled = g.ScrolledWindow()
scrolled.set_policy(g.PolicyType.NEVER, g.PolicyType.ALWAYS)
scrolled.add(box)
return scrolled
def _build_page1_enumeration_brute_force(self, m):
f = Frame.new('暴破表名/列名')
_brute_force_area_opts = Box(orientation=VERTICAL)
_row1 = Box()
_row1.pack_start(label.new('检查是否存在:'), False, True, 10)
_row1.pack_start(m._brute_force_area_common_tables_ckbtn, False, True,
0)
_row1.pack_start(m._brute_force_area_common_columns_ckbtn, False, True,
5)
_row1.pack_start(m._brute_force_area_common_files_ckbtn, False, True,
0)
_brute_force_area_opts.pack_start(_row1, False, True, 5)
f.add(_brute_force_area_opts)
return f
def __init__(self):
# 目标url - burp日志 - HTTP请求...
self._url_combobox = cbb()
self._burp_logfile = FileEntry()
self._burp_logfile_chooser = btn.new_with_label('打开')
self._request_file = FileEntry()
self._request_file_chooser = btn.new_with_label('打开')
self._bulkfile = FileEntry()
self._bulkfile_chooser = btn.new_with_label('打开')
self._configfile = FileEntry()
self._configfile_chooser = btn.new_with_label('打开')
self._sitemap_url = et()
self._google_dork = et()
# 选项区(1)
# sqlmap命令语句:
self._cmd_entry = et()
# 测试(Q)
self._sqlmap_path_entry = FileEntry()
self._sqlmap_path_chooser = btn.new_with_label('打开')
# 注入选项
self._inject_area_param_ckbtn = cb('仅测参数')
self._inject_area_param_entry = et()
self._inject_area_param_filter_ckbtn = cb('仅测范围')
self._inject_area_param_filter_combobox = cbb()
self._inject_area_skip_static_ckbtn = cb('跳过不像是动态的参数')
self._inject_area_skip_ckbtn = cb('忽略参数')
self._inject_area_skip_entry = et()
self._inject_area_param_exclude_ckbtn = cb('忽略参数(正则)')
self._inject_area_param_exclude_entry = et()
self._inject_area_prefix_ckbtn = cb('payload前缀')
self._inject_area_prefix_entry = et()
self._inject_area_suffix_ckbtn = cb('payload后缀')
self._inject_area_suffix_entry = et()
self._inject_area_dbms_ckbtn = cb('固定DBMS为')
self._inject_area_dbms_combobox = cbb()
self._inject_area_dbms_cred_ckbtn = cb('DB认证')
self._inject_area_dbms_cred_entry = et()
self._inject_area_os_ckbtn = cb('固定OS为')
self._inject_area_os_entry = et()
self._inject_area_no_cast_ckbtn = cb('关闭数据类型转换')
self._inject_area_no_escape_ckbtn = cb('关掉string转义')
self._inject_area_invalid_logic_ckbtn = cb('使用布尔运算')
self._inject_area_invalid_bignum_ckbtn = cb('使用大数')
self._inject_area_invalid_str_ckbtn = cb('使用随机字串')
# 探测选项
self._detection_area_level_ckbtn = cb('探测等级(范围)')
self._detection_area_level_scale = sl(HORIZONTAL, 1, 5, 1)
self._detection_area_risk_ckbtn = cb('payload危险等级')
self._detection_area_risk_scale = sl(HORIZONTAL, 1, 3, 1)
self._detection_area_str_ckbtn = cb('指定字符串')
self._detection_area_str_entry = et()
self._detection_area_not_str_ckbtn = cb('指定字符串')
self._detection_area_not_str_entry = et()
self._detection_area_re_ckbtn = cb('指定正则')
self._detection_area_re_entry = et()
self._detection_area_code_ckbtn = cb('指定http状态码')
self._detection_area_code_entry = NumberEntry()
self._detection_area_text_only_ckbtn = cb('仅对比文本')
self._detection_area_titles_ckbtn = cb('仅对比title')
self._detection_area_smart_ckbtn = cb('寻找明显目标并测试')
# 各注入技术的选项
self._tech_area_tech_ckbtn = cb('注入技术')
self._tech_area_tech_entry = et()
self._tech_area_time_sec_ckbtn = cb('指定DB延迟几秒响应')
self._tech_area_time_sec_entry = NumberEntry()
self._tech_area_union_col_ckbtn = cb('指定最大union列数')
self._tech_area_union_col_entry = NumberEntry()
self._tech_area_union_char_ckbtn = cb('指定枚举列数时所用字符')
self._tech_area_union_char_entry = et()
self._tech_area_union_from_ckbtn = cb('指定枚举列数时from的表名')
self._tech_area_union_from_entry = et()
self._tech_area_dns_ckbtn = cb('指定DNS')
self._tech_area_dns_entry = et()
self._tech_area_second_url_ckbtn = cb('指定二阶响应的url')
self._tech_area_second_url_entry = et()
self._tech_area_second_req_ckbtn = cb('使用含二阶HTTP请求的文件:')
self._tech_area_second_req_entry = FileEntry()
self._tech_area_second_req_chooser = btn.new_with_label('打开')
# tamper脚本
self._tamper_area_tamper_view = tv(wrap_mode=g.WrapMode.CHAR)
# 性能优化
self._optimize_area_turn_all_ckbtn = cb('启用所有优化选项')
self._optimize_area_thread_num_ckbtn = cb('使用线程数:')
self._optimize_area_thread_num_spinbtn = sp.new_with_range(
2, 10, 1) # 线程最大为10
self._optimize_area_predict_ckbtn = cb('预测通常的查询结果')
self._optimize_area_keep_alive_ckbtn = cb('http连接使用keep-alive')
self._optimize_area_null_connect_ckbtn = cb('只比较响应大小报头, 不获取响应主体')
# 常用选项
self._general_area_verbose_ckbtn = cb('输出详细程度')
self._general_area_verbose_scale = sl(HORIZONTAL, 0, 6, 1)
self._general_area_finger_ckbtn = cb('精确检测DB等版本信息')
self._general_area_hex_ckbtn = cb('响应使用hex转换')
self._general_area_batch_ckbtn = cb('非交互模式, 一切皆默认')
self._page1_misc_wizard_ckbtn = cb('新手向导')
# 隐藏选项
self._hidden_area_base64_ckbtn = cb('--base64')
self._hidden_area_crack_ckbtn = cb('--crack')
self._hidden_area_debug_ckbtn = cb('--debug')
self._hidden_area_profile_ckbtn = cb('--profile')
self._hidden_area_disable_precon_ckbtn = cb('--disable-precon')
self._hidden_area_disable_stats_ckbtn = cb('--disable-stats')
self._hidden_area_force_dbms_ckbtn = cb('--force-dbms')
self._hidden_area_force_dns_ckbtn = cb('--force-dns')
self._hidden_area_force_pivoting_ckbtn = cb('--force-pivoting')
self._hidden_area_smoke_test_ckbtn = cb('--smoke-test')
self._hidden_area_live_test_ckbtn = cb('--live-test')
self._hidden_area_vuln_test_ckbtn = cb('--vuln-test')
self._hidden_area_murphy_rate_ckbtn = cb('--murphy-rate')
self._hidden_area_stop_fail_ckbtn = cb('--stop-fail')
self._hidden_area_run_case_ckbtn = cb('--run-case')
self._hidden_area_dummy_ckbtn = cb('--dummy')
self._hidden_area_api_ckbtn = cb('--api')
self._hidden_area_taskid_ckbtn = cb('--taskid')
self._hidden_area_database_ckbtn = cb('--database')
# 请求(W)
# HTTP header
self._request_area_random_agent_ckbtn = cb('随机User-Agent头')
self._request_area_mobile_ckbtn = cb('模拟手机请求')
self._request_area_user_agent_ckbtn = cb('指定User-Agent头')
self._request_area_user_agent_entry = et()
self._request_area_host_ckbtn = cb('Host头')
self._request_area_host_entry = et()
self._request_area_referer_ckbtn = cb('referer头')
self._request_area_referer_entry = et()
self._request_area_header_ckbtn = cb('额外的header(-H)')
self._request_area_header_entry = et()
self._request_area_headers_ckbtn = cb('额外的headers')
self._request_area_headers_entry = et()
# HTTP data
self._request_area_method_ckbtn = cb('指定HTTP请求方式')
self._request_area_method_entry = et(width_chars=10)
self._request_area_param_del_ckbtn = cb('指定--data=中的参数分隔符')
self._request_area_param_del_entry = et(max_length=1, width_chars=5)
self._request_area_chunked_ckbtn = cb('"分块传输"发送POST请求')
self._request_area_post_ckbtn = cb('通过POST提交data:')
self._request_area_post_entry = et()
self._request_area_cookie_ckbtn = cb('请求中要包含的Cookie:')
self._request_area_cookie_entry = et()
self._request_area_cookie_del_ckbtn = cb('指定cookie分隔符')
self._request_area_cookie_del_entry = et(width_chars=5)
self._request_area_load_cookies_ckbtn = cb('本地Cookie文件')
self._request_area_load_cookies_entry = FileEntry()
self._request_area_load_cookies_chooser = btn.new_with_label('打开')
self._request_area_drop_set_cookie_ckbtn = cb('丢弃Set-Cookie头')
self._request_area_auth_type_ckbtn = cb('http认证类型')
self._request_area_auth_type_entry = et()
self._request_area_auth_cred_ckbtn = cb('http认证账密')
self._request_area_auth_cred_entry = et()
self._request_area_auth_file_ckbtn = cb('http认证文件')
self._request_area_auth_file_entry = FileEntry()
self._request_area_auth_file_chooser = btn.new_with_label('打开')
self._request_area_csrf_method_ckbtn = cb('csrf_method')
self._request_area_csrf_method_entry = et(width_chars=10)
self._request_area_csrf_token_ckbtn = cb('csrf_token')
self._request_area_csrf_token_entry = et()
self._request_area_csrf_url_ckbtn = cb('获取csrf_token的url')
self._request_area_csrf_url_entry = et()
# request定制
self._request_area_ignore_timeouts_ckbtn = cb('忽略连接超时')
self._request_area_ignore_redirects_ckbtn = cb('忽略重定向')
self._request_area_ignore_code_ckbtn = cb('忽略错误型状态码:')
self._request_area_ignore_code_entry = et(text='401', width_chars=30)
self._request_area_skip_urlencode_ckbtn = cb('payload不使用url编码')
self._request_area_force_ssl_ckbtn = cb('强制使用HTTPS')
self._request_area_hpp_ckbtn = cb('HTTP参数污染')
self._request_area_delay_ckbtn = cb('请求间隔(秒)')
self._request_area_delay_entry = NumberEntry()
self._request_area_timeout_ckbtn = cb('超时前等几秒')
self._request_area_timeout_entry = NumberEntry()
self._request_area_retries_ckbtn = cb('超时重试次数')
self._request_area_retries_entry = NumberEntry()
self._request_area_randomize_ckbtn = cb('指定要随机改变值的参数')
self._request_area_randomize_entry = et()
self._request_area_eval_ckbtn = cb('--eval=')
self._request_area_eval_entry = et()
# 隐匿/代理
self._request_area_safe_url_ckbtn = cb('顺便掺杂地访问一个安全url')
self._request_area_safe_url_entry = et()
self._request_area_safe_post_ckbtn = cb('提交到安全url的post数据')
self._request_area_safe_post_entry = et()
self._request_area_safe_req_ckbtn = cb('从文件载入safe HTTP请求')
self._request_area_safe_req_entry = FileEntry()
self._request_area_safe_req_chooser = btn.new_with_label('打开')
self._request_area_safe_freq_ckbtn = cb('访问安全url的频率')
self._request_area_safe_freq_entry = et(width_chars=10)
self._request_area_ignore_proxy_ckbtn = cb('忽略系统默认代理')
self._request_area_proxy_ckbtn = cb('使用代理')
self._request_area_proxy_file_ckbtn = cb('代理列表文件')
self._request_area_proxy_file_entry = FileEntry()
self._request_area_proxy_file_chooser = btn.new_with_label('打开')
self._request_area_proxy_ip_label = label.new('IP:')
self._request_area_proxy_ip_entry = et()
self._request_area_proxy_port_label = label.new('PORT:')
self._request_area_proxy_port_entry = NumberEntry()
self._request_area_proxy_username_label = label.new('username:'******'password:'******'使用Tor匿名网络')
self._request_area_tor_port_ckbtn = cb('Tor端口')
self._request_area_tor_port_entry = NumberEntry()
self._request_area_tor_type_ckbtn = cb('Tor代理类型')
self._request_area_tor_type_entry = et()
self._request_area_check_tor_ckbtn = cb('检查Tor连接')
# 枚举(E)
# 枚举
self._enum_area_opts_ckbtns = (
(cb('DB banner'), cb('当前用户'), cb('当前数据库'), cb('主机名'),
cb('是否为DBA')),
(cb('用户'), cb('密码'), cb('权限'), cb('角色'), cb('库名')),
(cb('表名'), cb('列名'), cb('架构'), cb('行数'), cb('备注')),
)
# Dump(转储)
self._dump_area_dump_ckbtn = cb('dump(某库某表的条目)')
self._dump_area_repair_ckbtn = cb('重新获取有未知符号(?)的条目')
self._dump_area_statements_ckbtn = cb('获取正在运行的sql语句')
self._dump_area_search_ckbtn = cb('搜索')
self._dump_area_no_sys_db_ckbtn = cb('排除系统库')
self._dump_area_dump_all_ckbtn = cb('全部dump(拖库)')
# limit(dump时的限制)
self._limit_area_start_ckbtn = cb('始于第')
self._limit_area_start_entry = NumberEntry()
self._limit_area_stop_ckbtn = cb('止于第')
self._limit_area_stop_entry = NumberEntry()
# 盲注选项
self._blind_area_first_ckbtn = cb('从第')
self._blind_area_first_entry = NumberEntry()
self._blind_area_last_ckbtn = cb('到第')
self._blind_area_last_entry = NumberEntry()
# 数据库名, 表名, 列名...
self._meta_area_D_ckbtn = cb('指定库名')
self._meta_area_D_entry = et()
self._meta_area_T_ckbtn = cb('指定表名')
self._meta_area_T_entry = et()
self._meta_area_C_ckbtn = cb('指定列名')
self._meta_area_C_entry = et()
self._meta_area_U_ckbtn = cb('指定用户')
self._meta_area_U_entry = et()
self._meta_area_X_ckbtn = cb('排除标志符')
self._meta_area_X_entry = et()
self._meta_area_pivot_ckbtn = cb('指定Pivot列名')
self._meta_area_pivot_entry = et()
self._meta_area_where_ckbtn = cb('where子句')
self._meta_area_where_entry = et()
# 执行SQL语句
self._runsql_area_sql_query_ckbtn = cb('SQL语句:')
self._runsql_area_sql_query_entry = et()
self._runsql_area_sql_shell_ckbtn = cb('打开一个SQL交互shell')
self._runsql_area_sql_file_ckbtn = cb('本地SQL文件:')
self._runsql_area_sql_file_entry = FileEntry()
self._runsql_area_sql_file_chooser = btn.new_with_label('打开')
# 暴破表名/列名
self._brute_force_area_common_tables_ckbtn = cb('常用表名')
self._brute_force_area_common_columns_ckbtn = cb('常用列名')
self._brute_force_area_common_files_ckbtn = cb('常用文件')
# 文件(R)
# 读取远程文件
self._file_read_area_file_read_ckbtn = cb('远程文件路径(--file-read=)')
self._file_read_area_file_read_entry = et(text='/etc/passwd')
self._file_read_area_file_read_btn = btn.new_with_label('查看')
# 文件上传
self._file_write_area_udf_ckbtn = cb('注入UDF(仅限MySQL和PostgreSQL)')
self._file_write_area_shared_lib_ckbtn = cb('本地共享库路径(--shared-lib=)')
self._file_write_area_shared_lib_entry = FileEntry()
self._file_write_area_shared_lib_chooser = btn.new_with_label('打开')
self._file_write_area_file_write_ckbtn = cb('本地文件路径(--file-write=)')
self._file_write_area_file_write_entry = FileEntry()
self._file_write_area_file_write_chooser = btn.new_with_label('打开')
self._file_write_area_file_dest_ckbtn = cb('远程文件路径(--file-dest=)')
self._file_write_area_file_dest_entry = et()
# 访问后端OS
self._file_os_access_os_cmd_ckbtn = cb('执行CLI命令')
self._file_os_access_os_cmd_entry = et()
self._file_os_access_os_shell_ckbtn = cb('获取交互shell')
self._file_os_access_os_pwn_ckbtn = cb('--os-pwn')
self._file_os_access_os_smbrelay_ckbtn = cb('--os-smbrelay')
self._file_os_access_os_bof_ckbtn = cb('--os-bof')
self._file_os_access_priv_esc_ckbtn = cb('--priv-esc')
self._file_os_access_msf_path_ckbtn = cb('本地Metasploit安装路径')
self._file_os_access_msf_path_entry = FileEntry()
self._file_os_access_msf_path_chooser = btn.new_with_label('打开')
self._file_os_access_tmp_path_ckbtn = cb('远程临时目录(绝对路径)')
self._file_os_access_tmp_path_entry = et()
# 访问WIN下注册表
self._file_os_registry_reg_ckbtn = cb('键值操作:')
self._file_os_registry_reg_combobox = g.ComboBoxText.new()
self._file_os_registry_reg_key_label = label.new('键路径')
self._file_os_registry_reg_key_entry = et()
self._file_os_registry_reg_value_label = label.new('键名')
self._file_os_registry_reg_value_entry = et()
self._file_os_registry_reg_data_label = label.new('键值')
self._file_os_registry_reg_data_entry = et()
self._file_os_registry_reg_type_label = label.new('键值类型')
self._file_os_registry_reg_type_entry = et()
# 其他(T)
# 通用项
self._page1_general_check_internet_ckbtn = cb('检查与目标的网络连接')
self._page1_general_fresh_queries_ckbtn = cb('刷新此次查询')
self._page1_general_forms_ckbtn = cb('获取form表单参数并测试')
self._page1_general_parse_errors_ckbtn = cb('解析并显示响应中的错误信息')
self._page1_misc_cleanup_ckbtn = cb('清理DBMS中的入侵痕迹!')
self._page1_general_table_prefix_ckbtn = cb('临时表前缀')
self._page1_general_table_prefix_entry = et(width_chars=15)
self._page1_general_binary_fields_ckbtn = cb('有二进制值的字段')
self._page1_general_binary_fields_entry = et()
self._page1_general_preprocess_ckbtn = cb('指定预处理响应数据的脚本')
self._page1_general_preprocess_entry = et()
self._page1_general_preprocess_chooser = btn.new_with_label('打开')
self._page1_general_charset_ckbtn = cb('盲注所用的字符集合')
self._page1_general_charset_entry = et(text='0123456789abcdef')
self._page1_general_encoding_ckbtn = cb('字符编码(用于数据获取)')
self._page1_general_encoding_entry = et(text='GBK', width_chars=10)
self._page1_general_web_root_ckbtn = cb('远程web的根目录')
self._page1_general_web_root_entry = et()
self._page1_general_scope_ckbtn = cb('从代理日志过滤出目标(正则)')
self._page1_general_scope_entry = FileEntry()
self._page1_general_scope_chooser = btn.new_with_label('打开')
self._page1_general_test_filter_ckbtn = cb('测试过滤器(从payload/title选择)')
self._page1_general_test_filter_entry = et()
self._page1_general_test_skip_ckbtn = cb('测试跳过(从payload/title选择)')
self._page1_general_test_skip_entry = et()
self._page1_general_crawl_ckbtn = cb('爬网站(的层级/深度)')
self._page1_general_crawl_entry = NumberEntry()
self._page1_general_crawl_exclude_ckbtn = cb('爬站时排除(正则)页面')
self._page1_general_crawl_exclude_entry = et()
self._page1_general_traffic_file_ckbtn = cb('转存所有http流量到文本')
self._page1_general_traffic_file_entry = FileEntry()
self._page1_general_traffic_file_chooser = btn.new_with_label('打开')
self._page1_general_har_ckbtn = cb('转存至HAR文件')
self._page1_general_har_entry = FileEntry()
self._page1_general_har_chooser = btn.new_with_label('打开')
self._page1_general_flush_session_ckbtn = cb('清空目标的会话文件')
self._page1_general_dump_format_ckbtn = cb('dump结果的文件格式')
self._page1_general_dump_format_entry = et(width_chars=6)
self._page1_general_csv_del_ckbtn = cb('(csv文件的)分隔符')
self._page1_general_csv_del_entry = et(text=',',
max_length=1,
width_chars=5)
self._page1_general_save_ckbtn = cb('保存选项至INI文件')
self._page1_general_save_entry = FileEntry()
self._page1_general_save_chooser = btn.new_with_label('打开')
self._page1_general_session_file_ckbtn = cb('载入会话文件')
self._page1_general_session_file_entry = FileEntry()
self._page1_general_session_file_chooser = btn.new_with_label('打开')
self._page1_general_output_dir_ckbtn = cb('指定output目录')
self._page1_general_output_dir_entry = FileEntry()
self._page1_general_output_dir_chooser = btn.new_with_label('打开')
# 杂项
self._page1_misc_skip_waf_ckbtn = cb('跳过WAF/IPS侦测')
self._page1_misc_unstable_ckbtn = cb('为不稳定的连接调整选项')
self._page1_misc_list_tampers_ckbtn = cb('列出可用的tamper脚本')
self._page1_misc_sqlmap_shell_ckbtn = cb('打开sqlmap交互shell')
self._page1_misc_disable_color_ckbtn = cb('禁用终端输出的颜色')
self._page1_general_eta_ckbtn = cb('显示剩余时间')
self._page1_misc_gpage_ckbtn = cb('GOOGLEDORK时的页码')
self._page1_misc_gpage_spinbtn = sp.new_with_range(1, 100, 1)
self._page1_misc_beep_ckbtn = cb('响铃')
self._page1_misc_offline_ckbtn = cb('离线模式(仅使用本地会话数据)')
self._page1_misc_purge_ckbtn = cb('抹除所有本地记录!')
self._page1_misc_dependencies_ckbtn = cb('检查丢失的(非核心的)sqlmap依赖')
self._page1_misc_update_ckbtn = cb('更新sqlmap')
self._page1_misc_alert_ckbtn = cb('发现注入时运行本地命令:')
self._page1_misc_alert_entry = et()
self._page1_misc_tmp_dir_ckbtn = cb('本地临时目录')
self._page1_misc_tmp_dir_entry = FileEntry()
self._page1_misc_tmp_dir_chooser = btn.new_with_label('打开')
self._page1_misc_answers_ckbtn = cb('设置交互时的问题答案:')
self._page1_misc_answers_entry = et(text='quit=N,follow=N')
self._page1_misc_z_ckbtn = cb('使用短的助记符')
self._page1_misc_z_entry = et(text='flu,bat,ban,tec=EU...')
self._page1_misc_results_file_ckbtn = cb('指定CSV文件位置:')
self._page1_misc_results_file_entry = FileEntry()
self._page1_misc_results_file_chooser = btn.new_with_label('打开')
# 输出区(2)
# self._page2_cmdline_str_label = label.new('')
self._page2_respwan_btn = btn.new_with_label('重开终端')
self._page2_terminal = Vte.Terminal.new()
# 日志区(3)
self._page3_log_view = tv(editable=False, wrap_mode=g.WrapMode.WORD)
self._page3_read_target_btn = btn.new_with_label('查看target文件')
self._page3_clear_btn = btn.new_with_mnemonic('清空(_C)')
self._page3_read_log_btn = btn.new_with_label('查看log文件')
# API区(4)
self._page4_api_server_label = label.new('REST-JSON API server:')
self._page4_api_server_entry = et(text='127.0.0.1:8775')
self._page4_admin_token_label = label.new('Admin (secret) token:')
self._page4_admin_token_entry = et(max_length=32)
self._page4_task_new_btn = btn.new_with_label('创建任务')
self._page4_admin_list_btn = btn.new_with_label('显示任务')
self._page4_admin_flush_btn = btn.new_with_label('删除所有任务')
self._page4_clear_task_view_btn = btn.new_with_label('清空反馈的结果')
self._page4_username_label = label.new('用户名:')
self._page4_username_entry = et()
self._page4_password_label = label.new('密码:')
self._page4_password_entry = et()
self._page4_option_get_entry = et(text='url risk level')
self._page4_option_set_view = tv(wrap_mode=g.WrapMode.CHAR)
self._page4_task_view = tv(editable=False, wrap_mode=g.WrapMode.WORD)
# 帮助(H)
self._page5_manual_view = tv(editable=False, wrap_mode=g.WrapMode.WORD)
def __init__(self, language):
mo_filename = "sqlmap_gtk"
mo_base_folder = os.path.abspath("static/locale")
try:
if language == 'zh':
_zh = gettext.translation(mo_filename,
mo_base_folder,
languages = ["zh_CN"])
self._ = _zh.gettext
except FileNotFoundError as e:
print(e)
_ = self._
# 1. %s;(\('.*'\);(_(\1);g
# 2. fix _enum_area_opts_ckbtns
# TARGET
self._url_combobox = cbb()
self._burp_logfile = FileEntry()
self._burp_logfile_chooser = btn.new_with_label(_('open'))
self._request_file = FileEntry()
self._request_file_chooser = btn.new_with_label(_('open'))
self._bulkfile = FileEntry()
self._bulkfile_chooser = btn.new_with_label(_('open'))
self._configfile = FileEntry()
self._configfile_chooser = btn.new_with_label(_('open'))
self._google_dork = et()
self._direct_connect = et()
# OPTIONS(1)
# collected options:
self._cmd_entry = et()
# Inject(Q)
self._sqlmap_path_entry = FileEntry()
self._sqlmap_path_chooser = btn.new_with_label(_('open'))
# Injection
self._inject_area_param_ckbtn = cb(_('-p'))
self._inject_area_param_entry = et()
self._inject_area_param_filter_ckbtn = cb(_('--param-filter'))
self._inject_area_param_filter_combobox = cbb()
self._inject_area_skip_static_ckbtn = cb(_('--skip-static'))
self._inject_area_skip_ckbtn = cb(_('--skip'))
self._inject_area_skip_entry = et()
self._inject_area_param_exclude_ckbtn = cb(_('--param-exclude'))
self._inject_area_param_exclude_entry = et()
self._inject_area_prefix_ckbtn = cb(_('--prefix'))
self._inject_area_prefix_entry = et()
self._inject_area_suffix_ckbtn = cb(_('--suffix'))
self._inject_area_suffix_entry = et()
self._inject_area_dbms_ckbtn = cb(_('--dbms'))
self._inject_area_dbms_combobox = cbb()
self._inject_area_dbms_cred_ckbtn = cb(_('--dbms-cred'))
self._inject_area_dbms_cred_entry = et()
self._inject_area_os_ckbtn = cb(_('--os'))
self._inject_area_os_entry = et()
self._inject_area_no_cast_ckbtn = cb(_('--no-cast'))
self._inject_area_no_escape_ckbtn = cb(_('--no-escape'))
self._inject_area_invalid_bignum_ckbtn = cb(_('--invalid-bignum'))
self._inject_area_invalid_logical_ckbtn = cb(_('--invalid-logical'))
self._inject_area_invalid_string_ckbtn = cb(_('--invalid-string'))
# Detection
self._detection_area_level_ckbtn = cb(_('--level'))
self._detection_area_level_scale = sl(HORIZONTAL, 1, 5, 1)
self._detection_area_risk_ckbtn = cb(_('--risk'))
self._detection_area_risk_scale = sl(HORIZONTAL, 1, 3, 1)
self._detection_area_str_ckbtn = cb(_('--string'))
self._detection_area_str_entry = et()
self._detection_area_not_str_ckbtn = cb(_('--not-string'))
self._detection_area_not_str_entry = et()
self._detection_area_re_ckbtn = cb(_('--regexp'))
self._detection_area_re_entry = et()
self._detection_area_code_ckbtn = cb(_('--code'))
self._detection_area_code_entry = NumberEntry()
self._detection_area_text_only_ckbtn = cb(_('--text-only'))
self._detection_area_titles_ckbtn = cb(_('--titles'))
self._detection_area_smart_ckbtn = cb(_('--smart'))
self._detection_area_level_note = label(label = _("Level 1(default): all GET, POST fields\n"
"Level 2 append: Cookie\n"
"Level 3 append: User-Agent/Referer\n"
"Level 4 append: ?\n"
"Level 5 append: Host header"),
halign = g.Align.START)
self._detection_area_risk_note = label(label = _("Risk 1(default): no risk\n"
"Risk 2 append: Time-Based Blind\n"
"Risk 3 append: \"OR\"-Based Blind"),
halign = g.Align.START)
# Technique
self._tech_area_tech_ckbtn = cb(_('--technique'))
self._tech_area_tech_entry = et()
self._tech_area_time_sec_ckbtn = cb(_('--time-sec'))
self._tech_area_time_sec_entry = NumberEntry()
self._tech_area_union_col_ckbtn = cb(_('--union-cols'))
self._tech_area_union_col_entry = NumberEntry()
self._tech_area_union_char_ckbtn = cb(_('--union-char'))
self._tech_area_union_char_entry = et()
self._tech_area_union_from_ckbtn = cb(_('--union-from'))
self._tech_area_union_from_entry = et()
self._tech_area_dns_ckbtn = cb(_('--dns-domain'))
self._tech_area_dns_entry = et()
self._tech_area_second_url_ckbtn = cb(_('--second-url'))
self._tech_area_second_url_entry = et()
self._tech_area_second_req_ckbtn = cb('%s:' % _('--second-req'))
self._tech_area_second_req_entry = FileEntry()
self._tech_area_second_req_chooser = btn.new_with_label(_('open'))
# Tamper
# self._tamper_frame = Frame.new(_('--tamper'))
# self._tamper_area_tamper_view = tv(wrap_mode = g.WrapMode.CHAR)
# Optimize
self._optimize_area_turn_all_ckbtn = cb(_('-o'))
self._optimize_area_thread_num_ckbtn = cb(_('--threads'))
self._optimize_area_thread_num_spinbtn = sp.new_with_range(2, 10, 1)
self._optimize_area_predict_ckbtn = cb(_('--predict-output'))
self._optimize_area_keep_alive_ckbtn = cb(_('--keep-alive'))
self._optimize_area_null_connect_ckbtn = cb(_('--null-connection'))
# Offen
self._general_area_verbose_ckbtn = cb(_('-v'))
self._general_area_verbose_scale = sl(HORIZONTAL, 0, 6, 1)
self._general_area_finger_ckbtn = cb(_('--fingerprint'))
self._general_area_hex_ckbtn = cb(_('--hex'))
self._general_area_batch_ckbtn = cb(_('--batch'))
self._misc_area_wizard_ckbtn = cb(_('--wizard'))
# Hidden
self._hidden_area_crack_ckbtn = cb(_('--crack'))
self._hidden_area_debug_ckbtn = cb(_('--debug'))
self._hidden_area_profile_ckbtn = cb(_('--profile'))
self._hidden_area_disable_precon_ckbtn = cb(_('--disable-precon'))
self._hidden_area_disable_stats_ckbtn = cb(_('--disable-stats'))
self._hidden_area_force_dbms_ckbtn = cb(_('--force-dbms'))
self._hidden_area_force_dns_ckbtn = cb(_('--force-dns'))
self._hidden_area_force_pivoting_ckbtn = cb(_('--force-pivoting'))
self._hidden_area_smoke_test_ckbtn = cb(_('--smoke-test'))
self._hidden_area_live_test_ckbtn = cb(_('--live-test'))
self._hidden_area_vuln_test_ckbtn = cb(_('--vuln-test'))
self._hidden_area_murphy_rate_ckbtn = cb(_('--murphy-rate'))
self._hidden_area_stop_fail_ckbtn = cb(_('--stop-fail'))
self._hidden_area_run_case_ckbtn = cb(_('--run-case'))
self._hidden_area_dummy_ckbtn = cb(_('--dummy'))
self._hidden_area_api_ckbtn = cb(_('--api'))
self._hidden_area_taskid_ckbtn = cb(_('--taskid'))
self._hidden_area_database_ckbtn = cb(_('--database'))
# Request(W)
# HTTP header
self._request_area_random_agent_ckbtn = cb(_('--random-agent'))
self._request_area_mobile_ckbtn = cb(_('--mobile'))
self._request_area_user_agent_ckbtn = cb(_('--user-agent'))
self._request_area_user_agent_entry = et()
self._request_area_host_ckbtn = cb(_('--host'))
self._request_area_host_entry = et()
self._request_area_referer_ckbtn = cb(_('--referer'))
self._request_area_referer_entry = et()
self._request_area_header_ckbtn = cb(_('--header(-H)'))
self._request_area_header_entry = et()
self._request_area_headers_ckbtn = cb(_('--headers'))
self._request_area_headers_entry = et()
# HTTP data
self._request_area_method_ckbtn = cb(_('--method'))
self._request_area_method_entry = et(width_chars = 10)
self._request_area_param_del_ckbtn = cb(_('--param-del'))
self._request_area_param_del_entry = et(max_length = 1, width_chars = 5)
self._request_area_chunked_ckbtn = cb(_('--chunked'))
self._request_area_post_ckbtn = cb(_('--data'))
self._request_area_post_entry = et()
self._request_area_cookie_ckbtn = cb(_('--cookie'))
self._request_area_cookie_entry = et()
self._request_area_cookie_del_ckbtn = cb(_('--cookie-del'))
self._request_area_cookie_del_entry = et(width_chars = 5)
self._request_area_drop_set_cookie_ckbtn = cb(_('--drop-set-cookie'))
self._request_area_live_cookies_ckbtn = cb(_('--live-cookies'))
self._request_area_live_cookies_entry = FileEntry()
self._request_area_live_cookies_chooser = btn.new_with_label(_('open'))
self._request_area_load_cookies_ckbtn = cb(_('--load-cookies'))
self._request_area_load_cookies_entry = FileEntry()
self._request_area_load_cookies_chooser = btn.new_with_label(_('open'))
self._request_area_auth_type_ckbtn = cb(_('--auth-type'))
self._request_area_auth_type_entry = et()
self._request_area_auth_cred_ckbtn = cb(_('--auth-cred'))
self._request_area_auth_cred_entry = et()
self._request_area_auth_file_ckbtn = cb(_('--auth-file'))
self._request_area_auth_file_entry = FileEntry()
self._request_area_auth_file_chooser = btn.new_with_label(_('open'))
self._request_area_csrf_method_ckbtn = cb(_('--csrf-method'))
self._request_area_csrf_method_entry = et(width_chars = 10)
self._request_area_csrf_retries_ckbtn = cb(_('--csrf-retries'))
self._request_area_csrf_retries_entry = NumberEntry()
self._request_area_csrf_token_ckbtn = cb(_('--csrf-token'))
self._request_area_csrf_token_entry = et()
self._request_area_csrf_url_ckbtn = cb(_('--csrf-url'))
self._request_area_csrf_url_entry = et()
# Request custom
self._request_area_ignore_timeouts_ckbtn = cb(_('--ignore-timeouts'))
self._request_area_ignore_redirects_ckbtn = cb(_('--ignore-redirects'))
self._request_area_ignore_code_ckbtn = cb(_('--ignore-code'))
self._request_area_ignore_code_entry = et(text = '401', width_chars = 30)
self._request_area_skip_urlencode_ckbtn = cb(_('--skip-urlencode'))
self._request_area_force_ssl_ckbtn = cb(_('--force-ssl'))
self._request_area_hpp_ckbtn = cb(_('--hpp'))
self._request_area_delay_ckbtn = cb(_('--delay'))
self._request_area_delay_entry = NumberEntry()
self._request_area_timeout_ckbtn = cb(_('--timeout'))
self._request_area_timeout_entry = NumberEntry()
self._request_area_retries_ckbtn = cb(_('--retries'))
self._request_area_retries_entry = NumberEntry()
self._request_area_randomize_ckbtn = cb(_('--randomize'))
self._request_area_randomize_entry = et()
self._request_area_eval_ckbtn = cb(_('--eval'))
self._request_area_eval_entry = et()
# Anonymous/Proxy
self._request_area_safe_url_ckbtn = cb(_('--safe-url'))
self._request_area_safe_url_entry = et()
self._request_area_safe_post_ckbtn = cb(_('--safe-post'))
self._request_area_safe_post_entry = et()
self._request_area_safe_req_ckbtn = cb(_('--safe-req'))
self._request_area_safe_req_entry = FileEntry()
self._request_area_safe_req_chooser = btn.new_with_label(_('open'))
self._request_area_safe_freq_ckbtn = cb(_('--safe-freq'))
self._request_area_safe_freq_entry = et(width_chars = 10)
self._request_area_ignore_proxy_ckbtn = cb(_('--ignore-proxy'))
self._request_area_proxy_freq_ckbtn = cb(_('--proxy-freq'))
self._request_area_proxy_freq_entry = NumberEntry()
self._request_area_proxy_file_ckbtn = cb(_('--proxy-file'))
self._request_area_proxy_file_entry = FileEntry()
self._request_area_proxy_file_chooser = btn.new_with_label(_('open'))
self._request_area_proxy_ckbtn = cb(_('--proxy'))
self._request_area_proxy_ip_label = label.new('IP:')
self._request_area_proxy_ip_entry = et()
self._request_area_proxy_port_label = label.new('PORT:')
self._request_area_proxy_port_entry = NumberEntry()
self._request_area_proxy_username_label = label.new(_('username:'******'passwd:'))
self._request_area_proxy_password_entry = et()
self._request_area_tor_ckbtn = cb(_('--tor'))
self._request_area_tor_port_ckbtn = cb(_('--tor-port'))
self._request_area_tor_port_entry = NumberEntry()
self._request_area_tor_type_ckbtn = cb(_('--tor-type'))
self._request_area_tor_type_entry = et()
self._request_area_check_tor_ckbtn = cb(_('--check-tor'))
# Enumerate(E)
# Enumeration
self._init_enum_area_opts(_)
# Dump
self._dump_area_dump_ckbtn = cb(_('--dump'))
self._dump_area_repair_ckbtn = cb(_('--repair'))
self._dump_area_statements_ckbtn = cb(_('--statements'))
self._dump_area_search_ckbtn = cb(_('--search'))
self._dump_area_no_sys_db_ckbtn = cb(_('--exclude-sysdbs'))
self._dump_area_dump_all_ckbtn = cb(_('--dump-all'))
# Limit(when dump)
self._limit_area_start_ckbtn = cb(_('--start'))
self._limit_area_start_entry = NumberEntry()
self._limit_area_stop_ckbtn = cb(_('--stop'))
self._limit_area_stop_entry = NumberEntry()
# Blind inject options
self._blind_area_first_ckbtn = cb(_('--first'))
self._blind_area_first_entry = NumberEntry()
self._blind_area_last_ckbtn = cb(_('--last'))
self._blind_area_last_entry = NumberEntry()
# DB, Table, Column name...
self._meta_area_D_ckbtn = cb(_('-D'))
self._meta_area_D_entry = et()
self._meta_area_T_ckbtn = cb(_('-T'))
self._meta_area_T_entry = et()
self._meta_area_C_ckbtn = cb(_('-C'))
self._meta_area_C_entry = et()
self._meta_area_U_ckbtn = cb(_('-U'))
self._meta_area_U_entry = et()
self._meta_area_X_ckbtn = cb(_('-X'))
self._meta_area_X_entry = et()
self._meta_area_pivot_ckbtn = cb(_('--pivot-column'))
self._meta_area_pivot_entry = et()
self._meta_area_where_ckbtn = cb(_('--where'))
self._meta_area_where_entry = et()
# Execute SQL
self._runsql_area_sql_query_ckbtn = cb(_('--sql-query'))
self._runsql_area_sql_query_entry = et()
self._runsql_area_sql_shell_ckbtn = cb(_('--sql-shell'))
self._runsql_area_sql_file_ckbtn = cb(_('--sql-file'))
self._runsql_area_sql_file_entry = FileEntry()
self._runsql_area_sql_file_chooser = btn.new_with_label(_('open'))
# Brute force
self._brute_force_area_common_tables_ckbtn = cb(_('--common-tables'))
self._brute_force_area_common_columns_ckbtn = cb(_('--common-columns'))
self._brute_force_area_common_files_ckbtn = cb(_('--common-files'))
# File(R)
# Read remote file
self._file_read_area_file_read_ckbtn = cb(_('--file-read'))
self._file_read_area_file_read_entry = et(text = '/etc/passwd')
self._file_read_area_file_read_btn = btn.new_with_label(_('cat'))
# Upload local file
self._file_write_area_udf_ckbtn = cb(_('--udf-inject'))
self._file_write_area_shared_lib_ckbtn = cb(_('--shared-lib'))
self._file_write_area_shared_lib_entry = FileEntry()
self._file_write_area_shared_lib_chooser = btn.new_with_label(_('open'))
self._file_write_area_file_write_ckbtn = cb(_('--file-write'))
self._file_write_area_file_write_entry = FileEntry()
self._file_write_area_file_write_chooser = btn.new_with_label(_('open'))
self._file_write_area_file_dest_ckbtn = cb(_('--file-dest'))
self._file_write_area_file_dest_entry = et()
# Access to the OS behind the DBMS
self._os_access_area_os_cmd_ckbtn = cb(_('--os-cmd'))
self._os_access_area_os_cmd_entry = et()
self._os_access_area_os_shell_ckbtn = cb(_('--os-shell'))
self._os_access_area_os_pwn_ckbtn = cb('--os-pwn')
self._os_access_area_os_smbrelay_ckbtn = cb('--os-smbrelay')
self._os_access_area_os_bof_ckbtn = cb('--os-bof')
self._os_access_area_priv_esc_ckbtn = cb('--priv-esc')
self._os_access_area_msf_path_ckbtn = cb(_('--msf-path'))
self._os_access_area_msf_path_entry = FileEntry()
self._os_access_area_msf_path_chooser = btn.new_with_label(_('open'))
self._os_access_area_tmp_path_ckbtn = cb(_('--tmp-path'))
self._os_access_area_tmp_path_entry = et()
# Access to register in remote WIN
self._registry_area_reg_ckbtn = cb(_('operate:'))
self._registry_area_reg_combobox = g.ComboBoxText.new()
self._registry_area_reg_key_label = label.new(_('--reg-key'))
self._registry_area_reg_key_entry = et()
self._registry_area_reg_value_label = label.new(_('--reg-value'))
self._registry_area_reg_value_entry = et()
self._registry_area_reg_data_label = label.new(_('--reg-data'))
self._registry_area_reg_data_entry = et()
self._registry_area_reg_type_label = label.new(_('--reg-type'))
self._registry_area_reg_type_entry = et()
# Other(T)
# General
self._general_area_check_internet_ckbtn = cb(_('--check-internet'))
self._general_area_fresh_queries_ckbtn = cb(_('--fresh-queries'))
self._general_area_forms_ckbtn = cb(_('--forms'))
self._general_area_parse_errors_ckbtn = cb(_('--parse-errors'))
self._misc_area_cleanup_ckbtn = cb(_('--cleanup'))
self._general_area_base64_ckbtn = cb(_('--base64'))
self._general_area_base64_entry = et()
self._general_area_base64_safe_ckbtn = cb(_('--base64-safe'))
self._general_area_table_prefix_ckbtn = cb(_('--table-prefix'))
self._general_area_table_prefix_entry = et(width_chars = 15)
self._general_area_binary_fields_ckbtn = cb(_('--binary-fields'))
self._general_area_binary_fields_entry = et()
self._general_area_preprocess_ckbtn = cb(_('--preprocess'))
self._general_area_preprocess_entry = et()
self._general_area_preprocess_chooser = btn.new_with_label(_('open'))
self._general_area_postprocess_ckbtn = cb(_('--postprocess'))
self._general_area_postprocess_entry = et()
self._general_area_postprocess_chooser = btn.new_with_label(_('open'))
self._general_area_charset_ckbtn = cb(_('--charset'))
self._general_area_charset_entry = et(text = '0123456789abcdef')
self._general_area_encoding_ckbtn = cb(_('--encoding'))
self._general_area_encoding_entry = et(text = 'GBK', width_chars = 10)
self._general_area_web_root_ckbtn = cb(_('--web-root'))
self._general_area_web_root_entry = et()
self._general_area_scope_ckbtn = cb(_('--scope'))
self._general_area_scope_entry = FileEntry()
self._general_area_scope_chooser = btn.new_with_label(_('open'))
self._general_area_test_filter_ckbtn = cb(_('--test-filter'))
self._general_area_test_filter_entry = et()
self._general_area_test_skip_ckbtn = cb(_('--test-skip'))
self._general_area_test_skip_entry = et()
self._general_area_crawl_ckbtn = cb(_('--crawl'))
self._general_area_crawl_entry = NumberEntry()
self._general_area_crawl_exclude_ckbtn = cb(_('--crawl-exclude'))
self._general_area_crawl_exclude_entry = et()
self._general_area_traffic_file_ckbtn = cb(_('-t'))
self._general_area_traffic_file_entry = FileEntry()
self._general_area_traffic_file_chooser = btn.new_with_label(_('open'))
self._general_area_har_ckbtn = cb(_('--har'))
self._general_area_har_entry = FileEntry()
self._general_area_har_chooser = btn.new_with_label(_('open'))
self._general_area_flush_session_ckbtn = cb("<b>%s</b>" % '--flush-session')
self._general_area_dump_format_ckbtn = cb(_('--dump-format'))
self._general_area_dump_format_entry = et(width_chars = 6)
self._general_area_csv_del_ckbtn = cb(_('--csv-del'))
self._general_area_csv_del_entry = et(text = ',', max_length = 1, width_chars = 5)
self._general_area_save_ckbtn = cb(_('--save'))
self._general_area_save_entry = FileEntry()
self._general_area_save_chooser = btn.new_with_label(_('open'))
self._general_area_session_file_ckbtn = cb(_('-s'))
self._general_area_session_file_entry = FileEntry()
self._general_area_session_file_chooser = btn.new_with_label(_('open'))
self._general_area_output_dir_ckbtn = cb(_('--output-dir'))
self._general_area_output_dir_entry = FileEntry()
self._general_area_output_dir_chooser = btn.new_with_label(_('open'))
# Misc
self._misc_area_skip_heuristics_ckbtn = cb(_('--skip-heuristics'))
self._misc_area_skip_waf_ckbtn = cb(_('--skip-waf'))
self._misc_area_unstable_ckbtn = cb(_('--unstable'))
self._misc_area_list_tampers_ckbtn = cb(_('--list-tampers'))
self._misc_area_sqlmap_shell_ckbtn = cb(_('--sqlmap-shell'))
self._misc_area_disable_color_ckbtn = cb(_('--disable-coloring'))
self._general_area_eta_ckbtn = cb(_('--eta'))
self._misc_area_gpage_ckbtn = cb(_('--gpage'))
self._misc_area_gpage_spinbtn = sp.new_with_range(1, 100, 1)
self._misc_area_beep_ckbtn = cb(_('--beep'))
self._misc_area_offline_ckbtn = cb(_('--offline'))
self._misc_area_purge_ckbtn = cb("<b>%s</b>" % '--purge')
self._misc_area_dependencies_ckbtn = cb(_('--dependencies'))
self._misc_area_update_ckbtn = cb(_('--update'))
self._misc_area_alert_ckbtn = cb(_('--alert'))
self._misc_area_alert_entry = et()
self._misc_area_tmp_dir_ckbtn = cb(_('--tmp-dir'))
self._misc_area_tmp_dir_entry = FileEntry()
self._misc_area_tmp_dir_chooser = btn.new_with_label(_('open'))
self._misc_area_answers_ckbtn = cb(_('--answers'))
self._misc_area_answers_entry = et(text = 'quit=N,follow=N')
self._misc_area_z_ckbtn = cb(_('-z'))
self._misc_area_z_entry = et(text = 'flu,bat,ban,tec=EU...')
self._misc_area_results_file_ckbtn = cb(_('--results-file'))
self._misc_area_results_file_entry = FileEntry()
self._misc_area_results_file_chooser = btn.new_with_label(_('open'))
# Tamper
self._init_tampers()
# EXECUTION(2)
self._page2_respwan_btn = btn.new_with_label(_('reopen'))
self._page2_right_btn = btn.new_with_label(_('context menu'))
self._page2_terminal = Vte.Terminal.new()
# LOG(3)
self._page3_log_view = tv(editable = False, wrap_mode = g.WrapMode.WORD)
self._page3_read_target_btn = btn.new_with_label(_('view target file'))
self._page3_clear_btn = btn.new_with_mnemonic(_('clear buffer(_C)'))
self._page3_read_log_btn = btn.new_with_label(_('view log file'))
# SQLMAPAPI(4)
self._page4_api_server_label = label.new('REST-JSON API server:')
self._page4_api_server_entry = et(text = '127.0.0.1:8775')
self._page4_admin_token_label = label.new('Admin (secret) token:')
self._page4_admin_token_entry = et(max_length = 32)
self._page4_task_new_btn = btn.new_with_label(_('create task'))
self._page4_admin_list_btn = btn.new_with_label(_('view tasks'))
self._page4_admin_flush_btn = btn.new_with_label(_('delete all tasks'))
self._page4_clear_task_view_btn = btn.new_with_label(_('clear view'))
self._page4_username_label = label.new(_('username:'******'passwd:'))
self._page4_password_entry = et()
self._page4_option_get_entry = et(text = 'url risk level')
self._page4_option_set_view = tv(wrap_mode = g.WrapMode.CHAR)
self._page4_task_view = tv(editable = False, wrap_mode = g.WrapMode.WORD)
# HELP(H)
self._page5_manual_view = tv(editable = False, wrap_mode = g.WrapMode.WORD)
# ABOUT
self._page6_lang_en_radio = g.RadioButton.new_with_label_from_widget(None, 'en')
self._page6_lang_zh_radio = g.RadioButton.new_from_widget(self._page6_lang_en_radio)
self._page6_lang_zh_radio.set_label('zh')
self._page6_tooltips_en_radio = g.RadioButton.new_with_label_from_widget(None, 'en')
self._page6_tooltips_zh_radio = g.RadioButton.new_from_widget(self._page6_tooltips_en_radio)
self._page6_tooltips_zh_radio.set_label('zh')
def build_page1_setting_inject(self, m):
_f = Frame.new(m._('Injection'))
_boxes = [Box() for _ in range(13)]
m._inject_area_param_ckbtn.connect(
'clicked',
self.cb_single, m._detection_area_level_ckbtn)
i = 0
_boxes[i].pack_start(m._inject_area_param_ckbtn, False, True, 5)
_boxes[i].pack_start(m._inject_area_param_entry, True, True, 5)
_ = g.ListStore(str)
for _data in (["GET"], ["POST"], ["URI"],
["Cookie"], ["User-Agent"], ["Referer"],
["Host"], ["(custom) POST"], ["(custom) HEADER"]):
_.append(_data)
m._inject_area_param_filter_combobox.set_model(_)
m._inject_area_param_filter_combobox.set_entry_text_column(0)
m._inject_area_param_filter_combobox.set_active(0)
m._inject_area_param_filter_combobox.get_child().set_editable(False)
i += 1
_boxes[i].pack_start(m._inject_area_param_filter_ckbtn, False, True, 5)
_boxes[i].pack_start(m._inject_area_param_filter_combobox, True, True, 5)
# set_active(True)为选中状态
m._inject_area_skip_static_ckbtn.set_active(True)
i += 1
_boxes[i].pack_start(m._inject_area_skip_static_ckbtn, False, True, 5)
i += 1
_boxes[i].pack_start(m._inject_area_skip_ckbtn, False, True, 5)
_boxes[i].pack_start(m._inject_area_skip_entry, True, True, 5)
i += 1
_boxes[i].pack_start(m._inject_area_param_exclude_ckbtn, False, True, 5)
_boxes[i].pack_start(m._inject_area_param_exclude_entry, True, True, 5)
i += 1
_boxes[i].pack_start(m._inject_area_prefix_ckbtn, False, True, 5)
_boxes[i].pack_start(m._inject_area_prefix_entry, True, True, 5)
i += 1
_boxes[i].pack_start(m._inject_area_suffix_ckbtn, False, True, 5)
_boxes[i].pack_start(m._inject_area_suffix_entry, True, True, 5)
_ = g.ListStore(str)
_.append(["postgresql"])
_.append(["MySQL <version>"])
_.append(["Microsoft SQL Server <version>"])
m._inject_area_dbms_combobox.set_model(_)
m._inject_area_dbms_combobox.set_entry_text_column(0)
i += 1
_boxes[i].pack_start(m._inject_area_dbms_ckbtn, False, True, 5)
_boxes[i].pack_start(m._inject_area_dbms_combobox, True, True, 5)
i += 1
_boxes[i].pack_start(m._inject_area_dbms_cred_ckbtn, False, True, 5)
_boxes[i].pack_start(m._inject_area_dbms_cred_entry, True, True, 5)
i += 1
_boxes[i].pack_start(m._inject_area_os_ckbtn, False, True, 5)
_boxes[i].pack_start(m._inject_area_os_entry, True, True, 5)
i += 1
_boxes[i].pack_start(m._inject_area_no_cast_ckbtn, False, True, 5)
_boxes[i].pack_start(m._inject_area_no_escape_ckbtn, False, True, 5)
_invalid_label = label.new('payload\'s invalid value:')
_invalid_label.set_tooltip_text('default:\nTrue: id=13, False: id=-13')
i += 1
_boxes[i].pack_start(_invalid_label, False, True, 5)
_boxes[i].pack_end(m._inject_area_invalid_bignum_ckbtn, False, True, 5)
i += 1
_boxes[i].pack_end(m._inject_area_invalid_string_ckbtn, False, True, 5)
_boxes[i].pack_end(m._inject_area_invalid_logical_ckbtn, False, True, 5)
_inject_area_opts = Box(orientation=VERTICAL, spacing=3)
for _ in _boxes:
_inject_area_opts.add(_)
_f.add(_inject_area_opts)
return _f
def _build_page1_setting_inject(self, m):
f = Frame.new('注入选项')
_boxes = [Box() for _ in range(13)]
m._inject_area_param_ckbtn.connect('clicked', self.cb_single,
m._detection_area_level_ckbtn)
_boxes[0].pack_start(m._inject_area_param_ckbtn, False, True, 5)
_boxes[0].pack_start(m._inject_area_param_entry, True, True, 5)
_ = g.ListStore(str)
_.append(["GET"])
_.append(["POST"])
_.append(["URI"])
_.append(["Cookie"])
_.append(["User-Agent"])
_.append(["Referer"])
_.append(["Host"])
_.append(["(custom) POST"])
_.append(["(custom) HEADER"])
m._inject_area_param_filter_combobox.set_model(_)
m._inject_area_param_filter_combobox.set_entry_text_column(0)
m._inject_area_param_filter_combobox.set_active(0)
m._inject_area_param_filter_combobox.get_child().set_editable(False)
_boxes[1].pack_start(m._inject_area_param_filter_ckbtn, False, True, 5)
_boxes[1].pack_start(m._inject_area_param_filter_combobox, True, True,
5)
# set_active(True)为选中状态
m._inject_area_skip_static_ckbtn.set_active(True)
_boxes[2].pack_start(m._inject_area_skip_static_ckbtn, False, True, 5)
_boxes[3].pack_start(m._inject_area_skip_ckbtn, False, True, 5)
_boxes[3].pack_start(m._inject_area_skip_entry, True, True, 5)
_boxes[4].pack_start(m._inject_area_param_exclude_ckbtn, False, True,
5)
_boxes[4].pack_start(m._inject_area_param_exclude_entry, True, True, 5)
_boxes[5].pack_start(m._inject_area_prefix_ckbtn, False, True, 5)
_boxes[5].pack_start(m._inject_area_prefix_entry, True, True, 5)
_boxes[6].pack_start(m._inject_area_suffix_ckbtn, False, True, 5)
_boxes[6].pack_start(m._inject_area_suffix_entry, True, True, 5)
_ = g.ListStore(str)
_.append(["postgresql"])
_.append(["MySQL <version>"])
_.append(["Microsoft SQL Server <version>"])
m._inject_area_dbms_combobox.set_model(_)
m._inject_area_dbms_combobox.set_entry_text_column(0)
_boxes[7].pack_start(m._inject_area_dbms_ckbtn, False, True, 5)
_boxes[7].pack_start(m._inject_area_dbms_combobox, True, True, 5)
_boxes[8].pack_start(m._inject_area_dbms_cred_ckbtn, False, True, 5)
_boxes[8].pack_start(m._inject_area_dbms_cred_entry, True, True, 5)
_boxes[9].pack_start(m._inject_area_os_ckbtn, False, True, 5)
_boxes[9].pack_start(m._inject_area_os_entry, True, True, 5)
_boxes[10].pack_start(m._inject_area_no_cast_ckbtn, False, True, 5)
_boxes[10].pack_start(m._inject_area_no_escape_ckbtn, False, True, 5)
_invalid_label = label.new('对payload中无效值:')
_invalid_label.set_tooltip_text('默认情况下, 要使原参数值无效时会改成相反数\n'
'真: id=13 假: id=-13')
_boxes[11].pack_start(_invalid_label, False, True, 5)
_boxes[11].pack_end(m._inject_area_invalid_logic_ckbtn, False, True, 5)
_boxes[12].pack_end(m._inject_area_invalid_str_ckbtn, False, True, 5)
_boxes[12].pack_end(m._inject_area_invalid_bignum_ckbtn, False, True,
5)
_inject_area_opts = Box(orientation=VERTICAL, spacing=3)
for _ in _boxes:
_inject_area_opts.add(_)
f.add(_inject_area_opts)
return f
def build_target_notebook(self, target_nb):
target_nb.add_events(d.EventMask.SCROLL_MASK
| d.EventMask.SMOOTH_SCROLL_MASK)
target_nb.connect('scroll-event', self.scroll_page)
# --url
name_store = g.ListStore(int, str)
name_store.append([1, "http://www.site.com/vuln.php?id=1"])
_url_area = Box()
m._url_combobox.set_model(name_store)
m._url_combobox.set_entry_text_column(1)
_url_area.pack_start(m._url_combobox, True, True, 0)
_burp_area = Box()
m._burp_logfile_chooser.connect('clicked',
self._handlers.set_file_entry_text,
[m._burp_logfile])
_burp_area.pack_start(m._burp_logfile, True, True, 0)
_burp_area.pack_start(m._burp_logfile_chooser, False, True, 0)
_request_area = Box()
m._request_file_chooser.connect('clicked',
self._handlers.set_file_entry_text,
[m._request_file])
_request_area.pack_start(m._request_file, True, True, 0)
_request_area.pack_start(m._request_file_chooser, False, True, 0)
_bulkfile_area = Box()
m._bulkfile_chooser.connect('clicked',
self._handlers.set_file_entry_text,
[m._bulkfile])
_bulkfile_area.pack_start(m._bulkfile, True, True, 0)
_bulkfile_area.pack_start(m._bulkfile_chooser, False, True, 0)
_configfile_area = Box()
m._configfile_chooser.connect('clicked',
self._handlers.set_file_entry_text,
[m._configfile])
_configfile_area.pack_start(m._configfile, True, True, 0)
_configfile_area.pack_start(m._configfile_chooser, False, True, 0)
_google_dork_area = Box()
_google_dork_area.pack_start(m._google_dork, True, True, 0)
_direct_connect_area = Box()
m._direct_connect.set_text(
'mysql://*****:*****@DBMS_IP:DBMS_PORT/DATABASE_NAME or '
'access://DATABASE_FILEPATH')
_direct_connect_area.pack_start(m._direct_connect, True, True, 0)
_ = m._
target_nb.append_page(_url_area, label.new(_('-u URL')))
target_nb.append_page(_burp_area, label.new(_('-l LOGFILE')))
target_nb.append_page(_request_area, label.new(_('-r REQUESTFILE')))
target_nb.append_page(_bulkfile_area, label.new(_('-m BULKFILE')))
target_nb.append_page(_configfile_area, label.new(_('-c CONFIGFILE')))
target_nb.append_page(_google_dork_area, label.new(_('-g GOOGLEDORK')))
target_nb.append_page(_direct_connect_area, label.new(_('-d DIRECT')))